Analysis Overview
SHA256
27eab496d0b63d52c18cee063110d9d479523b58426bfcb58e420a5cae087c54
Threat Level: Known bad
The file krnl_bootstrapper.exe was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer
Downloads MZ/PE file
Reads user/profile data of web browsers
Checks whether UAC is enabled
Drops Chrome extension
Checks computer location settings
Executes dropped EXE
Drops file in Program Files directory
Loads dropped DLL
Enumerates physical storage devices
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Modifies Internet Explorer settings
Modifies registry class
Modifies data under HKEY_USERS
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Modifies system certificate store
MITRE ATT&CK
Enterprise Matrix V6
Analysis: static1
Detonation Overview
Reported
2023-04-29 20:02
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2023-04-29 20:02
Reported
2023-04-29 20:05
Platform
win7-20230220-en
Max time kernel
43s
Max time network
156s
Command Line
Signatures
Lumma Stealer
Downloads MZ/PE file
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Documents\krnl\7za.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\7za.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe"
C:\Users\Admin\Documents\krnl\7za.exe
"C:\Users\Admin\Documents\krnl\7za.exe" x "C:\Users\Admin\Documents\krnl\bin\Monaco.zip" -o"C:\Users\Admin\Documents\krnl\bin" -aoa -bsp1
C:\Users\Admin\Documents\krnl\7za.exe
"C:\Users\Admin\Documents\krnl\7za.exe" x "C:\Users\Admin\Documents\krnl\bin\src.7z" -o"C:\Users\Admin\Documents\krnl\bin" -aoa -bsp1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6609758,0x7fef6609768,0x7fef6609778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1164 --field-trial-handle=1212,i,17421680975810033843,6372008783442124136,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1488 --field-trial-handle=1212,i,17421680975810033843,6372008783442124136,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1608 --field-trial-handle=1212,i,17421680975810033843,6372008783442124136,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2196 --field-trial-handle=1212,i,17421680975810033843,6372008783442124136,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2228 --field-trial-handle=1212,i,17421680975810033843,6372008783442124136,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Users\Admin\Documents\krnl\krnlss.exe
"C:\Users\Admin\Documents\krnl\krnlss.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1396 --field-trial-handle=1212,i,17421680975810033843,6372008783442124136,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=996 --field-trial-handle=1212,i,17421680975810033843,6372008783442124136,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3936 --field-trial-handle=1212,i,17421680975810033843,6372008783442124136,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3956 --field-trial-handle=1212,i,17421680975810033843,6372008783442124136,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | cdn.krnl.place | udp |
| DE | 170.187.189.97:443 | cdn.krnl.place | tcp |
| DE | 170.187.189.97:443 | cdn.krnl.place | tcp |
| DE | 170.187.189.97:443 | cdn.krnl.place | tcp |
| DE | 170.187.189.97:443 | cdn.krnl.place | tcp |
| DE | 170.187.189.97:443 | cdn.krnl.place | tcp |
| DE | 170.187.189.97:443 | cdn.krnl.place | tcp |
| DE | 170.187.189.97:443 | cdn.krnl.place | tcp |
| US | 8.8.8.8:53 | k-storage.com | udp |
| US | 188.114.97.0:443 | k-storage.com | tcp |
| US | 188.114.97.0:443 | k-storage.com | tcp |
| US | 8.8.8.8:53 | sslcom.repository.certum.pl | udp |
| NL | 95.101.74.145:80 | sslcom.repository.certum.pl | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| DE | 172.217.23.206:443 | apis.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | tcp |
| NL | 216.58.214.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2cs35.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | e2c9.gcp.gvt2.com | udp |
| IN | 35.207.193.180:443 | e2cs35.gcp.gvt2.com | tcp |
| ID | 34.101.114.154:443 | e2c9.gcp.gvt2.com | tcp |
| IN | 35.207.193.180:443 | e2cs35.gcp.gvt2.com | tcp |
| ID | 34.101.114.154:443 | e2c9.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| NL | 142.250.179.131:443 | beacons.gvt2.com | tcp |
| NL | 142.250.179.131:443 | beacons.gvt2.com | udp |
Files
memory/1940-54-0x0000000000110000-0x000000000023A000-memory.dmp
memory/1940-55-0x0000000004A30000-0x0000000004A70000-memory.dmp
memory/1940-57-0x0000000000600000-0x000000000060A000-memory.dmp
memory/1940-56-0x0000000000600000-0x000000000060A000-memory.dmp
memory/1940-58-0x0000000002130000-0x000000000213A000-memory.dmp
\Users\Admin\Documents\krnl\7za.exe
| MD5 | ec79cabd55a14379e4d676bb17d9e3df |
| SHA1 | 15626d505da35bfdb33aea5c8f7831f616cabdba |
| SHA256 | 44a55f5d9c31d0990de47b9893e0c927478930cef06fbe2d1f520a6d6cba587d |
| SHA512 | 00bbb601a685cbfb3c51c1da9f3b77c2b318c79e87d88a31c0e215288101753679e1586b170ccc9c2cb0b5ce05c2090c0737a1e4a616ad1d9658392066196d47 |
C:\Users\Admin\Documents\krnl\7za.exe
| MD5 | ec79cabd55a14379e4d676bb17d9e3df |
| SHA1 | 15626d505da35bfdb33aea5c8f7831f616cabdba |
| SHA256 | 44a55f5d9c31d0990de47b9893e0c927478930cef06fbe2d1f520a6d6cba587d |
| SHA512 | 00bbb601a685cbfb3c51c1da9f3b77c2b318c79e87d88a31c0e215288101753679e1586b170ccc9c2cb0b5ce05c2090c0737a1e4a616ad1d9658392066196d47 |
C:\Users\Admin\Documents\krnl\7za.exe
| MD5 | ec79cabd55a14379e4d676bb17d9e3df |
| SHA1 | 15626d505da35bfdb33aea5c8f7831f616cabdba |
| SHA256 | 44a55f5d9c31d0990de47b9893e0c927478930cef06fbe2d1f520a6d6cba587d |
| SHA512 | 00bbb601a685cbfb3c51c1da9f3b77c2b318c79e87d88a31c0e215288101753679e1586b170ccc9c2cb0b5ce05c2090c0737a1e4a616ad1d9658392066196d47 |
\Users\Admin\Documents\krnl\7za.exe
| MD5 | ec79cabd55a14379e4d676bb17d9e3df |
| SHA1 | 15626d505da35bfdb33aea5c8f7831f616cabdba |
| SHA256 | 44a55f5d9c31d0990de47b9893e0c927478930cef06fbe2d1f520a6d6cba587d |
| SHA512 | 00bbb601a685cbfb3c51c1da9f3b77c2b318c79e87d88a31c0e215288101753679e1586b170ccc9c2cb0b5ce05c2090c0737a1e4a616ad1d9658392066196d47 |
C:\Users\Admin\Documents\krnl\bin\Monaco.zip
| MD5 | 1a19fd7c42169c76e75e685dca02c190 |
| SHA1 | f16b4697bcd348d44965bf9ded731523db9bd606 |
| SHA256 | d686209afbbe718dc0506356e934ff190c1259a174aba12ef40a2fe7a014a331 |
| SHA512 | 93d27188aab662ffffd78cfc31d100f161656ef37fe4f420a2cc2d514c935bce85b1e9b54eb374c94ba0ac75d0624e24676f8e359c32c9d3485aa5d7bbb14dd4 |
C:\Users\Admin\Documents\krnl\7za.exe
| MD5 | ec79cabd55a14379e4d676bb17d9e3df |
| SHA1 | 15626d505da35bfdb33aea5c8f7831f616cabdba |
| SHA256 | 44a55f5d9c31d0990de47b9893e0c927478930cef06fbe2d1f520a6d6cba587d |
| SHA512 | 00bbb601a685cbfb3c51c1da9f3b77c2b318c79e87d88a31c0e215288101753679e1586b170ccc9c2cb0b5ce05c2090c0737a1e4a616ad1d9658392066196d47 |
\Users\Admin\Documents\krnl\7za.exe
| MD5 | ec79cabd55a14379e4d676bb17d9e3df |
| SHA1 | 15626d505da35bfdb33aea5c8f7831f616cabdba |
| SHA256 | 44a55f5d9c31d0990de47b9893e0c927478930cef06fbe2d1f520a6d6cba587d |
| SHA512 | 00bbb601a685cbfb3c51c1da9f3b77c2b318c79e87d88a31c0e215288101753679e1586b170ccc9c2cb0b5ce05c2090c0737a1e4a616ad1d9658392066196d47 |
C:\Users\Admin\Documents\krnl\bin\src.7z
| MD5 | 7c380ecd5bc2cd51511d0ee5b58df745 |
| SHA1 | 615749979477621579dd9b04ada8d4dcd9430f1e |
| SHA256 | 38e1b82e4c9a2a8159c1c60afe7668855351a6e9b52fb13f6dcc633202abaf07 |
| SHA512 | 110836411f3b44f1df8ecc5890f59d7b5b10d6175f627cc160f0fa5bbc72408c1463ac7067d9787ff9a18e50b9460edf2e2f0b3a418532cc9a273965da1cc1de |
memory/1940-329-0x0000000004A30000-0x0000000004A70000-memory.dmp
memory/1940-330-0x0000000000600000-0x000000000060A000-memory.dmp
memory/1940-333-0x0000000000600000-0x000000000060A000-memory.dmp
\??\pipe\crashpad_1800_RRPSMKVXZDURPSTO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000004.dbtmp
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\Documents\krnl\krnlss.exe
| MD5 | 4d7c519cc2127f785d13694d7a281f33 |
| SHA1 | 6d5d49494ca03fb99f7124197296d43c68d0c027 |
| SHA256 | 6da486f47b7cdc5f54bad208ae48a25e3f1827fed64d1455c9d986b68d37f7b5 |
| SHA512 | 50ec05f9cf9b6c4309be0b18f40124b703700672fe784bf3d12c470e647409cb5824dce79f7a4db2e5be83b3be8879f248c1549e37e6633cb7369909527e99a5 |
C:\Users\Admin\Documents\krnl\krnlss.exe
| MD5 | 4d7c519cc2127f785d13694d7a281f33 |
| SHA1 | 6d5d49494ca03fb99f7124197296d43c68d0c027 |
| SHA256 | 6da486f47b7cdc5f54bad208ae48a25e3f1827fed64d1455c9d986b68d37f7b5 |
| SHA512 | 50ec05f9cf9b6c4309be0b18f40124b703700672fe784bf3d12c470e647409cb5824dce79f7a4db2e5be83b3be8879f248c1549e37e6633cb7369909527e99a5 |
C:\Users\Admin\Documents\krnl\krnlss.exe.config
| MD5 | 0ed4b3831ff5e91dff636145f68aac4c |
| SHA1 | 2d1140812945dc1b9e400a88c911803639cb2e49 |
| SHA256 | 03962ae5a55dfc70e2717771a9a7aa37b956b2c5b4c62e3cff9fe24360250347 |
| SHA512 | 4039d0272678777ba6fa496baf875050bd4c29352fffd37af8c3c07fb2abeedc54ba04a3dd085b491d848e951ccfcbd67ec7ba50a10ec0c624df45e98c18bf1c |
memory/2324-617-0x0000000000820000-0x00000000009A4000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Cab76E7.tmp
| MD5 | fc4666cbca561e864e7fdf883a9e6661 |
| SHA1 | 2f8d6094c7a34bf12ea0bbf0d51ee9c5bb7939a5 |
| SHA256 | 10f3deb6c452d749a7451b5d065f4c0449737e5ee8a44f4d15844b503141e65b |
| SHA512 | c71f54b571e01f247f072be4bbebdf5d8410b67eb79a61e7e0d9853fe857ab9bd12f53e6af3394b935560178107291fc4be351b27deb388eba90ba949633d57d |
C:\Users\Admin\AppData\Local\Temp\Tar770A.tmp
| MD5 | 73b4b714b42fc9a6aaefd0ae59adb009 |
| SHA1 | efdaffd5b0ad21913d22001d91bf6c19ecb4ac41 |
| SHA256 | c0cf8cc04c34b5b80a2d86ad0eafb2dd71436f070c86b0321fba0201879625fd |
| SHA512 | 73af3c51b15f89237552b1718bef21fd80788fa416bab2cb2e7fb3a60d56249a716eda0d2dd68ab643752272640e7eaaaf57ce64bcb38373ddc3d035fb8d57cd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 3ac860860707baaf32469fa7cc7c0192 |
| SHA1 | c33c2acdaba0e6fa41fd2f00f186804722477639 |
| SHA256 | d015145d551ecd14916270efad773bbc9fd57fad2228d2c24559f696c961d904 |
| SHA512 | d62ad2408c969a95550fb87efda50f988770ba5e39972041bf85924275baf156b8bec309ecc6409e5acdd37ec175dea40eff921ab58933b5b5b5d35a6147567c |
C:\Users\Admin\AppData\Local\Temp\Tar79B0.tmp
| MD5 | 4ff65ad929cd9a367680e0e5b1c08166 |
| SHA1 | c0af0d4396bd1f15c45f39d3b849ba444233b3a2 |
| SHA256 | c8733c93cc5aaf5ca206d06af22ee8dbdec764fb5085019a6a9181feb9dfdee6 |
| SHA512 | f530dc0d024a5a3b8903ffaaa41b608a5ccdd6da4ba1949f2c2e55a9fca475fec5c8d2119b5763cabe7ef1c3788fb9dcac621869db51d65b1d83cfe404fb4c27 |
\Users\Admin\Documents\krnl\bin\src\CefSharp.dll
| MD5 | 5f79e7737e5e8be2cf8711374c114e85 |
| SHA1 | 86eabaa284074dd2f86f856cea043061091897ef |
| SHA256 | 5b6ca21a1bc2c31640cf7bd270f8d69df7ca547d26828cabc25656b06a9f3f72 |
| SHA512 | 41ea9a9a4f666a152b17f05a01571ba1c27b07051489660e923a94366bc66225530eabd8f1e3bef3da65feaa98ede44f0105092c86d526ab30b604b88c494f95 |
memory/2324-803-0x0000000001FD0000-0x000000000200E000-memory.dmp
\Users\Admin\Documents\krnl\bin\src\CefSharp.dll
| MD5 | 5f79e7737e5e8be2cf8711374c114e85 |
| SHA1 | 86eabaa284074dd2f86f856cea043061091897ef |
| SHA256 | 5b6ca21a1bc2c31640cf7bd270f8d69df7ca547d26828cabc25656b06a9f3f72 |
| SHA512 | 41ea9a9a4f666a152b17f05a01571ba1c27b07051489660e923a94366bc66225530eabd8f1e3bef3da65feaa98ede44f0105092c86d526ab30b604b88c494f95 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.dll
| MD5 | 5f79e7737e5e8be2cf8711374c114e85 |
| SHA1 | 86eabaa284074dd2f86f856cea043061091897ef |
| SHA256 | 5b6ca21a1bc2c31640cf7bd270f8d69df7ca547d26828cabc25656b06a9f3f72 |
| SHA512 | 41ea9a9a4f666a152b17f05a01571ba1c27b07051489660e923a94366bc66225530eabd8f1e3bef3da65feaa98ede44f0105092c86d526ab30b604b88c494f95 |
\Users\Admin\Documents\krnl\bin\src\CefSharp.dll
| MD5 | 5f79e7737e5e8be2cf8711374c114e85 |
| SHA1 | 86eabaa284074dd2f86f856cea043061091897ef |
| SHA256 | 5b6ca21a1bc2c31640cf7bd270f8d69df7ca547d26828cabc25656b06a9f3f72 |
| SHA512 | 41ea9a9a4f666a152b17f05a01571ba1c27b07051489660e923a94366bc66225530eabd8f1e3bef3da65feaa98ede44f0105092c86d526ab30b604b88c494f95 |
\Users\Admin\Documents\krnl\bin\src\CefSharp.dll
| MD5 | 5f79e7737e5e8be2cf8711374c114e85 |
| SHA1 | 86eabaa284074dd2f86f856cea043061091897ef |
| SHA256 | 5b6ca21a1bc2c31640cf7bd270f8d69df7ca547d26828cabc25656b06a9f3f72 |
| SHA512 | 41ea9a9a4f666a152b17f05a01571ba1c27b07051489660e923a94366bc66225530eabd8f1e3bef3da65feaa98ede44f0105092c86d526ab30b604b88c494f95 |
memory/2324-806-0x0000000001FD0000-0x000000000200E000-memory.dmp
memory/2324-807-0x0000000004BA0000-0x0000000004BE0000-memory.dmp
memory/2324-808-0x0000000005950000-0x0000000005A0A000-memory.dmp
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.Core.dll
| MD5 | c7430597fb837d6bc7549b988bdc78a5 |
| SHA1 | 447d90f6cad3afe3d2c47fd45f730c68d3201990 |
| SHA256 | 531585fb2ae180dab6c32b577a964279d8c26a517271f05c3a22940594568f88 |
| SHA512 | 41567ff616ed0b8fd37f0095c71326fa16c23b33e390b9f224c03eaa5bb33ce06f4e0b60e1ea7ce552f1f47ea38b749a50e16a8e2fcf69f364c8f210a3ad0ae1 |
\Users\Admin\Documents\krnl\bin\src\CefSharp.Core.dll
| MD5 | c7430597fb837d6bc7549b988bdc78a5 |
| SHA1 | 447d90f6cad3afe3d2c47fd45f730c68d3201990 |
| SHA256 | 531585fb2ae180dab6c32b577a964279d8c26a517271f05c3a22940594568f88 |
| SHA512 | 41567ff616ed0b8fd37f0095c71326fa16c23b33e390b9f224c03eaa5bb33ce06f4e0b60e1ea7ce552f1f47ea38b749a50e16a8e2fcf69f364c8f210a3ad0ae1 |
\Users\Admin\Documents\krnl\bin\src\CefSharp.Core.dll
| MD5 | c7430597fb837d6bc7549b988bdc78a5 |
| SHA1 | 447d90f6cad3afe3d2c47fd45f730c68d3201990 |
| SHA256 | 531585fb2ae180dab6c32b577a964279d8c26a517271f05c3a22940594568f88 |
| SHA512 | 41567ff616ed0b8fd37f0095c71326fa16c23b33e390b9f224c03eaa5bb33ce06f4e0b60e1ea7ce552f1f47ea38b749a50e16a8e2fcf69f364c8f210a3ad0ae1 |
memory/2324-812-0x00000000066F0000-0x000000000683D000-memory.dmp
\Users\Admin\Documents\krnl\bin\src\CefSharp.Core.dll
| MD5 | c7430597fb837d6bc7549b988bdc78a5 |
| SHA1 | 447d90f6cad3afe3d2c47fd45f730c68d3201990 |
| SHA256 | 531585fb2ae180dab6c32b577a964279d8c26a517271f05c3a22940594568f88 |
| SHA512 | 41567ff616ed0b8fd37f0095c71326fa16c23b33e390b9f224c03eaa5bb33ce06f4e0b60e1ea7ce552f1f47ea38b749a50e16a8e2fcf69f364c8f210a3ad0ae1 |
\Users\Admin\Documents\krnl\bin\src\CefSharp.Core.dll
| MD5 | c7430597fb837d6bc7549b988bdc78a5 |
| SHA1 | 447d90f6cad3afe3d2c47fd45f730c68d3201990 |
| SHA256 | 531585fb2ae180dab6c32b577a964279d8c26a517271f05c3a22940594568f88 |
| SHA512 | 41567ff616ed0b8fd37f0095c71326fa16c23b33e390b9f224c03eaa5bb33ce06f4e0b60e1ea7ce552f1f47ea38b749a50e16a8e2fcf69f364c8f210a3ad0ae1 |
memory/2324-815-0x00000000066F0000-0x000000000683D000-memory.dmp
\Users\Admin\Documents\krnl\bin\src\CefSharp.Core.dll
| MD5 | c7430597fb837d6bc7549b988bdc78a5 |
| SHA1 | 447d90f6cad3afe3d2c47fd45f730c68d3201990 |
| SHA256 | 531585fb2ae180dab6c32b577a964279d8c26a517271f05c3a22940594568f88 |
| SHA512 | 41567ff616ed0b8fd37f0095c71326fa16c23b33e390b9f224c03eaa5bb33ce06f4e0b60e1ea7ce552f1f47ea38b749a50e16a8e2fcf69f364c8f210a3ad0ae1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\Documents\krnl\bin\src\libcef.dll
| MD5 | 8c51876f1b5dfbf4964732a65c1f2724 |
| SHA1 | ed5653a3a5655ba65d6221285da93799bd2517f9 |
| SHA256 | 5ae7eff0a7b91e54d211046111d088ed8820793c97ee689f20371c356af6b46e |
| SHA512 | a4bb49b64b58767fcaf5b3b889a63c0917d56c59dd48283539903a6856caf69c5ce35655e68ef8bdad1e9bc80002fd2f68fc1e46977ba68926f7a731904a7884 |
\Users\Admin\Documents\krnl\bin\src\libcef.dll
| MD5 | 8c51876f1b5dfbf4964732a65c1f2724 |
| SHA1 | ed5653a3a5655ba65d6221285da93799bd2517f9 |
| SHA256 | 5ae7eff0a7b91e54d211046111d088ed8820793c97ee689f20371c356af6b46e |
| SHA512 | a4bb49b64b58767fcaf5b3b889a63c0917d56c59dd48283539903a6856caf69c5ce35655e68ef8bdad1e9bc80002fd2f68fc1e46977ba68926f7a731904a7884 |
memory/2324-837-0x0000000004BA0000-0x0000000004BE0000-memory.dmp
\Users\Admin\Documents\krnl\bin\src\chrome_elf.dll
| MD5 | 6499ea6b92ab4971886bd06c12625819 |
| SHA1 | 5ebb75eeca7625b9511233158a02f50a92867a39 |
| SHA256 | 6820f276c0d71557a0c7b997fd2f4a3ac6a45c86454c4dc3bcfa29843b5c470b |
| SHA512 | e57703730e42eb9d80e762337e08176705b349f54fbd429edc657d44c9dc3a1f9ccfa594bc3ef622798aebb5bc69b225abb266b00f9b350ae59f734c2f31f63d |
C:\Users\Admin\Documents\krnl\bin\src\chrome_elf.dll
| MD5 | 6499ea6b92ab4971886bd06c12625819 |
| SHA1 | 5ebb75eeca7625b9511233158a02f50a92867a39 |
| SHA256 | 6820f276c0d71557a0c7b997fd2f4a3ac6a45c86454c4dc3bcfa29843b5c470b |
| SHA512 | e57703730e42eb9d80e762337e08176705b349f54fbd429edc657d44c9dc3a1f9ccfa594bc3ef622798aebb5bc69b225abb266b00f9b350ae59f734c2f31f63d |
\Users\Admin\Documents\krnl\bin\src\CefSharp.WinForms.dll
| MD5 | 5e5fe029bff022007c27d024ae7cf262 |
| SHA1 | fb7250ec8ca1acd36023b966fae61e85fe2c8ab4 |
| SHA256 | 7bee1ead1fe16cc4bae25758d1708163489724427f4b540b21ce1e943f070c3b |
| SHA512 | 60df60ca9c12295057afb10a050587010ac6326f8e636ef811bb13ef891aa19c98a54ca2e7514181f93a9622677c82d73ea13fb4e72a14f62911eb5ca9073216 |
memory/2324-851-0x0000000004B30000-0x0000000004B3E000-memory.dmp
memory/2324-854-0x0000000004B30000-0x0000000004B3E000-memory.dmp
\Users\Admin\Documents\krnl\bin\src\CefSharp.WinForms.dll
| MD5 | 5e5fe029bff022007c27d024ae7cf262 |
| SHA1 | fb7250ec8ca1acd36023b966fae61e85fe2c8ab4 |
| SHA256 | 7bee1ead1fe16cc4bae25758d1708163489724427f4b540b21ce1e943f070c3b |
| SHA512 | 60df60ca9c12295057afb10a050587010ac6326f8e636ef811bb13ef891aa19c98a54ca2e7514181f93a9622677c82d73ea13fb4e72a14f62911eb5ca9073216 |
\Users\Admin\Documents\krnl\bin\src\CefSharp.WinForms.dll
| MD5 | 5e5fe029bff022007c27d024ae7cf262 |
| SHA1 | fb7250ec8ca1acd36023b966fae61e85fe2c8ab4 |
| SHA256 | 7bee1ead1fe16cc4bae25758d1708163489724427f4b540b21ce1e943f070c3b |
| SHA512 | 60df60ca9c12295057afb10a050587010ac6326f8e636ef811bb13ef891aa19c98a54ca2e7514181f93a9622677c82d73ea13fb4e72a14f62911eb5ca9073216 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.WinForms.dll
| MD5 | 5e5fe029bff022007c27d024ae7cf262 |
| SHA1 | fb7250ec8ca1acd36023b966fae61e85fe2c8ab4 |
| SHA256 | 7bee1ead1fe16cc4bae25758d1708163489724427f4b540b21ce1e943f070c3b |
| SHA512 | 60df60ca9c12295057afb10a050587010ac6326f8e636ef811bb13ef891aa19c98a54ca2e7514181f93a9622677c82d73ea13fb4e72a14f62911eb5ca9073216 |
\Users\Admin\Documents\krnl\bin\src\CefSharp.WinForms.dll
| MD5 | 5e5fe029bff022007c27d024ae7cf262 |
| SHA1 | fb7250ec8ca1acd36023b966fae61e85fe2c8ab4 |
| SHA256 | 7bee1ead1fe16cc4bae25758d1708163489724427f4b540b21ce1e943f070c3b |
| SHA512 | 60df60ca9c12295057afb10a050587010ac6326f8e636ef811bb13ef891aa19c98a54ca2e7514181f93a9622677c82d73ea13fb4e72a14f62911eb5ca9073216 |
memory/2324-858-0x0000000004B40000-0x0000000004B4E000-memory.dmp
\Users\Admin\Documents\krnl\bin\src\CefSharp.OffScreen.dll
| MD5 | 103d84c4a22967defcbedaea6e11720f |
| SHA1 | f33ff1b8d18ba90ec6dc641dd9a6666746fc72a2 |
| SHA256 | 7984b97cf1aa2a45381bf4d1849a70c3a37527da6c433b0ff6771912c28d20f2 |
| SHA512 | 410e63fdae507b97d61b815a846a9ccfd655da4ff23e39652be182e139a974a4a26cc8d4c22057da99c42ce59f215db2f87a173d99ba9cd9a16f392671476fe7 |
\Users\Admin\Documents\krnl\bin\src\CefSharp.OffScreen.dll
| MD5 | 103d84c4a22967defcbedaea6e11720f |
| SHA1 | f33ff1b8d18ba90ec6dc641dd9a6666746fc72a2 |
| SHA256 | 7984b97cf1aa2a45381bf4d1849a70c3a37527da6c433b0ff6771912c28d20f2 |
| SHA512 | 410e63fdae507b97d61b815a846a9ccfd655da4ff23e39652be182e139a974a4a26cc8d4c22057da99c42ce59f215db2f87a173d99ba9cd9a16f392671476fe7 |
\Users\Admin\Documents\krnl\bin\src\CefSharp.OffScreen.dll
| MD5 | 103d84c4a22967defcbedaea6e11720f |
| SHA1 | f33ff1b8d18ba90ec6dc641dd9a6666746fc72a2 |
| SHA256 | 7984b97cf1aa2a45381bf4d1849a70c3a37527da6c433b0ff6771912c28d20f2 |
| SHA512 | 410e63fdae507b97d61b815a846a9ccfd655da4ff23e39652be182e139a974a4a26cc8d4c22057da99c42ce59f215db2f87a173d99ba9cd9a16f392671476fe7 |
memory/2324-861-0x0000000004B40000-0x0000000004B4E000-memory.dmp
\Users\Admin\Documents\krnl\bin\src\CefSharp.OffScreen.dll
| MD5 | 103d84c4a22967defcbedaea6e11720f |
| SHA1 | f33ff1b8d18ba90ec6dc641dd9a6666746fc72a2 |
| SHA256 | 7984b97cf1aa2a45381bf4d1849a70c3a37527da6c433b0ff6771912c28d20f2 |
| SHA512 | 410e63fdae507b97d61b815a846a9ccfd655da4ff23e39652be182e139a974a4a26cc8d4c22057da99c42ce59f215db2f87a173d99ba9cd9a16f392671476fe7 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.OffScreen.dll
| MD5 | 103d84c4a22967defcbedaea6e11720f |
| SHA1 | f33ff1b8d18ba90ec6dc641dd9a6666746fc72a2 |
| SHA256 | 7984b97cf1aa2a45381bf4d1849a70c3a37527da6c433b0ff6771912c28d20f2 |
| SHA512 | 410e63fdae507b97d61b815a846a9ccfd655da4ff23e39652be182e139a974a4a26cc8d4c22057da99c42ce59f215db2f87a173d99ba9cd9a16f392671476fe7 |
C:\Users\Admin\Documents\krnl\Bunifu_UI_v1.5.3.dll
| MD5 | 2ecb51ab00c5f340380ecf849291dbcf |
| SHA1 | 1a4dffbce2a4ce65495ed79eab42a4da3b660931 |
| SHA256 | f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf |
| SHA512 | e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b |
\Users\Admin\Documents\krnl\Bunifu_UI_v1.5.3.dll
| MD5 | 2ecb51ab00c5f340380ecf849291dbcf |
| SHA1 | 1a4dffbce2a4ce65495ed79eab42a4da3b660931 |
| SHA256 | f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf |
| SHA512 | e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b |
memory/2324-865-0x0000000005640000-0x0000000005682000-memory.dmp
\Users\Admin\Documents\krnl\Bunifu_UI_v1.5.3.dll
| MD5 | 2ecb51ab00c5f340380ecf849291dbcf |
| SHA1 | 1a4dffbce2a4ce65495ed79eab42a4da3b660931 |
| SHA256 | f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf |
| SHA512 | e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b |
memory/2324-866-0x0000000004BA0000-0x0000000004BE0000-memory.dmp
memory/2324-867-0x0000000004BA0000-0x0000000004BE0000-memory.dmp
C:\Users\Admin\Documents\krnl\ScintillaNET.dll
| MD5 | 9166536c31f4e725e6befe85e2889a4b |
| SHA1 | f0cd8253b7e64157d39a8dc5feb8cf7bda7e8dae |
| SHA256 | ad0cc5a4d4a6aae06ee360339c851892b74b8a275ce89c1b48185672179f3163 |
| SHA512 | 113a7b77d2d557d135470787deead744d42f8292d853e2b55074e9cb3591fd045ffd10e5c81b5c15dde55861b806363568611e591ae25dcb31cf011da7e72562 |
\Users\Admin\Documents\krnl\ScintillaNET.dll
| MD5 | 9166536c31f4e725e6befe85e2889a4b |
| SHA1 | f0cd8253b7e64157d39a8dc5feb8cf7bda7e8dae |
| SHA256 | ad0cc5a4d4a6aae06ee360339c851892b74b8a275ce89c1b48185672179f3163 |
| SHA512 | 113a7b77d2d557d135470787deead744d42f8292d853e2b55074e9cb3591fd045ffd10e5c81b5c15dde55861b806363568611e591ae25dcb31cf011da7e72562 |
\Users\Admin\Documents\krnl\ScintillaNET.dll
| MD5 | 9166536c31f4e725e6befe85e2889a4b |
| SHA1 | f0cd8253b7e64157d39a8dc5feb8cf7bda7e8dae |
| SHA256 | ad0cc5a4d4a6aae06ee360339c851892b74b8a275ce89c1b48185672179f3163 |
| SHA512 | 113a7b77d2d557d135470787deead744d42f8292d853e2b55074e9cb3591fd045ffd10e5c81b5c15dde55861b806363568611e591ae25dcb31cf011da7e72562 |
memory/2324-871-0x0000000007DD0000-0x0000000007F24000-memory.dmp
\Users\Admin\AppData\Local\Temp\ScintillaNET\3.6.3\x86\SciLexer.dll
| MD5 | 2ff7acfa80647ee46cc3c0e446327108 |
| SHA1 | c994820d03af722c244b046d1ee0967f1b5bc478 |
| SHA256 | 08f0cbbc5162f236c37166772be2c9b8ffd465d32df17ea9d45626c4ed2c911d |
| SHA512 | 50a9e20c5851d3a50f69651bc770885672ff4f97de32dfda55bf7488abd39a11e990525ec9152d250072acaad0c12a484155c31083d751668eb01addea5570cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 723289faca7df9329306414d17cca368 |
| SHA1 | 962b042e43e45a775ef4e90b990d05df034d72ba |
| SHA256 | 048d59f19f65961bdf3f53c9df30c9986644a2fdf91467a83f8c01b38f52b855 |
| SHA512 | a3643293a7f211b04a3e00ee971572e5b5ef72d542103aa564437284836536a056f8fc131a55ec78411cfd601420189064d4bdd8003540b0180ef2079458ac0c |
memory/2324-886-0x0000000004BA0000-0x0000000004BE0000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 05c06db75c437e32a029db3bacda2c71 |
| SHA1 | 44b7dcea5e9a2b52fa37fd22448f8bf89f48d790 |
| SHA256 | 3bac435e626b844ce86e66e6b154483a1127dfebdcd43d562fc6ab1087f3019d |
| SHA512 | 5526f4b7d3244ec8ad757bc93ecf3572ecba6d8fc2276968da687762970d91d93aebe9fa7cd6705838da7aa9fe3179b1e66bea55d49c6085fd1b44a2594dd71a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\40edab41-ccae-482f-9166-5d63ddc52a7b.tmp
| MD5 | facba56a5d4405475362ea165f37613c |
| SHA1 | bf0bf4bf11d9c18614dfd73389dd01d89cdbbfc1 |
| SHA256 | 2bbe50650cd27a134f7d0eda94fd04534c255aec83110b98b3ee52734da60357 |
| SHA512 | 8af274af808752d5bf0569f4a6ea96deb414145735d9367dd371279543e7f55be131181867c4c110824257990125f6c15169a336d0db3e3521fa21d4c533a724 |
Analysis: behavioral2
Detonation Overview
Submitted
2023-04-29 20:02
Reported
2023-04-29 20:05
Platform
win10v2004-20230220-en
Max time kernel
150s
Max time network
153s
Command Line
Signatures
Lumma Stealer
Downloads MZ/PE file
Reads user/profile data of web browsers
Checks whether UAC is enabled
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
Drops Chrome extension
| Description | Indicator | Process | Target |
| File created | C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.61.4_0\manifest.json | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-1013461898-3711306144-4198452673-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-1013461898-3711306144-4198452673-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\StudioToolbox\AssetConfig\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\Settings\Players\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\Settings\Players\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\VoiceChat\SpeakerNew\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\AnimationEditor\Checkmark.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\TerrainTools\mt_erode.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\AlignTool\button_max_24.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\DeveloperFramework\checkbox_checked_dark.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\traildot.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\Emotes\Large\SelectedLine.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\ScreenshotHud\Close.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\Settings\Slider\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\TopBar\HealthBarTV.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\TopBar\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\avatar\unification\CharacterEmulation.lua | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\AnimationEditor\FaceCaptureUI\CloseButton.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\PluginManagement\checked_dark.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\StudioToolbox\EndorsedBadge.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\dropdown_arrow.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\VoiceChat\Blank.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\AnimationEditor\button_radio_innercircle.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\RoactStudioWidgets\slider_bar_light.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\StudioToolbox\Clear.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ViewSelector\left_hover_zh_cn.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\PlatformContent\pc\textures\grass\normal.dds | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\fonts\TwemojiMozilla.ttf | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\ButtonRight.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\Controls\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\InGameMenu\ScrollBottom.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\PlayerList\AcceptButton.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\AssetManager\explorer.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\AudioDiscovery\icon.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\DeveloperFramework\checkbox_unchecked_light.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\StudioSharedUI\DEPRECATED_pending_withbg.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\icon_friendrequestrecieved-16.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\Menu\hoverPopupRight.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\VoiceChat\SpeakerLight\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\AnimationEditor\Pin.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\MaterialManager\Texture_None.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\RoactStudioWidgets\toggle_on_disable_dark.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\Controls\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\Emotes\Editor\Large\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\ScreenshotHud\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\AvatarImporter\img_light_RthroNarrow.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\DeveloperFramework\StudioTheme\clear_hover.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\FaceControlsEditor\checkbox_checked.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\RecordDown.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\Chat\MessageCounter.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\btn_newGreyGlow.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\Slider-BKG-Left-Cap.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\Input\Ring_padded.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\fonts\GothamSSm-Bold.otf | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\menuDownArrow.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\GameSettings\refresh_dark_theme.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\PivotEditor\PivotEditor.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\StudioSharedUI\preview_expand.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\PlatformContent\pc\textures\water\normal_13.dds | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\StudioUIEditor\icon_resize3.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\VoiceChat\MicDark\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\DeveloperInspector\Filter.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\Modal.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\Chat\ToggleChat.png | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| File created | C:\Program Files (x86)\Roblox\Versions\version-31b938635c234124\content\textures\ui\Emotes\[email protected] | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Documents\krnl\7za.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\7za.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
Loads dropped DLL
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\ProtocolExecute\roblox-studio\WarnOnOpen = "0" | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133272794479796897" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-1013461898-3711306144-4198452673-1000_Classes\Local Settings | C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\ = "URL: Roblox Protocol" | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\URL Protocol | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\DefaultIcon\ = "C:\\Program Files (x86)\\Roblox\\Versions\\RobloxStudioLauncherBeta.exe" | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open\command\ = "\"C:\\Program Files (x86)\\Roblox\\Versions\\RobloxStudioLauncherBeta.exe\" %1" | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\DefaultIcon | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\roblox-studio\shell\open | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\07E032E020B72C3F192F0628A2593A19A70F069E | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\07E032E020B72C3F192F0628A2593A19A70F069E\Blob = 0f0000000100000014000000a8569ccd21ef9cc5737c7a12df608c2cbc545df153000000010000006500000030633021060b2a84680186f6770205010130123010060a2b0601040182373c0101030200c03021060b2a84680186f6770205010730123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080b0000000100000034000000430065007200740075006d002000540072007500730074006500640020004e006500740077006f0072006b0020004300410000006200000001000000200000005c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e1400000001000000140000000876cdcb07ff24f6c5cdedbb90bce284374675f71d0000000100000010000000e3f9af952c6df2aaa41706a77a44c20303000000010000001400000007e032e020b72c3f192f0628a2593a19a70f069e2000000001000000bf030000308203bb308202a3a00302010202030444c0300d06092a864886f70d0101050500307e310b300906035504061302504c31223020060355040a1319556e697a65746f20546563686e6f6c6f6769657320532e412e31273025060355040b131e43657274756d2043657274696669636174696f6e20417574686f72697479312230200603550403131943657274756d2054727573746564204e6574776f726b204341301e170d3038313032323132303733375a170d3239313233313132303733375a307e310b300906035504061302504c31223020060355040a1319556e697a65746f20546563686e6f6c6f6769657320532e412e31273025060355040b131e43657274756d2043657274696669636174696f6e20417574686f72697479312230200603550403131943657274756d2054727573746564204e6574776f726b20434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e3fb7da372bac2f0c91487f56b014ee16e4007ba6d275d7ff75b2db35ac7515faba432a66187b66e0f86d2300297f8d76957a118395d6a6479c60159ac3c314a387cd204d24b28e8205f3b07a2cc4d73dbf3ae4fc756d55aa79689faf3ab68d423865927cf0927bcac6e72831c3072dfe0a2e9d2e1747519bd2a9e7b1554041bd74339ad5528c5e21abbf4c0e4ae384933cc76859f3945d2a49ef2128c51f87ce42d7ff5ac5feb169fb12dd1bacc9142774c25c990386fdbf0ccfb8e1e97593ed5604ee60528ed4979134bba48db2ff972d339cafe1fd83472f5b440cf3101c3ecde112d175d1fb850d15e19a769de073328ca5095f9a754cb54865045a9f9490203010001a3423040300f0603551d130101ff040530030101ff301d0603551d0e041604140876cdcb07ff24f6c5cdedbb90bce284374675f7300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100a6a8ad22ce013da6a3ff62d0489d8b5e72b07844e3dc1caf09fd2348fabd2ac4b95504b510a38d27de0b8263d0eede0c3779415b22b2b09a415ca670e0d4d077cb23d300e06c562fe1690d0dd9aabf218150d906a5a8ff9537d0aafee2b3f5992d45848ae54209d774022ff789d899e9bc27d4478dba0d461c77cf14a41cb9a431c49c28740334ff331926a5e90d74b73e97c676e82796a366dde1aef2415bca9856837370e4861ad23141ba2fbe2d135a766f4ee84e810e3f5b0322a012be6658114acb03c4b42a2a2d9617e03954bc48d376279d9a2d06a6c9ec39d2abdb9f9a0b27023529b14095e7f9e89c55881946d6b734f57ece399ad938f151f74f2c | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\07E032E020B72C3F192F0628A2593A19A70F069E\Blob = 1900000001000000100000001f7e750b566b128ac0b8d6576d2a70a503000000010000001400000007e032e020b72c3f192f0628a2593a19a70f069e1d0000000100000010000000e3f9af952c6df2aaa41706a77a44c2031400000001000000140000000876cdcb07ff24f6c5cdedbb90bce284374675f76200000001000000200000005c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e0b0000000100000034000000430065007200740075006d002000540072007500730074006500640020004e006500740077006f0072006b002000430041000000090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000006500000030633021060b2a84680186f6770205010130123010060a2b0601040182373c0101030200c03021060b2a84680186f6770205010730123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000a8569ccd21ef9cc5737c7a12df608c2cbc545df12000000001000000bf030000308203bb308202a3a00302010202030444c0300d06092a864886f70d0101050500307e310b300906035504061302504c31223020060355040a1319556e697a65746f20546563686e6f6c6f6769657320532e412e31273025060355040b131e43657274756d2043657274696669636174696f6e20417574686f72697479312230200603550403131943657274756d2054727573746564204e6574776f726b204341301e170d3038313032323132303733375a170d3239313233313132303733375a307e310b300906035504061302504c31223020060355040a1319556e697a65746f20546563686e6f6c6f6769657320532e412e31273025060355040b131e43657274756d2043657274696669636174696f6e20417574686f72697479312230200603550403131943657274756d2054727573746564204e6574776f726b20434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e3fb7da372bac2f0c91487f56b014ee16e4007ba6d275d7ff75b2db35ac7515faba432a66187b66e0f86d2300297f8d76957a118395d6a6479c60159ac3c314a387cd204d24b28e8205f3b07a2cc4d73dbf3ae4fc756d55aa79689faf3ab68d423865927cf0927bcac6e72831c3072dfe0a2e9d2e1747519bd2a9e7b1554041bd74339ad5528c5e21abbf4c0e4ae384933cc76859f3945d2a49ef2128c51f87ce42d7ff5ac5feb169fb12dd1bacc9142774c25c990386fdbf0ccfb8e1e97593ed5604ee60528ed4979134bba48db2ff972d339cafe1fd83472f5b440cf3101c3ecde112d175d1fb850d15e19a769de073328ca5095f9a754cb54865045a9f9490203010001a3423040300f0603551d130101ff040530030101ff301d0603551d0e041604140876cdcb07ff24f6c5cdedbb90bce284374675f7300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100a6a8ad22ce013da6a3ff62d0489d8b5e72b07844e3dc1caf09fd2348fabd2ac4b95504b510a38d27de0b8263d0eede0c3779415b22b2b09a415ca670e0d4d077cb23d300e06c562fe1690d0dd9aabf218150d906a5a8ff9537d0aafee2b3f5992d45848ae54209d774022ff789d899e9bc27d4478dba0d461c77cf14a41cb9a431c49c28740334ff331926a5e90d74b73e97c676e82796a366dde1aef2415bca9856837370e4861ad23141ba2fbe2d135a766f4ee84e810e3f5b0322a012be6658114acb03c4b42a2a2d9617e03954bc48d376279d9a2d06a6c9ec39d2abdb9f9a0b27023529b14095e7f9e89c55881946d6b734f57ece399ad938f151f74f2c | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\07E032E020B72C3F192F0628A2593A19A70F069E\Blob = 040000000100000010000000d5e98140c51869fc462c8975620faa780f0000000100000014000000a8569ccd21ef9cc5737c7a12df608c2cbc545df153000000010000006500000030633021060b2a84680186f6770205010130123010060a2b0601040182373c0101030200c03021060b2a84680186f6770205010730123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b060105050703080b0000000100000034000000430065007200740075006d002000540072007500730074006500640020004e006500740077006f0072006b0020004300410000006200000001000000200000005c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e1400000001000000140000000876cdcb07ff24f6c5cdedbb90bce284374675f71d0000000100000010000000e3f9af952c6df2aaa41706a77a44c20303000000010000001400000007e032e020b72c3f192f0628a2593a19a70f069e1900000001000000100000001f7e750b566b128ac0b8d6576d2a70a52000000001000000bf030000308203bb308202a3a00302010202030444c0300d06092a864886f70d0101050500307e310b300906035504061302504c31223020060355040a1319556e697a65746f20546563686e6f6c6f6769657320532e412e31273025060355040b131e43657274756d2043657274696669636174696f6e20417574686f72697479312230200603550403131943657274756d2054727573746564204e6574776f726b204341301e170d3038313032323132303733375a170d3239313233313132303733375a307e310b300906035504061302504c31223020060355040a1319556e697a65746f20546563686e6f6c6f6769657320532e412e31273025060355040b131e43657274756d2043657274696669636174696f6e20417574686f72697479312230200603550403131943657274756d2054727573746564204e6574776f726b20434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e3fb7da372bac2f0c91487f56b014ee16e4007ba6d275d7ff75b2db35ac7515faba432a66187b66e0f86d2300297f8d76957a118395d6a6479c60159ac3c314a387cd204d24b28e8205f3b07a2cc4d73dbf3ae4fc756d55aa79689faf3ab68d423865927cf0927bcac6e72831c3072dfe0a2e9d2e1747519bd2a9e7b1554041bd74339ad5528c5e21abbf4c0e4ae384933cc76859f3945d2a49ef2128c51f87ce42d7ff5ac5feb169fb12dd1bacc9142774c25c990386fdbf0ccfb8e1e97593ed5604ee60528ed4979134bba48db2ff972d339cafe1fd83472f5b440cf3101c3ecde112d175d1fb850d15e19a769de073328ca5095f9a754cb54865045a9f9490203010001a3423040300f0603551d130101ff040530030101ff301d0603551d0e041604140876cdcb07ff24f6c5cdedbb90bce284374675f7300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100a6a8ad22ce013da6a3ff62d0489d8b5e72b07844e3dc1caf09fd2348fabd2ac4b95504b510a38d27de0b8263d0eede0c3779415b22b2b09a415ca670e0d4d077cb23d300e06c562fe1690d0dd9aabf218150d906a5a8ff9537d0aafee2b3f5992d45848ae54209d774022ff789d899e9bc27d4478dba0d461c77cf14a41cb9a431c49c28740334ff331926a5e90d74b73e97c676e82796a366dde1aef2415bca9856837370e4861ad23141ba2fbe2d135a766f4ee84e810e3f5b0322a012be6658114acb03c4b42a2a2d9617e03954bc48d376279d9a2d06a6c9ec39d2abdb9f9a0b27023529b14095e7f9e89c55881946d6b734f57ece399ad938f151f74f2c | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\07E032E020B72C3F192F0628A2593A19A70F069E\Blob = 5c0000000100000004000000000800001900000001000000100000001f7e750b566b128ac0b8d6576d2a70a503000000010000001400000007e032e020b72c3f192f0628a2593a19a70f069e1d0000000100000010000000e3f9af952c6df2aaa41706a77a44c2031400000001000000140000000876cdcb07ff24f6c5cdedbb90bce284374675f76200000001000000200000005c58468d55f58e497e743982d2b50010b6d165374acf83a7d4a32db768c4408e0b0000000100000034000000430065007200740075006d002000540072007500730074006500640020004e006500740077006f0072006b002000430041000000090000000100000054000000305206082b0601050507030206082b06010505070303060a2b0601040182370a030406082b0601050507030406082b0601050507030606082b0601050507030706082b0601050507030106082b0601050507030853000000010000006500000030633021060b2a84680186f6770205010130123010060a2b0601040182373c0101030200c03021060b2a84680186f6770205010730123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000a8569ccd21ef9cc5737c7a12df608c2cbc545df1040000000100000010000000d5e98140c51869fc462c8975620faa782000000001000000bf030000308203bb308202a3a00302010202030444c0300d06092a864886f70d0101050500307e310b300906035504061302504c31223020060355040a1319556e697a65746f20546563686e6f6c6f6769657320532e412e31273025060355040b131e43657274756d2043657274696669636174696f6e20417574686f72697479312230200603550403131943657274756d2054727573746564204e6574776f726b204341301e170d3038313032323132303733375a170d3239313233313132303733375a307e310b300906035504061302504c31223020060355040a1319556e697a65746f20546563686e6f6c6f6769657320532e412e31273025060355040b131e43657274756d2043657274696669636174696f6e20417574686f72697479312230200603550403131943657274756d2054727573746564204e6574776f726b20434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e3fb7da372bac2f0c91487f56b014ee16e4007ba6d275d7ff75b2db35ac7515faba432a66187b66e0f86d2300297f8d76957a118395d6a6479c60159ac3c314a387cd204d24b28e8205f3b07a2cc4d73dbf3ae4fc756d55aa79689faf3ab68d423865927cf0927bcac6e72831c3072dfe0a2e9d2e1747519bd2a9e7b1554041bd74339ad5528c5e21abbf4c0e4ae384933cc76859f3945d2a49ef2128c51f87ce42d7ff5ac5feb169fb12dd1bacc9142774c25c990386fdbf0ccfb8e1e97593ed5604ee60528ed4979134bba48db2ff972d339cafe1fd83472f5b440cf3101c3ecde112d175d1fb850d15e19a769de073328ca5095f9a754cb54865045a9f9490203010001a3423040300f0603551d130101ff040530030101ff301d0603551d0e041604140876cdcb07ff24f6c5cdedbb90bce284374675f7300e0603551d0f0101ff040403020106300d06092a864886f70d01010505000382010100a6a8ad22ce013da6a3ff62d0489d8b5e72b07844e3dc1caf09fd2348fabd2ac4b95504b510a38d27de0b8263d0eede0c3779415b22b2b09a415ca670e0d4d077cb23d300e06c562fe1690d0dd9aabf218150d906a5a8ff9537d0aafee2b3f5992d45848ae54209d774022ff789d899e9bc27d4478dba0d461c77cf14a41cb9a431c49c28740334ff331926a5e90d74b73e97c676e82796a366dde1aef2415bca9856837370e4861ad23141ba2fbe2d135a766f4ee84e810e3f5b0322a012be6658114acb03c4b42a2a2d9617e03954bc48d376279d9a2d06a6c9ec39d2abdb9f9a0b27023529b14095e7f9e89c55881946d6b734f57ece399ad938f151f74f2c | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe | N/A |
| N/A | N/A | C:\Users\Admin\Documents\krnl\krnlss.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe
"C:\Users\Admin\AppData\Local\Temp\krnl_bootstrapper.exe"
C:\Users\Admin\Documents\krnl\7za.exe
"C:\Users\Admin\Documents\krnl\7za.exe" x "C:\Users\Admin\Documents\krnl\bin\Monaco.zip" -o"C:\Users\Admin\Documents\krnl\bin" -aoa -bsp1
C:\Users\Admin\Documents\krnl\7za.exe
"C:\Users\Admin\Documents\krnl\7za.exe" x "C:\Users\Admin\Documents\krnl\bin\src.7z" -o"C:\Users\Admin\Documents\krnl\bin" -aoa -bsp1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Documents\krnl\krnlss.exe
"C:\Users\Admin\Documents\krnl\krnlss.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbc9a59758,0x7ffbc9a59768,0x7ffbc9a59778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1404 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3180 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3320 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4504 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4720 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4844 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4892 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5136 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=4988 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5168 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4808 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=5412 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5088 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5668 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5756 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5332 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3188 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1780 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3236 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3436 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5788 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5148 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2708 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1644 --field-trial-handle=1812,i,4257231717680502299,12209014658905082442,131072 /prefetch:8
C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe
"C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe"
C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe
C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe --crashpad --no-rate-limit --database=C:\Users\Admin\AppData\Local\Temp\crashpad_roblox --metrics-dir=C:\Users\Admin\AppData\Local\Temp\crashpad_roblox --url=https://upload.crashes.rbxinfra.com/post --annotation=RobloxChannel=production --annotation=RobloxGitHash=84184678f9eab8ed5ceb955a9995c3213bffb741 --annotation=UploadAttachmentKiloByteLimit=100 --annotation=UploadPercentage=100 --annotation=format=minidump --annotation=token=a2440b0bfdada85f34d79b43839f2b49ea6bba474bd7d126e844bc119271a1c3 --initial-client-data=0x794,0x78c,0x790,0x798,0x79c,0x11f57bc,0x11f57cc,0x11f57dc
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.3.197.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.krnl.place | udp |
| DE | 194.233.168.129:443 | cdn.krnl.place | tcp |
| US | 8.8.8.8:53 | k-storage.com | udp |
| US | 188.114.96.0:443 | k-storage.com | tcp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.168.233.194.in-addr.arpa | udp |
| US | 188.114.96.0:443 | k-storage.com | tcp |
| US | 8.8.8.8:53 | 0.96.114.188.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | crls.ssl.com | udp |
| US | 18.65.39.32:80 | crls.ssl.com | tcp |
| US | 8.8.8.8:53 | 150.74.101.95.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 135.223.24.100.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 32.39.65.18.in-addr.arpa | udp |
| NL | 8.238.177.126:80 | tcp | |
| US | 40.125.122.176:443 | tcp | |
| US | 20.189.173.12:443 | tcp | |
| US | 8.8.8.8:53 | 203.151.224.20.in-addr.arpa | udp |
| US | 40.125.122.176:443 | tcp | |
| US | 8.8.8.8:53 | 250.255.255.239.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| DE | 172.217.23.206:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 206.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| NL | 142.251.36.46:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | clients2.googleusercontent.com | udp |
| NL | 142.251.36.1:443 | clients2.googleusercontent.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 46.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roblox.com | udp |
| US | 128.116.114.3:443 | roblox.com | tcp |
| US | 128.116.114.3:443 | roblox.com | tcp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| IN | 128.116.104.3:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | 3.114.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.104.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | css.rbxcdn.com | udp |
| US | 8.8.8.8:53 | static.rbxcdn.com | udp |
| US | 8.8.8.8:53 | js.rbxcdn.com | udp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| US | 205.185.216.42:443 | js.rbxcdn.com | tcp |
| US | 205.185.216.42:443 | js.rbxcdn.com | tcp |
| US | 205.185.216.42:443 | js.rbxcdn.com | tcp |
| US | 205.185.216.42:443 | js.rbxcdn.com | tcp |
| US | 205.185.216.42:443 | js.rbxcdn.com | tcp |
| US | 205.185.216.42:443 | js.rbxcdn.com | tcp |
| NL | 23.72.252.144:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 102.175.234.205.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.216.185.205.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 144.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | roblox-api.arkoselabs.com | udp |
| US | 104.18.42.229:443 | roblox-api.arkoselabs.com | tcp |
| US | 8.8.8.8:53 | metrics.roblox.com | udp |
| US | 8.8.8.8:53 | apis.rbxcdn.com | udp |
| NL | 23.72.252.130:443 | apis.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 200.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.42.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | locale.roblox.com | udp |
| US | 8.8.8.8:53 | apis.roblox.com | udp |
| IN | 128.116.104.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | images.rbxcdn.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 205.234.175.102:443 | css.rbxcdn.com | tcp |
| IN | 128.116.104.4:443 | apis.roblox.com | tcp |
| NL | 142.250.179.170:443 | content-autofill.googleapis.com | tcp |
| IN | 128.116.104.4:443 | apis.roblox.com | tcp |
| IN | 128.116.104.4:443 | apis.roblox.com | tcp |
| US | 8.8.8.8:53 | auth.roblox.com | udp |
| US | 93.184.220.29:80 | tcp | |
| IN | 128.116.104.3:443 | auth.roblox.com | tcp |
| US | 8.8.8.8:53 | 130.252.72.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.104.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ecsv2.roblox.com | udp |
| US | 8.8.8.8:53 | ssl.google-analytics.com | udp |
| NL | 142.250.179.168:443 | ssl.google-analytics.com | tcp |
| NL | 8.238.177.126:80 | tcp | |
| US | 8.8.8.8:53 | 168.179.250.142.in-addr.arpa | udp |
| NL | 142.250.179.170:443 | content-autofill.googleapis.com | udp |
| US | 40.125.122.176:443 | tcp | |
| US | 8.8.8.8:53 | assetgame.roblox.com | udp |
| NL | 142.250.179.168:443 | ssl.google-analytics.com | udp |
| US | 8.8.8.8:53 | contacts.roblox.com | udp |
| US | 8.8.8.8:53 | chat.roblox.com | udp |
| US | 8.8.8.8:53 | notifications.roblox.com | udp |
| US | 8.8.8.8:53 | economy.roblox.com | udp |
| US | 8.8.8.8:53 | friends.roblox.com | udp |
| US | 8.8.8.8:53 | privatemessages.roblox.com | udp |
| US | 8.8.8.8:53 | lms.roblox.com | udp |
| US | 8.8.8.8:53 | tr.rbxcdn.com | udp |
| US | 8.8.8.8:53 | thumbnails.roblox.com | udp |
| DE | 23.32.238.104:443 | tr.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | accountsettings.roblox.com | udp |
| US | 8.8.8.8:53 | trades.roblox.com | udp |
| NL | 23.72.252.144:443 | static.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | realtime.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-east-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | aws-us-west-1c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | silver.roblox.com | udp |
| US | 8.8.8.8:53 | waw1-128-116-124-3.roblox.com | udp |
| US | 8.8.8.8:53 | sin4-128-116-50-3.roblox.com | udp |
| US | 8.8.8.8:53 | fra2-128-116-123-3.roblox.com | udp |
| PL | 128.116.124.3:443 | waw1-128-116-124-3.roblox.com | tcp |
| US | 3.229.141.189:443 | aws-us-east-1c-lms.rbx.com | tcp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| DE | 128.116.123.3:443 | fra2-128-116-123-3.roblox.com | tcp |
| US | 54.67.95.246:443 | aws-us-west-1c-lms.rbx.com | tcp |
| US | 128.116.114.3:443 | silver.roblox.com | tcp |
| US | 8.8.8.8:53 | 104.238.32.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.123.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.124.116.128.in-addr.arpa | udp |
| SG | 128.116.50.3:443 | sin4-128-116-50-3.roblox.com | tcp |
| US | 8.8.8.8:53 | presence.roblox.com | udp |
| US | 8.8.8.8:53 | 189.141.229.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 246.95.67.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.50.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.211.227.13.in-addr.arpa | udp |
| US | 40.125.122.176:443 | tcp | |
| US | 8.8.8.8:53 | ncs.roblox.com | udp |
| US | 8.8.8.8:53 | games.roblox.com | udp |
| US | 8.8.8.8:53 | followings.roblox.com | udp |
| US | 8.8.8.8:53 | badges.roblox.com | udp |
| US | 8.8.8.8:53 | aws-eu-central-1a-lms.rbx.com | udp |
| US | 8.8.8.8:53 | pulsar.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-east-2c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | ams1-128-116-121-3.roblox.com | udp |
| US | 8.8.8.8:53 | aws-us-west-2c-lms.rbx.com | udp |
| US | 8.8.8.8:53 | sjc1-128-116-117-3.roblox.com | udp |
| DE | 3.123.122.247:443 | aws-eu-central-1a-lms.rbx.com | tcp |
| NL | 128.116.121.3:443 | ams1-128-116-121-3.roblox.com | tcp |
| US | 3.139.181.74:443 | aws-us-east-2c-lms.rbx.com | tcp |
| US | 52.89.249.84:443 | aws-us-west-2c-lms.rbx.com | tcp |
| US | 128.116.117.3:443 | sjc1-128-116-117-3.roblox.com | tcp |
| US | 8.8.8.8:53 | cs.ns1p.net | udp |
| SG | 52.76.26.178:443 | cs.ns1p.net | tcp |
| SG | 52.76.26.178:443 | cs.ns1p.net | tcp |
| US | 8.8.8.8:53 | voice.roblox.com | udp |
| US | 8.8.8.8:53 | s.ns1p.net | udp |
| US | 8.8.8.8:53 | accountinformation.roblox.com | udp |
| SG | 3.0.214.239:443 | s.ns1p.net | tcp |
| US | 8.8.8.8:53 | 247.122.123.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.181.139.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.121.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.249.89.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.117.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.26.76.52.in-addr.arpa | udp |
| SG | 3.0.214.239:443 | s.ns1p.net | tcp |
| US | 8.8.8.8:53 | ord2-128-116-101-3.roblox.com | udp |
| US | 128.116.101.3:443 | ord2-128-116-101-3.roblox.com | tcp |
| US | 8.8.8.8:53 | 239.214.0.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bom1-128-116-104-3.roblox.com | udp |
| US | 8.8.8.8:53 | b.ns1p.net | udp |
| US | 8.8.8.8:53 | 3.101.116.128.in-addr.arpa | udp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| US | 40.125.122.176:443 | tcp | |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| NL | 23.222.19.64:443 | clientsettingscdn.roblox.com | tcp |
| US | 8.8.8.8:53 | ephemeralcounters.api.roblox.com | udp |
| IN | 128.116.104.3:443 | ephemeralcounters.api.roblox.com | tcp |
| NL | 23.222.19.64:443 | clientsettingscdn.roblox.com | tcp |
| IN | 128.116.104.3:443 | ephemeralcounters.api.roblox.com | tcp |
| US | 8.8.8.8:53 | setup.rbxcdn.qq.com | udp |
| US | 8.8.8.8:53 | 64.19.222.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.qq.com | udp |
| US | 8.8.8.8:53 | clientsettingscdn.roblox.com | udp |
| US | 8.8.8.8:53 | setup-ak.rbxcdn.com | udp |
| US | 8.8.8.8:53 | setup-ll.rbxcdn.com | udp |
| US | 8.8.8.8:53 | setup-cfly.rbxcdn.com | udp |
| US | 8.8.8.8:53 | setup-hw.rbxcdn.com | udp |
| US | 8.8.8.8:53 | www.roblox.com | udp |
| IN | 128.116.104.3:443 | www.roblox.com | tcp |
| US | 8.8.8.8:53 | 188.155.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | setup.rbxcdn.com | udp |
| US | 205.185.216.42:443 | setup.rbxcdn.com | tcp |
| US | 8.8.8.8:53 | 36.249.124.192.in-addr.arpa | udp |
| US | 40.125.122.176:443 | tcp |
Files
memory/5036-133-0x0000000000A20000-0x0000000000B4A000-memory.dmp
memory/5036-134-0x00000000055D0000-0x00000000055E0000-memory.dmp
memory/5036-135-0x00000000055D0000-0x00000000055E0000-memory.dmp
memory/5036-136-0x0000000009DE0000-0x0000000009DE8000-memory.dmp
memory/5036-137-0x0000000009E60000-0x0000000009E98000-memory.dmp
memory/5036-138-0x0000000009E40000-0x0000000009E4E000-memory.dmp
C:\Users\Admin\Documents\krnl\7za.exe
| MD5 | ec79cabd55a14379e4d676bb17d9e3df |
| SHA1 | 15626d505da35bfdb33aea5c8f7831f616cabdba |
| SHA256 | 44a55f5d9c31d0990de47b9893e0c927478930cef06fbe2d1f520a6d6cba587d |
| SHA512 | 00bbb601a685cbfb3c51c1da9f3b77c2b318c79e87d88a31c0e215288101753679e1586b170ccc9c2cb0b5ce05c2090c0737a1e4a616ad1d9658392066196d47 |
C:\Users\Admin\Documents\krnl\7za.exe
| MD5 | ec79cabd55a14379e4d676bb17d9e3df |
| SHA1 | 15626d505da35bfdb33aea5c8f7831f616cabdba |
| SHA256 | 44a55f5d9c31d0990de47b9893e0c927478930cef06fbe2d1f520a6d6cba587d |
| SHA512 | 00bbb601a685cbfb3c51c1da9f3b77c2b318c79e87d88a31c0e215288101753679e1586b170ccc9c2cb0b5ce05c2090c0737a1e4a616ad1d9658392066196d47 |
C:\Users\Admin\Documents\krnl\bin\Monaco.zip
| MD5 | 1a19fd7c42169c76e75e685dca02c190 |
| SHA1 | f16b4697bcd348d44965bf9ded731523db9bd606 |
| SHA256 | d686209afbbe718dc0506356e934ff190c1259a174aba12ef40a2fe7a014a331 |
| SHA512 | 93d27188aab662ffffd78cfc31d100f161656ef37fe4f420a2cc2d514c935bce85b1e9b54eb374c94ba0ac75d0624e24676f8e359c32c9d3485aa5d7bbb14dd4 |
C:\Users\Admin\Documents\krnl\7za.exe
| MD5 | ec79cabd55a14379e4d676bb17d9e3df |
| SHA1 | 15626d505da35bfdb33aea5c8f7831f616cabdba |
| SHA256 | 44a55f5d9c31d0990de47b9893e0c927478930cef06fbe2d1f520a6d6cba587d |
| SHA512 | 00bbb601a685cbfb3c51c1da9f3b77c2b318c79e87d88a31c0e215288101753679e1586b170ccc9c2cb0b5ce05c2090c0737a1e4a616ad1d9658392066196d47 |
C:\Users\Admin\Documents\krnl\bin\src.7z
| MD5 | 7c380ecd5bc2cd51511d0ee5b58df745 |
| SHA1 | 615749979477621579dd9b04ada8d4dcd9430f1e |
| SHA256 | 38e1b82e4c9a2a8159c1c60afe7668855351a6e9b52fb13f6dcc633202abaf07 |
| SHA512 | 110836411f3b44f1df8ecc5890f59d7b5b10d6175f627cc160f0fa5bbc72408c1463ac7067d9787ff9a18e50b9460edf2e2f0b3a418532cc9a273965da1cc1de |
memory/5036-401-0x00000000055D0000-0x00000000055E0000-memory.dmp
memory/5036-402-0x00000000055D0000-0x00000000055E0000-memory.dmp
C:\Users\Admin\Documents\krnl\krnlss.exe
| MD5 | 4d7c519cc2127f785d13694d7a281f33 |
| SHA1 | 6d5d49494ca03fb99f7124197296d43c68d0c027 |
| SHA256 | 6da486f47b7cdc5f54bad208ae48a25e3f1827fed64d1455c9d986b68d37f7b5 |
| SHA512 | 50ec05f9cf9b6c4309be0b18f40124b703700672fe784bf3d12c470e647409cb5824dce79f7a4db2e5be83b3be8879f248c1549e37e6633cb7369909527e99a5 |
C:\Users\Admin\Documents\krnl\krnlss.exe
| MD5 | 4d7c519cc2127f785d13694d7a281f33 |
| SHA1 | 6d5d49494ca03fb99f7124197296d43c68d0c027 |
| SHA256 | 6da486f47b7cdc5f54bad208ae48a25e3f1827fed64d1455c9d986b68d37f7b5 |
| SHA512 | 50ec05f9cf9b6c4309be0b18f40124b703700672fe784bf3d12c470e647409cb5824dce79f7a4db2e5be83b3be8879f248c1549e37e6633cb7369909527e99a5 |
C:\Users\Admin\Documents\krnl\krnlss.exe.config
| MD5 | 0ed4b3831ff5e91dff636145f68aac4c |
| SHA1 | 2d1140812945dc1b9e400a88c911803639cb2e49 |
| SHA256 | 03962ae5a55dfc70e2717771a9a7aa37b956b2c5b4c62e3cff9fe24360250347 |
| SHA512 | 4039d0272678777ba6fa496baf875050bd4c29352fffd37af8c3c07fb2abeedc54ba04a3dd085b491d848e951ccfcbd67ec7ba50a10ec0c624df45e98c18bf1c |
C:\Users\Admin\Documents\krnl\krnlss.exe
| MD5 | 4d7c519cc2127f785d13694d7a281f33 |
| SHA1 | 6d5d49494ca03fb99f7124197296d43c68d0c027 |
| SHA256 | 6da486f47b7cdc5f54bad208ae48a25e3f1827fed64d1455c9d986b68d37f7b5 |
| SHA512 | 50ec05f9cf9b6c4309be0b18f40124b703700672fe784bf3d12c470e647409cb5824dce79f7a4db2e5be83b3be8879f248c1549e37e6633cb7369909527e99a5 |
memory/1576-651-0x00000000009B0000-0x0000000000B34000-memory.dmp
memory/1576-652-0x00000000058F0000-0x0000000005E94000-memory.dmp
memory/1576-653-0x00000000053E0000-0x0000000005472000-memory.dmp
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.dll
| MD5 | 5f79e7737e5e8be2cf8711374c114e85 |
| SHA1 | 86eabaa284074dd2f86f856cea043061091897ef |
| SHA256 | 5b6ca21a1bc2c31640cf7bd270f8d69df7ca547d26828cabc25656b06a9f3f72 |
| SHA512 | 41ea9a9a4f666a152b17f05a01571ba1c27b07051489660e923a94366bc66225530eabd8f1e3bef3da65feaa98ede44f0105092c86d526ab30b604b88c494f95 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.dll
| MD5 | 5f79e7737e5e8be2cf8711374c114e85 |
| SHA1 | 86eabaa284074dd2f86f856cea043061091897ef |
| SHA256 | 5b6ca21a1bc2c31640cf7bd270f8d69df7ca547d26828cabc25656b06a9f3f72 |
| SHA512 | 41ea9a9a4f666a152b17f05a01571ba1c27b07051489660e923a94366bc66225530eabd8f1e3bef3da65feaa98ede44f0105092c86d526ab30b604b88c494f95 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.dll
| MD5 | 5f79e7737e5e8be2cf8711374c114e85 |
| SHA1 | 86eabaa284074dd2f86f856cea043061091897ef |
| SHA256 | 5b6ca21a1bc2c31640cf7bd270f8d69df7ca547d26828cabc25656b06a9f3f72 |
| SHA512 | 41ea9a9a4f666a152b17f05a01571ba1c27b07051489660e923a94366bc66225530eabd8f1e3bef3da65feaa98ede44f0105092c86d526ab30b604b88c494f95 |
memory/1576-666-0x0000000006B70000-0x0000000006BAE000-memory.dmp
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.dll
| MD5 | 5f79e7737e5e8be2cf8711374c114e85 |
| SHA1 | 86eabaa284074dd2f86f856cea043061091897ef |
| SHA256 | 5b6ca21a1bc2c31640cf7bd270f8d69df7ca547d26828cabc25656b06a9f3f72 |
| SHA512 | 41ea9a9a4f666a152b17f05a01571ba1c27b07051489660e923a94366bc66225530eabd8f1e3bef3da65feaa98ede44f0105092c86d526ab30b604b88c494f95 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.dll
| MD5 | 5f79e7737e5e8be2cf8711374c114e85 |
| SHA1 | 86eabaa284074dd2f86f856cea043061091897ef |
| SHA256 | 5b6ca21a1bc2c31640cf7bd270f8d69df7ca547d26828cabc25656b06a9f3f72 |
| SHA512 | 41ea9a9a4f666a152b17f05a01571ba1c27b07051489660e923a94366bc66225530eabd8f1e3bef3da65feaa98ede44f0105092c86d526ab30b604b88c494f95 |
memory/1576-669-0x0000000006BB0000-0x0000000006BEC000-memory.dmp
memory/1576-671-0x0000000006B50000-0x0000000006B62000-memory.dmp
memory/1576-670-0x00000000055D0000-0x00000000055E0000-memory.dmp
memory/1576-672-0x0000000007210000-0x0000000007828000-memory.dmp
memory/1576-673-0x0000000006F20000-0x000000000702A000-memory.dmp
memory/1576-674-0x0000000006E50000-0x0000000006E62000-memory.dmp
memory/1576-675-0x0000000006EC0000-0x0000000006F10000-memory.dmp
memory/1576-676-0x00000000070A0000-0x0000000007106000-memory.dmp
memory/1576-677-0x0000000007110000-0x000000000714C000-memory.dmp
memory/1576-678-0x0000000007150000-0x00000000071A6000-memory.dmp
memory/1576-679-0x0000000007D60000-0x000000000828C000-memory.dmp
memory/1576-680-0x0000000007B90000-0x0000000007BB2000-memory.dmp
memory/1576-681-0x00000000071E0000-0x00000000071FE000-memory.dmp
memory/1576-682-0x0000000007BC0000-0x0000000007BDC000-memory.dmp
memory/1576-683-0x0000000008760000-0x0000000008C2C000-memory.dmp
memory/1576-684-0x0000000007C80000-0x0000000007C8A000-memory.dmp
memory/1576-685-0x0000000007CB0000-0x0000000007CD0000-memory.dmp
memory/1576-686-0x0000000007D00000-0x0000000007D22000-memory.dmp
memory/1576-687-0x0000000007CD0000-0x0000000007CF0000-memory.dmp
memory/1576-688-0x00000000082D0000-0x0000000008302000-memory.dmp
memory/1576-689-0x0000000008290000-0x00000000082B2000-memory.dmp
memory/1576-690-0x0000000007D30000-0x0000000007D4A000-memory.dmp
memory/1576-691-0x00000000083E0000-0x00000000084AE000-memory.dmp
memory/1576-692-0x0000000008360000-0x00000000083A4000-memory.dmp
memory/1576-693-0x0000000008330000-0x000000000834A000-memory.dmp
memory/1576-694-0x00000000085E0000-0x0000000008702000-memory.dmp
memory/1576-695-0x0000000008510000-0x0000000008570000-memory.dmp
memory/1576-696-0x00000000084B0000-0x00000000084D4000-memory.dmp
memory/1576-697-0x0000000008710000-0x0000000008754000-memory.dmp
memory/1576-698-0x00000000084E0000-0x000000000850A000-memory.dmp
memory/1576-699-0x0000000008C30000-0x0000000008C62000-memory.dmp
memory/1576-700-0x0000000008D00000-0x0000000008D8C000-memory.dmp
memory/1576-701-0x0000000008F10000-0x0000000009086000-memory.dmp
memory/1576-702-0x0000000009410000-0x00000000094AC000-memory.dmp
memory/1576-703-0x0000000009640000-0x00000000097C6000-memory.dmp
memory/1576-704-0x0000000008E90000-0x0000000008EF6000-memory.dmp
memory/1576-705-0x0000000009570000-0x000000000962A000-memory.dmp
memory/1576-706-0x0000000008CA0000-0x0000000008CC2000-memory.dmp
memory/1576-707-0x0000000008C80000-0x0000000008C8C000-memory.dmp
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.Core.dll
| MD5 | c7430597fb837d6bc7549b988bdc78a5 |
| SHA1 | 447d90f6cad3afe3d2c47fd45f730c68d3201990 |
| SHA256 | 531585fb2ae180dab6c32b577a964279d8c26a517271f05c3a22940594568f88 |
| SHA512 | 41567ff616ed0b8fd37f0095c71326fa16c23b33e390b9f224c03eaa5bb33ce06f4e0b60e1ea7ce552f1f47ea38b749a50e16a8e2fcf69f364c8f210a3ad0ae1 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.Core.dll
| MD5 | c7430597fb837d6bc7549b988bdc78a5 |
| SHA1 | 447d90f6cad3afe3d2c47fd45f730c68d3201990 |
| SHA256 | 531585fb2ae180dab6c32b577a964279d8c26a517271f05c3a22940594568f88 |
| SHA512 | 41567ff616ed0b8fd37f0095c71326fa16c23b33e390b9f224c03eaa5bb33ce06f4e0b60e1ea7ce552f1f47ea38b749a50e16a8e2fcf69f364c8f210a3ad0ae1 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.Core.dll
| MD5 | c7430597fb837d6bc7549b988bdc78a5 |
| SHA1 | 447d90f6cad3afe3d2c47fd45f730c68d3201990 |
| SHA256 | 531585fb2ae180dab6c32b577a964279d8c26a517271f05c3a22940594568f88 |
| SHA512 | 41567ff616ed0b8fd37f0095c71326fa16c23b33e390b9f224c03eaa5bb33ce06f4e0b60e1ea7ce552f1f47ea38b749a50e16a8e2fcf69f364c8f210a3ad0ae1 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.Core.dll
| MD5 | c7430597fb837d6bc7549b988bdc78a5 |
| SHA1 | 447d90f6cad3afe3d2c47fd45f730c68d3201990 |
| SHA256 | 531585fb2ae180dab6c32b577a964279d8c26a517271f05c3a22940594568f88 |
| SHA512 | 41567ff616ed0b8fd37f0095c71326fa16c23b33e390b9f224c03eaa5bb33ce06f4e0b60e1ea7ce552f1f47ea38b749a50e16a8e2fcf69f364c8f210a3ad0ae1 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.Core.dll
| MD5 | c7430597fb837d6bc7549b988bdc78a5 |
| SHA1 | 447d90f6cad3afe3d2c47fd45f730c68d3201990 |
| SHA256 | 531585fb2ae180dab6c32b577a964279d8c26a517271f05c3a22940594568f88 |
| SHA512 | 41567ff616ed0b8fd37f0095c71326fa16c23b33e390b9f224c03eaa5bb33ce06f4e0b60e1ea7ce552f1f47ea38b749a50e16a8e2fcf69f364c8f210a3ad0ae1 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.Core.dll
| MD5 | c7430597fb837d6bc7549b988bdc78a5 |
| SHA1 | 447d90f6cad3afe3d2c47fd45f730c68d3201990 |
| SHA256 | 531585fb2ae180dab6c32b577a964279d8c26a517271f05c3a22940594568f88 |
| SHA512 | 41567ff616ed0b8fd37f0095c71326fa16c23b33e390b9f224c03eaa5bb33ce06f4e0b60e1ea7ce552f1f47ea38b749a50e16a8e2fcf69f364c8f210a3ad0ae1 |
C:\Users\Admin\Documents\krnl\bin\src\libcef.dll
| MD5 | 8c51876f1b5dfbf4964732a65c1f2724 |
| SHA1 | ed5653a3a5655ba65d6221285da93799bd2517f9 |
| SHA256 | 5ae7eff0a7b91e54d211046111d088ed8820793c97ee689f20371c356af6b46e |
| SHA512 | a4bb49b64b58767fcaf5b3b889a63c0917d56c59dd48283539903a6856caf69c5ce35655e68ef8bdad1e9bc80002fd2f68fc1e46977ba68926f7a731904a7884 |
C:\Users\Admin\Documents\krnl\bin\src\chrome_elf.dll
| MD5 | 6499ea6b92ab4971886bd06c12625819 |
| SHA1 | 5ebb75eeca7625b9511233158a02f50a92867a39 |
| SHA256 | 6820f276c0d71557a0c7b997fd2f4a3ac6a45c86454c4dc3bcfa29843b5c470b |
| SHA512 | e57703730e42eb9d80e762337e08176705b349f54fbd429edc657d44c9dc3a1f9ccfa594bc3ef622798aebb5bc69b225abb266b00f9b350ae59f734c2f31f63d |
C:\Users\Admin\Documents\krnl\bin\src\chrome_elf.dll
| MD5 | 6499ea6b92ab4971886bd06c12625819 |
| SHA1 | 5ebb75eeca7625b9511233158a02f50a92867a39 |
| SHA256 | 6820f276c0d71557a0c7b997fd2f4a3ac6a45c86454c4dc3bcfa29843b5c470b |
| SHA512 | e57703730e42eb9d80e762337e08176705b349f54fbd429edc657d44c9dc3a1f9ccfa594bc3ef622798aebb5bc69b225abb266b00f9b350ae59f734c2f31f63d |
C:\Users\Admin\Documents\krnl\bin\src\libcef.dll
| MD5 | 8c51876f1b5dfbf4964732a65c1f2724 |
| SHA1 | ed5653a3a5655ba65d6221285da93799bd2517f9 |
| SHA256 | 5ae7eff0a7b91e54d211046111d088ed8820793c97ee689f20371c356af6b46e |
| SHA512 | a4bb49b64b58767fcaf5b3b889a63c0917d56c59dd48283539903a6856caf69c5ce35655e68ef8bdad1e9bc80002fd2f68fc1e46977ba68926f7a731904a7884 |
memory/1576-718-0x0000000009B30000-0x0000000009B7A000-memory.dmp
memory/1576-722-0x0000000009510000-0x000000000951E000-memory.dmp
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.WinForms.dll
| MD5 | 5e5fe029bff022007c27d024ae7cf262 |
| SHA1 | fb7250ec8ca1acd36023b966fae61e85fe2c8ab4 |
| SHA256 | 7bee1ead1fe16cc4bae25758d1708163489724427f4b540b21ce1e943f070c3b |
| SHA512 | 60df60ca9c12295057afb10a050587010ac6326f8e636ef811bb13ef891aa19c98a54ca2e7514181f93a9622677c82d73ea13fb4e72a14f62911eb5ca9073216 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.WinForms.dll
| MD5 | 5e5fe029bff022007c27d024ae7cf262 |
| SHA1 | fb7250ec8ca1acd36023b966fae61e85fe2c8ab4 |
| SHA256 | 7bee1ead1fe16cc4bae25758d1708163489724427f4b540b21ce1e943f070c3b |
| SHA512 | 60df60ca9c12295057afb10a050587010ac6326f8e636ef811bb13ef891aa19c98a54ca2e7514181f93a9622677c82d73ea13fb4e72a14f62911eb5ca9073216 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.WinForms.dll
| MD5 | 5e5fe029bff022007c27d024ae7cf262 |
| SHA1 | fb7250ec8ca1acd36023b966fae61e85fe2c8ab4 |
| SHA256 | 7bee1ead1fe16cc4bae25758d1708163489724427f4b540b21ce1e943f070c3b |
| SHA512 | 60df60ca9c12295057afb10a050587010ac6326f8e636ef811bb13ef891aa19c98a54ca2e7514181f93a9622677c82d73ea13fb4e72a14f62911eb5ca9073216 |
memory/1576-728-0x0000000009520000-0x000000000952E000-memory.dmp
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.OffScreen.dll
| MD5 | 103d84c4a22967defcbedaea6e11720f |
| SHA1 | f33ff1b8d18ba90ec6dc641dd9a6666746fc72a2 |
| SHA256 | 7984b97cf1aa2a45381bf4d1849a70c3a37527da6c433b0ff6771912c28d20f2 |
| SHA512 | 410e63fdae507b97d61b815a846a9ccfd655da4ff23e39652be182e139a974a4a26cc8d4c22057da99c42ce59f215db2f87a173d99ba9cd9a16f392671476fe7 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.OffScreen.dll
| MD5 | 103d84c4a22967defcbedaea6e11720f |
| SHA1 | f33ff1b8d18ba90ec6dc641dd9a6666746fc72a2 |
| SHA256 | 7984b97cf1aa2a45381bf4d1849a70c3a37527da6c433b0ff6771912c28d20f2 |
| SHA512 | 410e63fdae507b97d61b815a846a9ccfd655da4ff23e39652be182e139a974a4a26cc8d4c22057da99c42ce59f215db2f87a173d99ba9cd9a16f392671476fe7 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.OffScreen.dll
| MD5 | 103d84c4a22967defcbedaea6e11720f |
| SHA1 | f33ff1b8d18ba90ec6dc641dd9a6666746fc72a2 |
| SHA256 | 7984b97cf1aa2a45381bf4d1849a70c3a37527da6c433b0ff6771912c28d20f2 |
| SHA512 | 410e63fdae507b97d61b815a846a9ccfd655da4ff23e39652be182e139a974a4a26cc8d4c22057da99c42ce59f215db2f87a173d99ba9cd9a16f392671476fe7 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.OffScreen.dll
| MD5 | 103d84c4a22967defcbedaea6e11720f |
| SHA1 | f33ff1b8d18ba90ec6dc641dd9a6666746fc72a2 |
| SHA256 | 7984b97cf1aa2a45381bf4d1849a70c3a37527da6c433b0ff6771912c28d20f2 |
| SHA512 | 410e63fdae507b97d61b815a846a9ccfd655da4ff23e39652be182e139a974a4a26cc8d4c22057da99c42ce59f215db2f87a173d99ba9cd9a16f392671476fe7 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.OffScreen.dll
| MD5 | 103d84c4a22967defcbedaea6e11720f |
| SHA1 | f33ff1b8d18ba90ec6dc641dd9a6666746fc72a2 |
| SHA256 | 7984b97cf1aa2a45381bf4d1849a70c3a37527da6c433b0ff6771912c28d20f2 |
| SHA512 | 410e63fdae507b97d61b815a846a9ccfd655da4ff23e39652be182e139a974a4a26cc8d4c22057da99c42ce59f215db2f87a173d99ba9cd9a16f392671476fe7 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.WinForms.dll
| MD5 | 5e5fe029bff022007c27d024ae7cf262 |
| SHA1 | fb7250ec8ca1acd36023b966fae61e85fe2c8ab4 |
| SHA256 | 7bee1ead1fe16cc4bae25758d1708163489724427f4b540b21ce1e943f070c3b |
| SHA512 | 60df60ca9c12295057afb10a050587010ac6326f8e636ef811bb13ef891aa19c98a54ca2e7514181f93a9622677c82d73ea13fb4e72a14f62911eb5ca9073216 |
C:\Users\Admin\Documents\krnl\bin\src\CefSharp.WinForms.dll
| MD5 | 5e5fe029bff022007c27d024ae7cf262 |
| SHA1 | fb7250ec8ca1acd36023b966fae61e85fe2c8ab4 |
| SHA256 | 7bee1ead1fe16cc4bae25758d1708163489724427f4b540b21ce1e943f070c3b |
| SHA512 | 60df60ca9c12295057afb10a050587010ac6326f8e636ef811bb13ef891aa19c98a54ca2e7514181f93a9622677c82d73ea13fb4e72a14f62911eb5ca9073216 |
memory/1576-735-0x00000000055D0000-0x00000000055E0000-memory.dmp
memory/1576-734-0x0000000009E30000-0x0000000009E72000-memory.dmp
C:\Users\Admin\Documents\krnl\Bunifu_UI_v1.5.3.dll
| MD5 | 2ecb51ab00c5f340380ecf849291dbcf |
| SHA1 | 1a4dffbce2a4ce65495ed79eab42a4da3b660931 |
| SHA256 | f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf |
| SHA512 | e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b |
C:\Users\Admin\Documents\krnl\Bunifu_UI_v1.5.3.dll
| MD5 | 2ecb51ab00c5f340380ecf849291dbcf |
| SHA1 | 1a4dffbce2a4ce65495ed79eab42a4da3b660931 |
| SHA256 | f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf |
| SHA512 | e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b |
C:\Users\Admin\Documents\krnl\Bunifu_UI_v1.5.3.dll
| MD5 | 2ecb51ab00c5f340380ecf849291dbcf |
| SHA1 | 1a4dffbce2a4ce65495ed79eab42a4da3b660931 |
| SHA256 | f1b3e0f2750a9103e46a6a4a34f1cf9d17779725f98042cc2475ec66484801cf |
| SHA512 | e241a48eafcaf99187035f0870d24d74ae97fe84aaadd2591cceea9f64b8223d77cfb17a038a58eadd3b822c5201a6f7494f26eea6f77d95f77f6c668d088e6b |
C:\Users\Admin\Documents\krnl\ScintillaNET.dll
| MD5 | 9166536c31f4e725e6befe85e2889a4b |
| SHA1 | f0cd8253b7e64157d39a8dc5feb8cf7bda7e8dae |
| SHA256 | ad0cc5a4d4a6aae06ee360339c851892b74b8a275ce89c1b48185672179f3163 |
| SHA512 | 113a7b77d2d557d135470787deead744d42f8292d853e2b55074e9cb3591fd045ffd10e5c81b5c15dde55861b806363568611e591ae25dcb31cf011da7e72562 |
C:\Users\Admin\Documents\krnl\ScintillaNET.dll
| MD5 | 9166536c31f4e725e6befe85e2889a4b |
| SHA1 | f0cd8253b7e64157d39a8dc5feb8cf7bda7e8dae |
| SHA256 | ad0cc5a4d4a6aae06ee360339c851892b74b8a275ce89c1b48185672179f3163 |
| SHA512 | 113a7b77d2d557d135470787deead744d42f8292d853e2b55074e9cb3591fd045ffd10e5c81b5c15dde55861b806363568611e591ae25dcb31cf011da7e72562 |
memory/1576-739-0x000000000C8D0000-0x000000000CA24000-memory.dmp
C:\Users\Admin\Documents\krnl\ScintillaNET.dll
| MD5 | 9166536c31f4e725e6befe85e2889a4b |
| SHA1 | f0cd8253b7e64157d39a8dc5feb8cf7bda7e8dae |
| SHA256 | ad0cc5a4d4a6aae06ee360339c851892b74b8a275ce89c1b48185672179f3163 |
| SHA512 | 113a7b77d2d557d135470787deead744d42f8292d853e2b55074e9cb3591fd045ffd10e5c81b5c15dde55861b806363568611e591ae25dcb31cf011da7e72562 |
memory/1576-740-0x00000000055D0000-0x00000000055E0000-memory.dmp
memory/1576-741-0x00000000055D0000-0x00000000055E0000-memory.dmp
memory/1576-742-0x000000000C670000-0x000000000C770000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\ScintillaNET\3.6.3\x86\SciLexer.dll
| MD5 | 2ff7acfa80647ee46cc3c0e446327108 |
| SHA1 | c994820d03af722c244b046d1ee0967f1b5bc478 |
| SHA256 | 08f0cbbc5162f236c37166772be2c9b8ffd465d32df17ea9d45626c4ed2c911d |
| SHA512 | 50a9e20c5851d3a50f69651bc770885672ff4f97de32dfda55bf7488abd39a11e990525ec9152d250072acaad0c12a484155c31083d751668eb01addea5570cd |
memory/1576-747-0x000000000C820000-0x000000000C896000-memory.dmp
memory/1576-748-0x000000000CA50000-0x000000000CA6E000-memory.dmp
memory/1576-749-0x00000000055D0000-0x00000000055E0000-memory.dmp
memory/1576-750-0x00000000055D0000-0x00000000055E0000-memory.dmp
\??\pipe\crashpad_3736_YNVOZOPHOCKLFNSU
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Temp\scoped_dir3736_1734425022\100bcae0-f1c3-485e-b54a-7bd95c8d7ab7.tmp
| MD5 | 9caa8c614bab0c667ec308c2fc7268d0 |
| SHA1 | 118810cb2e84e9fb58b45786809e1062c1032658 |
| SHA256 | 3474c2e016e2e6558afa52729659a90e014e7437be68f8606f9f152f1ba2f8fa |
| SHA512 | 85111e6075bd5b5a260684cdcb30718f6b0ea295faeeb5e8e406848597a3e35b62a15cd0977c6a13c62537021db00d0bb2317bfe3773e40028495f4e19bf7369 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir3736_1734425022\CRX_INSTALL\_locales\en_CA\messages.json
| MD5 | 558659936250e03cc14b60ebf648aa09 |
| SHA1 | 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825 |
| SHA256 | 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b |
| SHA512 | 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727 |
C:\Users\Admin\AppData\Local\Temp\scoped_dir3736_1734425022\CRX_INSTALL\dasherSettingSchema.json
| MD5 | 4ec1df2da46182103d2ffc3b92d20ca5 |
| SHA1 | fb9d1ba3710cf31a87165317c6edc110e98994ce |
| SHA256 | 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6 |
| SHA512 | 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d |
C:\Users\Admin\AppData\Local\Temp\scoped_dir3736_1734425022\CRX_INSTALL\_locales\en_CA\messages.json
| MD5 | 07ffbe5f24ca348723ff8c6c488abfb8 |
| SHA1 | 6dc2851e39b2ee38f88cf5c35a90171dbea5b690 |
| SHA256 | 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c |
| SHA512 | 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\128.png
| MD5 | 913064adaaa4c4fa2a9d011b66b33183 |
| SHA1 | 99ea751ac2597a080706c690612aeeee43161fc1 |
| SHA256 | afb4ce8882ef7ae80976eba7d87f6e07fcddc8e9e84747e8d747d1e996dea8eb |
| SHA512 | 162bf69b1ad5122c6154c111816e4b87a8222e6994a72743ed5382d571d293e1467a2ed2fc6cc27789b644943cf617a56da530b6a6142680c5b2497579a632b5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 66c8ab7e67dc86dae51afd4a87ce9f96 |
| SHA1 | 372b6444741d40e00b94a0a574f90fd96ffdee86 |
| SHA256 | f2be21f6ebda57d94390e896f7cdbbd308e6858857ea03104d504c2b450ee4f2 |
| SHA512 | 0eda0a927b4ad27d671d1b01a31b131175f75e59aea0f0d1b92a79756773cedad18b487082cd52280de69ce6d707f54c5f4803a75c6263289d0ac97ac8f952c5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_metadata\verified_contents.json
| MD5 | 4caf0842b05eed2901158557c86b9a85 |
| SHA1 | 789062049adf0fc5bbaa61e83e76194a28737b76 |
| SHA256 | bdee000b3487443b951aa6f6a0a50eeb81caf0fe943977d987e5acda16c5812c |
| SHA512 | c9c7ddc1007a50f2d0445b9e1400fad79c20eb41b6f6e7832c4bc5462adcfe38cfb0020028da1472b7e0f2a83091166ef950d581a1d0f68bf90d7f57226b919a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\page_embed_script.js
| MD5 | 62fda4fa9cc5866797295daf242ec144 |
| SHA1 | b0fd59acfe000541753d0cb3cb38eb04e833f603 |
| SHA256 | cae608555363a5ffe6940574ac6ecd03c9ac24c329484598b78ee463554bc591 |
| SHA512 | f6a324ad4372387adc9f5b66e4bca678e22b16ca621e6ca8a57b7dd84bc9636f9c6fc3e07251d526ffde03200357c074762cc5d7b707b0a303f9c9a195d98f58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\manifest.json
| MD5 | c5f9ca95f25d11c8cb46ad8ad121e34d |
| SHA1 | 4183e6899a2011a33d429fd0af9770fc26b297ae |
| SHA256 | 5e4edb7d56beacfa752e2ba806c31743b0276fd9a752d937645b2246aa4e7612 |
| SHA512 | e2606a971cc80851fa5f3be392eaeb2dbcc3567a1d58eee53bae1f05677f0456fc873569078304e3a7c1fd5f7e7aa832bd2fa2f90ddf28f428eaf4e9f9727775 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\eventpage_bin_prod.js
| MD5 | a03d289fcfab28005ecb9d577944c888 |
| SHA1 | 3a390c3afd10125e4ecd820bf5e5177589dee696 |
| SHA256 | 4b36137c70513d476e5c7e86c2bddfa6eeefa0b77092f22f72217cb8f6863c11 |
| SHA512 | 9182b41c2d4a443f7ec6167601fb280e339638f32b663a46a9afa7546d41591f985ba010d47635119048073f77c8ac496182f94239d1d342c3247a3f89d2fc1a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\zu\messages.json
| MD5 | 71f916a64f98b6d1b5d1f62d297fdec1 |
| SHA1 | 9386e8f723c3f42da5b3f7e0b9970d2664ea0baa |
| SHA256 | ec78ddd4ccf32b5d76ec701a20167c3fbd146d79a505e4fb0421fc1e5cf4aa63 |
| SHA512 | 30fa4e02120af1be6e7cc7dbb15fae5d50825bd6b3cf28ef21d2f2e217b14af5b76cfcc165685c3edc1d09536bfcb10ca07e1e2cc0da891cec05e19394ad7144 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\zh_TW\messages.json
| MD5 | 0e60627acfd18f44d4df469d8dce6d30 |
| SHA1 | 2bfcb0c3ca6b50d69ad5745fa692baf0708db4b5 |
| SHA256 | f94c6ddedf067642a1af18d629778ec65e02b6097a8532b7e794502747aeb008 |
| SHA512 | 6ff517eed4381a61075ac7c8e80c73fafae7c0583ba4fa7f4951dd7dbe183c253702dee44b3276efc566f295dac1592271be5e0ac0c7d2c9f6062054418c7c27 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\zh_CN\messages.json
| MD5 | 3e76788e17e62fb49fb5ed5f4e7a3dce |
| SHA1 | 6904ffa0d13d45496f126e58c886c35366efcc11 |
| SHA256 | e72d0bb08cc3005556e95a498bd737e7783bb0e56dcc202e7d27a536616f5ee0 |
| SHA512 | f431e570ab5973c54275c9eef05e49e6fe2d6c17000f98d672dd31f9a1fad98e0d50b5b0b9cf85d5bbd3b655b93fd69768c194c8c1688cb962aa75ff1af9bdb6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\zh_HK\messages.json
| MD5 | 524e1b2a370d0e71342d05dde3d3e774 |
| SHA1 | 60d1f59714f9e8f90ef34138d33fbff6dd39e85a |
| SHA256 | 30f44cfad052d73d86d12fa20cfc111563a3b2e4523b43f7d66d934ba8dace91 |
| SHA512 | d2225cf2fa94b01a7b0f70a933e1fdcf69cdf92f76c424ce4f9fcc86510c481c9a87a7b71f907c836cbb1ca41a8bebbd08f68dbc90710984ca738d293f905272 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\ur\messages.json
| MD5 | 8b4df6a9281333341c939c244ddb7648 |
| SHA1 | 382c80cad29bcf8aaf52d9a24ca5a6ecf1941c6b |
| SHA256 | 5da836224d0f3a96f1c5eb5063061aad837ca9fc6fed15d19c66da25cf56f8ac |
| SHA512 | fa1c015d4ea349f73468c78fdb798d462eef0f73c1a762298798e19f825e968383b0a133e0a2ce3b3df95f24c71992235bfc872c69dc98166b44d3183bf8a9e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\vi\messages.json
| MD5 | 773a3b9e708d052d6cbaa6d55c8a5438 |
| SHA1 | 5617235844595d5c73961a2c0a4ac66d8ea5f90f |
| SHA256 | 597c5f32bc999746bc5c2ed1e5115c523b7eb1d33f81b042203e1c1df4bbcafe |
| SHA512 | e5f906729e38b23f64d7f146fa48f3abf6baed9aafc0e5f6fa59f369dc47829dbb4bfa94448580bd61a34e844241f590b8d7aec7091861105d8ebb2590a3bee9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\uk\messages.json
| MD5 | 970963c25c2cef16bb6f60952e103105 |
| SHA1 | bbddacfeee60e22fb1c130e1ee8efda75ea600aa |
| SHA256 | 9fa26ff09f6acde2457ed366c0c4124b6cac1435d0c4fd8a870a0c090417da19 |
| SHA512 | 1bed9fe4d4adeed3d0bc8258d9f2fd72c6a177c713c3b03fc6f5452b6d6c2cb2236c54ea972ece7dbfd756733805eb2352cae44bab93aa8ea73bb80460349504 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\no\messages.json
| MD5 | a1744b0f53ccf889955b95108367f9c8 |
| SHA1 | 6a5a6771dff13dcb4fd425ed839ba100b7123de0 |
| SHA256 | 21ceff02b45a4bfd60d144879dfa9f427949a027dd49a3eb0e9e345bd0b7c9a8 |
| SHA512 | f55e43f14514eecb89f6727a0d3c234149609020a516b193542b5964d2536d192f40cc12d377e70c683c269a1bdcde1c6a0e634aa84a164775cffe776536a961 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\nl\messages.json
| MD5 | 32df72f14be59a9bc9777113a8b21de6 |
| SHA1 | 2a8d9b9a998453144307dd0b700a76e783062ad0 |
| SHA256 | f3fe1ffcb182183b76e1b46c4463168c746a38e461fd25ca91ff2a40846f1d61 |
| SHA512 | e0966f5cca5a8a6d91c58d716e662e892d1c3441daa5d632e5e843839bb989f620d8ac33ed3edbafe18d7306b40cd0c4639e5a4e04da2c598331dacec2112aad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\pa\messages.json
| MD5 | 97f769f51b83d35c260d1f8cfd7990af |
| SHA1 | 0d59a76564b0aee31d0a074305905472f740ceca |
| SHA256 | bbd37d41b7de6f93948fa2437a7699d4c30a3c39e736179702f212cb36a3133c |
| SHA512 | d91f5e2d22fc2d7f73c1f1c4af79db98fcfd1c7804069ae9b2348cbc729a6d2dff7fb6f44d152b0bdaba6e0d05dff54987e8472c081c4d39315cec2cbc593816 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\ne\messages.json
| MD5 | 065eb4de2319a4094f7c1c381ac753a0 |
| SHA1 | 6324108a1ad968cb3aec83316c6f12d51456c464 |
| SHA256 | 160e1cd593c901c7291ea4ecba735191d793ddfd7e9646a0560498627f61da6f |
| SHA512 | 8b3e970a2beb8b6b193ad6ab9baa0fd8e1147cb5b9e64d76a6d3f104d636481621be52c2d72c588adf444e136a9b1350ac767255d2e680df44e9a1fb75e4c898 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\id\messages.json
| MD5 | 34d6ee258af9429465ae6a078c2fb1f5 |
| SHA1 | 612cae151984449a4346a66c0a0df4235d64d932 |
| SHA256 | e3c86ddd2efebe88eed8484765a9868202546149753e03a61eb7c28fd62cfca1 |
| SHA512 | 20427807b64a0f79a6349f8a923152d9647da95c05de19ad3a4bf7db817e25227f3b99307c8745dd323a6591b515221bd2f1e92b6f1a1783bdfa7142e84601b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\hy\messages.json
| MD5 | 55de859ad778e0aa9d950ef505b29da9 |
| SHA1 | 4479be637a50c9ee8a2f7690ad362a6a8ffc59b2 |
| SHA256 | 0b16e3f8bd904a767284345ae86a0a9927c47afe89e05ea2b13ad80009bdf9e4 |
| SHA512 | edab2fcc14cabb6d116e9c2907b42cfbc34f1d9035f43e454f1f4d1f3774c100cbadf6b4c81b025810ed90fa91c22f1aefe83056e4543d92527e4fe81c7889a8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\is\messages.json
| MD5 | 1f565fb1c549b18af8bbfed8decd5d94 |
| SHA1 | b57f4bdae06ff3dfc1eb3e56b6f2f204d6f63638 |
| SHA256 | e16325d1a641ef7421f2bafcd6433d53543c89d498dd96419b03cba60b9c7d60 |
| SHA512 | a60b8e042a9bcdcc136b87948e9924a0b24d67c6ca9803904b876f162a0ad82b9619f1316be9ff107dd143b44f7e6f5df604abfe00818deb40a7d62917cda69f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\es\messages.json
| MD5 | f61916a206ac0e971cdcb63b29e580e3 |
| SHA1 | 994b8c985dc1e161655d6e553146fb84d0030619 |
| SHA256 | 2008f4faab71ab8c76a5d8811ad40102c380b6b929ce0bce9c378a7cadfc05eb |
| SHA512 | d9c63b2f99015355aca04d74a27fd6b81170750c4b4be7293390dc81ef4cd920ee9184b05c61dc8979b6c2783528949a4ae7180dbf460a2620dbb0d3fd7a05cf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\af\messages.json
| MD5 | 12403ebcce3ae8287a9e823c0256d205 |
| SHA1 | c82d43c501fae24bfe05db8b8f95ed1c9ac54037 |
| SHA256 | b40bde5b612cfff936370b32fb0c58cc205fc89937729504c6c0b527b60e2cba |
| SHA512 | 153401ecdb13086d2f65f9b9f20acb3cefe5e2aeff1c31ba021be35bf08ab0634812c33d1d34da270e5693a8048fc5e2085e30974f6a703f75ea1622a0ca0ffd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\am\messages.json
| MD5 | cc785a90811435bc9d87d1ba1966b9bf |
| SHA1 | 3d56356434cec87a1eea756ff376e08591bfbc14 |
| SHA256 | 4e85b78853a4690f3079e0645c0debaaa5b3fa82b6ced27163ecbaddac5f8040 |
| SHA512 | 27fcdb5e65bca356668ce033c9006df7e46dc25aba3f108691e47bf37894db0a351412042f3068c6a25b636a0a3761cbacf42829f3fb47b1a034b2cc3cb857ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\ar\messages.json
| MD5 | 3ec93ea8f8422fda079f8e5b3f386a73 |
| SHA1 | 24640131ccfb21d9bc3373c0661da02d50350c15 |
| SHA256 | abd0919121956ab535e6a235de67764f46cfc944071fcf2302148f5fb0e8c65a |
| SHA512 | f40e879f85bc9b8120a9b7357ed44c22c075bf065f45bea42bd5316af929cbd035d5d6c35734e454aef5b79d378e51a77a71fa23f9ebd0b3754159718fceb95c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\az\messages.json
| MD5 | 9a798fd298008074e59ecc253e2f2933 |
| SHA1 | 1e93da985e880f3d3350fc94f5ccc498efc8c813 |
| SHA256 | 628145f4281fa825d75f1e332998904466abd050e8b0dc8bb9b6a20488d78a66 |
| SHA512 | 9094480379f5ab711b3c32c55fd162290cb0031644ea09a145e2ef315da12f2e55369d824af218c3a7c37dd9a276aeec127d8b3627d3ab45a14b0191ed2bbe70 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\be\messages.json
| MD5 | 68884dfda320b85f9fc5244c2dd00568 |
| SHA1 | fd9c01e03320560cbbb91dc3d1917c96d792a549 |
| SHA256 | ddf16859a15f3eb3334d6241975ca3988ac3eafc3d96452ac3a4afd3644c8550 |
| SHA512 | 7ff0fbd555b1f9a9a4e36b745cbfcad47b33024664f0d99e8c080be541420d1955d35d04b5e973c07725573e592cd0dd84fdbb867c63482baff6929ada27ccde |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\bg\messages.json
| MD5 | 2e6423f38e148ac5a5a041b1d5989cc0 |
| SHA1 | 88966ffe39510c06cd9f710dfac8545672ffdceb |
| SHA256 | ac4a8b5b7c0b0dd1c07910f30dcfbdf1bcb701cfcfd182b6153fd3911d566c0e |
| SHA512 | 891fcdc6f07337970518322c69c6026896dd3588f41f1e6c8a1d91204412cae01808f87f9f2dea1754458d70f51c3cef5f12a9e3fc011165a42b0844c75ec683 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\bn\messages.json
| MD5 | 651375c6af22e2bcd228347a45e3c2c9 |
| SHA1 | 109ac3a912326171d77869854d7300385f6e628c |
| SHA256 | 1dbf38e425c5c7fc39e8077a837df0443692463ba1fbe94e288ab5a93242c46e |
| SHA512 | 958aa7cf645fab991f2eca0937ba734861b373fb1c8bcc001599be57c65e0917f7833a971d93a7a6423c5f54a4839d3a4d5f100c26efa0d2a068516953989f9d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\ca\messages.json
| MD5 | d177261ffe5f8ab4b3796d26835f8331 |
| SHA1 | 4be708e2ffe0f018ac183003b74353ad646c1657 |
| SHA256 | d6e65238187a430ff29d4c10cf1c46b3f0fa4b91a5900a17c5dfd16e67ffc9bd |
| SHA512 | e7d730304aed78c0f4a78dadbf835a22b3d8114fb41d67b2b26f4fe938b572763d3e127b7c1c81ebe7d538da976a7a1e7adc40f918f88afadea2201ae8ab47d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\cs\messages.json
| MD5 | ccb00c63e4814f7c46b06e4a142f2de9 |
| SHA1 | 860936b2a500ce09498b07a457e0cca6b69c5c23 |
| SHA256 | 21ae66ce537095408d21670585ad12599b0f575ff2cb3ee34e3a48f8cc71cfab |
| SHA512 | 35839dac6c985a6ca11c1bff5b8b5e59db501fcb91298e2c41cb0816b6101bf322445b249eaea0cef38f76d73a4e198f2b6e25eea8d8a94ea6007d386d4f1055 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\cy\messages.json
| MD5 | a86407c6f20818972b80b9384acfbbed |
| SHA1 | d1531cd0701371e95d2a6bb5edcb79b949d65e7c |
| SHA256 | a482663292a913b02a9cde4635c7c92270bf3c8726fd274475dc2c490019a7c9 |
| SHA512 | d9fbf675514a890e9656f83572208830c6d977e34d5744c298a012515bc7eb5a17726add0d9078501393babd65387c4f4d3ac0cc0f7c60c72e09f336dca88de7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\da\messages.json
| MD5 | b922f7fd0e8ccac31b411fc26542c5ba |
| SHA1 | 2d25e153983e311e44a3a348b7d97af9aad21a30 |
| SHA256 | 48847d57c75af51a44cbf8f7ef1a4496c2007e58ed56d340724fda1604ff9195 |
| SHA512 | ad0954deeb17af04858dd5ec3d3b3da12dff7a666af4061deb6fd492992d95db3baf751ab6a59bec7ab22117103a93496e07632c2fc724623bb3acf2ca6093f3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\de\messages.json
| MD5 | d116453277cc860d196887cec6432ffe |
| SHA1 | 0ae00288fde696795cc62fd36eabc507ab6f4ea4 |
| SHA256 | 36ac525fa6e28f18572d71d75293970e0e1ead68f358c20da4fdc643eea2c1c5 |
| SHA512 | c788c3202a27ec220e3232ae25e3c855f3fdb8f124848f46a3d89510c564641a2dfea86d5014cea20d3d2d3c1405c96dbeb7ccad910d65c55a32fdca8a33fdd4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\el\messages.json
| MD5 | 9aba4337c670c6349ba38fddc27c2106 |
| SHA1 | 1fc33be9ab4ad99216629bc89fbb30e7aa42b812 |
| SHA256 | 37ca6ab271d6e7c9b00b846fdb969811c9ce7864a85b5714027050795ea24f00 |
| SHA512 | 8564f93ad8485c06034a89421ce74a4e719bbac865e33a7ed0b87baa80b7f7e54b240266f2edb595df4e6816144428db8be18a4252cbdcc1e37b9ecc9f9d7897 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\en_GB\messages.json
| MD5 | 3734d498fb377cf5e4e2508b8131c0fa |
| SHA1 | aa23e39bfe526b5e3379de04e00eacba89c55ade |
| SHA256 | ab5cda04013dce0195e80af714fbf3a67675283768ffd062cf3cf16edb49f5d4 |
| SHA512 | 56d9c792954214b0de56558983f7eb7805ac330af00e944e734340be41c68e5dd03eddb17a63bc2ab99bdd9be1f2e2da5be8ba7c43d938a67151082a9041c7ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\en_US\messages.json
| MD5 | 578215fbb8c12cb7e6cd73fbd16ec994 |
| SHA1 | 9471d71fa6d82ce1863b74e24237ad4fd9477187 |
| SHA256 | 102b586b197ea7d6edfeb874b97f95b05d229ea6a92780ea8544c4ff1e6bc5b1 |
| SHA512 | e698b1a6a6ed6963182f7d25ac12c6de06c45d14499ddc91e81bdb35474e7ec9071cfebd869b7d129cb2cd127bc1442c75e408e21eb8e5e6906a607a3982b212 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\es_419\messages.json
| MD5 | 535331f8fb98894877811b14994fea9d |
| SHA1 | 42475e6afb6a8ae41e2fc2b9949189ef9bbe09fb |
| SHA256 | 90a560ff82605db7eda26c90331650ff9e42c0b596cedb79b23598dec1b4988f |
| SHA512 | 2ce9c69e901ab5f766e6cfc1e592e1af5a07aa78d154ccbb7898519a12e6b42a21c5052a86783abe3e7a05043d4bd41b28960feddb30169ff7f7fe7208c8cfe9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\et\messages.json
| MD5 | 64204786e7a7c1ed9c241f1c59b81007 |
| SHA1 | 586528e87cd670249a44fb9c54b1796e40cdb794 |
| SHA256 | cc31b877238da6c1d51d9a6155fde565727a1956572f466c387b7e41c4923a29 |
| SHA512 | 44fcf93f3fb10a3db68d74f9453995995ab2d16863ec89779db451a4d90f19743b8f51095eec3ecef5bd0c5c60d1bf3dfb0d64df288dccfbe70c129ae350b2c6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\eu\messages.json
| MD5 | 29a1da4acb4c9d04f080bb101e204e93 |
| SHA1 | 2d0e4587ddd4bac1c90e79a88af3bd2c140b53b1 |
| SHA256 | a41670d52423ba69c7a65e7e153e7b9994e8dd0370c584bda0714bd61c49c578 |
| SHA512 | b7b7a5a0aa8f6724b0fa15d65f25286d9c66873f03080cbaba037bdeea6aadc678ac4f083bc52c2db01beb1b41a755ed67bbddb9c0fe4e35a004537a3f7fc458 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\fa\messages.json
| MD5 | 097f3ba8de41a0aaf436c783dcfe7ef3 |
| SHA1 | 986b8cabd794e08c7ad41f0f35c93e4824ac84df |
| SHA256 | 7c4c09d19ac4da30cc0f7f521825f44c4dfbc19482a127fbfb2b74b3468f48f1 |
| SHA512 | 8114ea7422e3b20ae3f08a3a64a6ffe1517a7579a3243919b8f789eb52c68d6f5a591f7b4d16cee4bd337ff4daf4057d81695732e5f7d9e761d04f859359fadb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\fi\messages.json
| MD5 | b38cbd6c2c5bfaa6ee252d573a0b12a1 |
| SHA1 | 2e490d5a4942d2455c3e751f96bd9960f93c4b60 |
| SHA256 | 2d752a5dbe80e34ea9a18c958b4c754f3bc10d63279484e4df5880b8fd1894d2 |
| SHA512 | 6e65207f4d8212736059cc802c6a7104e71a9cc0935e07bd13d17ec46ea26d10bc87ad923cd84d78781e4f93231a11cb9ed8d3558877b6b0d52c07cb005f1c0c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\fil\messages.json
| MD5 | fcea43d62605860fff41be26bad80169 |
| SHA1 | f25c2ce893d65666cc46ea267e3d1aa080a25f5b |
| SHA256 | f51eeb7aaf5f2103c1043d520e5a4de0fa75e4dc375e23a2c2c4afd4d9293a72 |
| SHA512 | f66f113a26e5bcf54b9aafa69dae3c02c9c59bd5b9a05f829c92af208c06dc8ccc7a1875cbb7b7ce425899e4ba27bfe8ce2cdaf43a00a1b9f95149e855989ee0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\fr\messages.json
| MD5 | a58c0eebd5dc6bb5d91daf923bd3a2aa |
| SHA1 | f169870eeed333363950d0bcd5a46d712231e2ae |
| SHA256 | 0518287950a8b010ffc8d52554eb82e5d93b6c3571823b7ceca898906c11abcc |
| SHA512 | b04afd61de490bc838354e8dc6c22be5c7ac6e55386fff78489031acbe2dbf1eaa2652366f7a1e62ce87cfccb75576da3b2645fea1645b0eceb38b1fa3a409e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\fr_CA\messages.json
| MD5 | 6cac04bdcc09034981b4ab567b00c296 |
| SHA1 | 84f4d0e89e30ed7b7acd7644e4867ffdb346d2a5 |
| SHA256 | 4caa46656ecc46a420aa98d3307731e84f5ac1a89111d2e808a228c436d83834 |
| SHA512 | 160590b6ec3dcf48f3ea7a5baa11a8f6fa4131059469623e00ad273606b468b3a6e56d199e97daa0ecb6c526260ebae008570223f2822811f441d1c900dc33d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\gl\messages.json
| MD5 | cc31777e68b20f10a394162ee3cee03a |
| SHA1 | 969f7a9caf86ebaa82484fbf0837010ad3fd34d7 |
| SHA256 | 9890710df0fbf1db41bce41fe2f62424a3bd39d755d29e829744ed3da0c2ce1d |
| SHA512 | 8215a6e50c6acf8045d97c0d4d422c0caacb7f09d136e73e34dba48903bb4c85a25d6875b56e192993f48a428d3a85ba041e0e61e4277b7d3a70f38d01f68aab |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\gu\messages.json
| MD5 | bc7e1d09028b085b74cb4e04d8a90814 |
| SHA1 | e28b2919f000b41b41209e56b7bf3a4448456cfe |
| SHA256 | fe8218df25db54e633927c4a1640b1a41b8e6cb3360fa386b5382f833b0b237c |
| SHA512 | 040a8267d67db05bbaa52f1fac3460f58d35c5b73aa76bbf17fa78acc6d3bfb796a870dd44638f9ac3967e35217578a20d6f0b975ceeeedbadfc9f65be7e72c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\hi\messages.json
| MD5 | 98a7fc3e2e05afffc1cfe4a029f47476 |
| SHA1 | a17e077d6e6ba1d8a90c1f3faf25d37b0ff5a6ad |
| SHA256 | d2d1afa224cda388ff1dc8fac24cda228d7ce09de5d375947d7207fa4a6c4f8d |
| SHA512 | 457e295c760abfd29fc6bbbb7fc7d4959287bca7fb0e3e99eb834087d17eed331def18138838d35c48c6ddc8a0134affff1a5a24033f9b5607b355d3d48fdf88 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\hr\messages.json
| MD5 | 25cdff9d60c5fc4740a48ef9804bf5c7 |
| SHA1 | 4fadecc52fb43aec084df9ff86d2d465fbebcdc0 |
| SHA256 | 73e6e246ceeab9875625cd4889fbf931f93b7b9deaa11288ae1a0f8a6e311e76 |
| SHA512 | ef00b08496427feb5a6b9fb3fe2e5404525be7c329d9dd2a417480637fd91885837d134a26980dcf9f61e463e6cb68f09a24402805807e656af16b116a75e02c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\hu\messages.json
| MD5 | 8930a51e3ace3dd897c9e61a2aea1d02 |
| SHA1 | 4108506500c68c054ba03310c49fa5b8ee246ea4 |
| SHA256 | 958c0f664fca20855fa84293566b2ddb7f297185619143457d6479e6ac81d240 |
| SHA512 | 126b80cd3428c0bc459eeaafcbe4b9fde2541a57f19f3ec7346baf449f36dc073a9cf015594a57203255941551b25f6faa6d2c73c57c44725f563883ff902606 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\it\messages.json
| MD5 | 0d82b734ef045d5fe7aa680b6a12e711 |
| SHA1 | bd04f181e4ee09f02cd53161dcabcef902423092 |
| SHA256 | f41862665b13c0b4c4f562ef1743684cce29d4bcf7fe3ea494208df253e33885 |
| SHA512 | 01f305a280112482884485085494e871c66d40c0b03de710b4e5f49c6a478d541c2c1fda2ceaf4307900485946dee9d905851e98a2eb237642c80d464d1b3ada |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\iw\messages.json
| MD5 | 26b1533c0852ee4661ec1a27bd87d6bf |
| SHA1 | 18234e3abaf702df9330552780c2f33b83a1188a |
| SHA256 | bbb81c32f482ba3216c9b1189c70cef39ca8c2181af3538ffa07b4c6ad52f06a |
| SHA512 | 450bfaf0e8159a4fae309737ea69ca8dd91caafd27ef662087c4e7716b2dcad3172555898e75814d6f11487f4f254de8625ef0cfea8df0133fc49e18ec7fd5d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\ja\messages.json
| MD5 | 15ec1963fc113d4ad6e7e59ae5de7c0a |
| SHA1 | 4017fc6d8b302335469091b91d063b07c9e12109 |
| SHA256 | 34ac08f3c4f2d42962a3395508818b48ca323d22f498738cc9f09e78cb197d73 |
| SHA512 | 427251f471fa3b759ca1555e9600c10f755bc023701d058ff661bec605b6ab94cfb3456c1fea68d12b4d815ffbafabceb6c12311dd1199fc783ed6863af97c0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\ka\messages.json
| MD5 | 83f81d30913dc4344573d7a58bd20d85 |
| SHA1 | 5ad0e91ea18045232a8f9df1627007fe506a70e0 |
| SHA256 | 30898bbf51bdd58db397ff780f061e33431a38ef5cfc288b5177ecf76b399f26 |
| SHA512 | 85f97f12ad4482b5d9a6166bb2ae3c4458a582cf575190c71c1d8e0fb87c58482f8c0efead56e3a70edd42bed945816db5e07732ad27b8ffc93f4093710dd58f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\kk\messages.json
| MD5 | 2d94a58795f7b1e6e43c9656a147ad3c |
| SHA1 | e377db505c6924b6bfc9d73dc7c02610062f674e |
| SHA256 | 548dc6c96e31a16ce355dc55c64833b08ef3fba8bf33149031b4a685959e3af4 |
| SHA512 | f51cc857e4cf2d4545c76a2dce7d837381ce59016e250319bf8d39718be79f9f6ee74ea5a56de0e8759e4e586d93430d51651fc902376d8a5698628e54a0f2d8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\km\messages.json
| MD5 | b3699c20a94776a5c2f90aef6eb0dad9 |
| SHA1 | 1f9b968b0679a20fa097624c9abfa2b96c8c0bea |
| SHA256 | a6118f0a0de329e07c01f53cd6fb4fed43e54c5f53db4cd1c7f5b2b4d9fb10e6 |
| SHA512 | 1e8d15b8bff1d289434a244172f9ed42b4bb6bcb6372c1f300b01acea5a88167e97fedaba0a7ae3beb5e24763d1b09046ae8e30745b80e2e2fe785c94df362f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\kn\messages.json
| MD5 | 8e16966e815c3c274eeb8492b1ea6648 |
| SHA1 | 7482ed9f1c9fd9f6f9ba91ab15921b19f64c9687 |
| SHA256 | 418ff53fca505d54268413c796e4df80e947a09f399ab222a90b81e93113d5b5 |
| SHA512 | 85b28202e874b1cf45b37ba05b87b3d8d6fe38e89c6011c4240cf6b563ea6da60181d712cce20d07c364f4a266a4ec90c4934cc8b7bb2013cb3b22d755796e38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\ko\messages.json
| MD5 | f3e59eeeb007144ea26306c20e04c292 |
| SHA1 | 83e7bdfa1f18f4c7534208493c3ff6b1f2f57d90 |
| SHA256 | c52d9b955d229373725a6e713334bbb31ea72efa9b5cf4fbd76a566417b12cac |
| SHA512 | 7808cb5ff041b002cbd78171ec5a0b4dba3e017e21f7e8039084c2790f395b839bee04ad6c942eed47ccb53e90f6de818a725d1450bf81ba2990154afd3763af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\lo\messages.json
| MD5 | e20d6c27840b406555e2f5091b118fc5 |
| SHA1 | 0dcecc1a58ceb4936e255a64a2830956bfa6ec14 |
| SHA256 | 89082fb05229826bc222f5d22c158235f025f0e6df67ff135a18bd899e13bb8f |
| SHA512 | ad53fc0b153005f47f9f4344df6c4804049fac94932d895fd02eebe75222cfe77eedd9cd3fdc4c88376d18c5972055b00190507aa896488499d64e884f84f093 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\lt\messages.json
| MD5 | 970544ab4622701ffdf66dc556847652 |
| SHA1 | 14bee2b77ee74c5e38ebd1db09e8d8104cf75317 |
| SHA256 | 5dfcbd4dfeaec3abe973a78277d3bd02cd77ae635d5c8cd1f816446c61808f59 |
| SHA512 | cc12d00c10b970189e90d47390eeb142359a8d6f3a9174c2ef3ae0118f09c88ab9b689d9773028834839a7dfaf3aac6747bc1dcb23794a9f067281e20b8dc6ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\lv\messages.json
| MD5 | a568a58817375590007d1b8abcaebf82 |
| SHA1 | b0f51fe6927bb4975fc6eda7d8a631bf0c1ab597 |
| SHA256 | 0621de9161748f45d53052ed8a430962139d7f19074c7ffe7223ecb06b0b87db |
| SHA512 | fcfbadec9f73975301ab404db6b09d31457fac7ccad2fa5be348e1cad6800f87cb5b56de50880c55bbadb3c40423351a6b5c2d03f6a327d898e35f517b1c628c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\ml\messages.json
| MD5 | a342d579532474f5b77b2dfadc690eaa |
| SHA1 | ec5c287519ac7de608a8b155a2c91e5d6a21c23f |
| SHA256 | d974d4fda9c8ee85bdbb43634497b41007801fcaa579d0c4e5bc347063d25975 |
| SHA512 | 0be5c0243a3ce378afa14d033d4049e38f0c5a1e4d30d45edd784efbb95d445f6c4f29e4cc2e28134ea4b04ecee9632ee8682810d9dbe9d5dd186671a508eaa4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\mn\messages.json
| MD5 | 83e7a14b7fc60d4c66bf313c8a2bef0b |
| SHA1 | 1ccf1d79cded5d65439266db58480089cc110b18 |
| SHA256 | 613d8751f6cc9d3fa319f4b7ea8b2bd3bed37fd077482ca825929dd7c12a69a8 |
| SHA512 | 3742e24ffc4b5283e6ee496813c1bdc6835630d006e8647d427c3de8b8e7bf814201adf9a27bfab3abd130b6fec64ebb102ac0eb8dedfe7b63d82d3e1233305d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\mr\messages.json
| MD5 | 3b98c4ed8874a160c3789fead5553cfa |
| SHA1 | 5550d0ec548335293d962aaa96b6443dd8abb9f6 |
| SHA256 | adeb082a9c754dfd5a9d47340a3ddcc19bf9c7efa6e629a2f1796305f1c9a66f |
| SHA512 | 5139b6c6df9459c7b5cdc08a98348891499408cd75b46519ba3ac29e99aaafcc5911a1dee6c3a57e3413dbd0fae72d7cbc676027248dce6364377982b5ce4151 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\ms\messages.json
| MD5 | dda32b1db8a11b1f48fb0169e999da91 |
| SHA1 | 9902fbe38ac5dff4b56ff01d621d30bb58c32d55 |
| SHA256 | 0135a4da8e41564af36f711b05ed0c9146e6192812b8120a5eb4cc3e6b108c36 |
| SHA512 | a88798f264b1c9f8d08e2222ccd1cb21b07f4ef79a9cdccdab42e5741ff4cbeb463caa707afac5bf14cc03ddbf54f55102b67266c0ba75d84b59c101ad95c626 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\my\messages.json
| MD5 | 342335a22f1886b8bc92008597326b24 |
| SHA1 | 2cb04f892e430dcd7705c02bf0a8619354515513 |
| SHA256 | 243befbd6b67a21433dcc97dc1a728896d3a070dc20055eb04d644e1bb955fe7 |
| SHA512 | cd344d060e30242e5a4705547e807ce3ce2231ee983bb9a8ad22b3e7598a7ec87399094b04a80245ad51d039370f09d74fe54c0b0738583884a73f0c7e888ad8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\pl\messages.json
| MD5 | b8d55e4e3b9619784aeca61ba15c9c0f |
| SHA1 | b4a9c9885fbeb78635957296fddd12579fefa033 |
| SHA256 | e00ff20437599a5c184ca0c79546cb6500171a95e5f24b9b5535e89a89d3ec3d |
| SHA512 | 266589116eee223056391c65808255edae10eb6dc5c26655d96f8178a41e283b06360ab8e08ac3857d172023c4f616ef073d0bea770a3b3dd3ee74f5ffb2296b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\pt_BR\messages.json
| MD5 | 608551f7026e6ba8c0cf85d9ac11f8e3 |
| SHA1 | 87b017b2d4da17e322af6384f82b57b807628617 |
| SHA256 | a73eea087164620fa2260d3910d3fbe302ed85f454edb1493a4f287d42fc882f |
| SHA512 | 82f52f8591db3c0469cc16d7cbfdbf9116f6d5b5d2ad02a3d8fa39ce1378c64c0ea80ab8509519027f71a89eb8bbf38a8702d9ad26c8e6e0f499bf7da18bf747 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\pt_PT\messages.json
| MD5 | 0963f2f3641a62a78b02825f6fa3941c |
| SHA1 | 7e6972beab3d18e49857079a24fb9336bc4d2d48 |
| SHA256 | e93b8e7fb86d2f7dfae57416bb1fb6ee0eea25629b972a5922940f0023c85f90 |
| SHA512 | 22dd42d967124da5a2209dd05fb6ad3f5d0d2687ea956a22ba1e31c56ec09deb53f0711cd5b24d672405358502e9d1c502659bb36ced66caf83923b021ca0286 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\ro\messages.json
| MD5 | bed8332ab788098d276b448ec2b33351 |
| SHA1 | 6084124a2b32f386967da980cbe79dd86742859e |
| SHA256 | 085787999d78fadff9600c9dc5e3ff4fb4eb9be06d6bb19df2eef8c284be7b20 |
| SHA512 | 22596584d10707cc1c8179ed3abe46ef2c314cf9c3d0685921475944b8855aab660590f8fa1cfdce7976b4bb3bd9abbbf053f61f1249a325fd0094e1c95692ed |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\ru\messages.json
| MD5 | 51d34fe303d0c90ee409a2397fca437d |
| SHA1 | b4b9a7b19c62d0aa95d1f10640a5fba628ccca12 |
| SHA256 | be733625acd03158103d62bc0eef272ca3f265ac30c87a6a03467481a177dae3 |
| SHA512 | e8670ded44dc6ee30e5f41c8b2040cf8a463cd9a60fc31fa70eb1d4c9ac1a3558369792b5b86fa761a21f5266d5a35e5c2c39297f367daa84159585c19ec492a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\si\messages.json
| MD5 | b8a4fd612534a171a9a03c1984bb4bdd |
| SHA1 | f513f7300827fe352e8ecb5bd4bb1729f3a0e22a |
| SHA256 | 54241ebe651a8344235cc47afd274c080abaebc8c3a25afb95d8373b6a5670a2 |
| SHA512 | c03e35bfde546aeb3245024ef721e7e606327581efe9eaf8c5b11989d9033bdb58437041a5cb6d567baa05466b6aaf054c47f976fd940eeedf69fdf80d79095b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\sk\messages.json
| MD5 | 8e55817bf7a87052f11fe554a61c52d5 |
| SHA1 | 9abdc0725fe27967f6f6be0df5d6c46e2957f455 |
| SHA256 | 903060ec9e76040b46deb47bbb041d0b28a6816cb9b892d7342fc7dc6782f87c |
| SHA512 | eff9ec7e72b272dde5f29123653bc056a4bc2c3c662ae3c448f8cb6a4d1865a0679b7e74c1b3189f3e262109ed6bc8f8d2bde14aefc8e87e0f785ae4837d01c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\sl\messages.json
| MD5 | bfaefeff32813df91c56b71b79ec2af4 |
| SHA1 | f8eda2b632610972b581724d6b2f9782ac37377b |
| SHA256 | aab9cf9098294a46dc0f2fa468afff7ca7c323a1a0efa70c9db1e3a4da05d1d4 |
| SHA512 | 971f2bbf5e9c84de3d31e5f2a4d1a00d891a2504f8af6d3f75fc19056bfd059a270c4c9836af35258aba586a1888133fb22b484f260c1cbc2d1d17bc3b4451aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\sr\messages.json
| MD5 | 7f5f8933d2d078618496c67526a2b066 |
| SHA1 | b7050e3efa4d39548577cf47cb119fa0e246b7a4 |
| SHA256 | 4e8b69e864f57cddd4dc4e4faf2c28d496874d06016bc22e8d39e0cb69552769 |
| SHA512 | 0fbab56629368eef87deef2977ca51831beb7deae98e02504e564218425c751853c4fdeaa40f51ecfe75c633128b56ae105a6eb308fd5b4a2e983013197f5dba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\sv\messages.json
| MD5 | 90d8fb448ce9c0b9ba3d07fb8de6d7ee |
| SHA1 | d8688cac0245fd7b886d0deb51394f5df8ae7e84 |
| SHA256 | 64b1e422b346ab77c5d1c77142685b3ff7661d498767d104b0c24cb36d0eb859 |
| SHA512 | 6d58f49ee3ef0d3186ea036b868b2203fe936ce30dc8e246c32e90b58d9b18c624825419346b62af8f7d61767dbe9721957280aa3c524d3a5dfb1a3a76c00742 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\sw\messages.json
| MD5 | d0579209686889e079d87c23817eddd5 |
| SHA1 | c4f99e66a5891973315d7f2bc9c1daa524cb30dc |
| SHA256 | 0d20680b74af10ef8c754fcde259124a438dce3848305b0caf994d98e787d263 |
| SHA512 | d59911f91ed6c8ff78fd158389b4d326daf4c031b940c399569fe210f6985e23897e7f404b7014fc7b0acec086c01cc5f76354f7e5d3a1e0dedef788c23c2978 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\ta\messages.json
| MD5 | dcc0d1725aeaeaaf1690ef8053529601 |
| SHA1 | bb9d31859469760ac93e84b70b57909dcc02ea65 |
| SHA256 | 6282bf9df12ad453858b0b531c8999d5fd6251eb855234546a1b30858462231a |
| SHA512 | 6243982d764026d342b3c47c706d822bb2b0caffa51f0591d8c878f981eef2a7fc68b76d012630b1c1eb394af90eb782e2b49329eb6538dd5608a7f0791fdcf5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\te\messages.json
| MD5 | 385e65ef723f1c4018eee6e4e56bc03f |
| SHA1 | 0cea195638a403fd99baef88a360bd746c21df42 |
| SHA256 | 026c164bae27dbb36a564888a796aa3f188aad9e0c37176d48910395cf772cea |
| SHA512 | e55167cb5638e04df3543d57c8027b86b9483bfcafa8e7c148eded66454aebf554b4c1cf3c33e93ec63d73e43800d6a6e7b9b1a1b0798b6bdb2f699d3989b052 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\th\messages.json
| MD5 | 64077e3d186e585a8bea86ff415aa19d |
| SHA1 | 73a861ac810dabb4ce63ad052e6e1834f8ca0e65 |
| SHA256 | d147631b2334a25b8aa4519e4a30fb3a1a85b6a0396bc688c68dc124ec387d58 |
| SHA512 | 56dd389eb9dd335a6214e206b3bf5d63562584394d1de1928b67d369e548477004146e6cb2ad19d291cb06564676e2b2ac078162356f6bc9278b04d29825ef0c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extensions\Temp\scoped_dir3736_765268739\CRX_INSTALL\_locales\tr\messages.json
| MD5 | 76b59aaacc7b469792694cf3855d3f4c |
| SHA1 | 7c04a2c1c808fa57057a4cceee66855251a3c231 |
| SHA256 | b9066a162bee00fd50dc48c71b32b69dffa362a01f84b45698b017a624f46824 |
| SHA512 | 2e507ca6874de8028dc769f3d9dfd9e5494c268432ba41b51568d56f7426f8a5f2e5b111ddd04259eb8d9a036bb4e3333863a8fc65aab793bcef39edfe41403b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d03516ce785ba4395716a7c9d5550867 |
| SHA1 | fee7c3d7b70d9e5c764be369e00afb128f9bb950 |
| SHA256 | 2a421d7768539f29bd4cc738ebd199a440bc2e1dac33b77566c620e678b77079 |
| SHA512 | 0c23c38f3cc4c334bebfa587f311fddc25f360378c732b5ef3c2a04d776dc62889efce3c4ec190ba912520a1614183335ab76991804d26ff54f296f0f9103def |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 908379ea1921dcb13e85d5aa4de90696 |
| SHA1 | 05ced02286b34b57f2936d8414c72c36671f9a32 |
| SHA256 | 010f59e28268a99f3a1e5141f1893de7053945c3b98f871ef0d8408e4349355c |
| SHA512 | 5481846ad5f214f678181ec2b684724b78ad17d3c9a2b4c544c463a9646f737eb49bb901d12ccd58f9d3b67f93994deab5e01881a5d51b2cdf32301e5aba58b2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c60ac88fe97a946cadd1148489756118 |
| SHA1 | f156726bd9132f865ca0bcb0f9762253347358e0 |
| SHA256 | c6a57d836faffd079a626fd4fdc3ba3781c2851952142cc19009807afa16411b |
| SHA512 | 9f070ff000f3a19398df875cd0c7b2acd5d52deca2965ddfc6c79a10a4039d197026d625c28aab582a1cbbb1b4cba0280b82e699fb07cbe3f5bda62cd058ee04 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7cd118a0fe9fbd9890243ebb195ae279 |
| SHA1 | ba2cd10c26da49a8e2b38a63c5b28ee3c86af548 |
| SHA256 | 3766f1f41e067b30ead077edcbd52a2ca0a692952f30211ae501a03f2dcbe3f6 |
| SHA512 | e0414bc36fdd9956ae12fc30bbd1e2ece6689834dac0eb2f5dbe315bc2d81b3cea0cc45ea5d482fb0fc5f1ef5dc41ca5ad0f0467fc2f2f75f5f989c3b00f1cc4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f37c7005670330cece91e576b95b4524 |
| SHA1 | cbbd1ab342552e2e1e1505033091914a1d2dd647 |
| SHA256 | c906157d70da8e227c24a7a4718c84fa218cdf64bb79a6145e76a71b7fcfc75a |
| SHA512 | 69dac10969731e4b98ef9b8d1ce05f8a6b3af723a733aba258d0967ac4c23313360d2b7e0a095dbbe4ea9cffc3f8eef6c7aa4f7217ab6a189cd6c22cf3dd081d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 59ffa048185ae2c76c9d71e4a01f0ab5 |
| SHA1 | 9b9be70949a41216bcc4086d74baafa2abe76f71 |
| SHA256 | 2fa76b6cff28539fb20dd4f8c31e4dc41144efbffa374171c405fb8bf7acbf6e |
| SHA512 | 673c41a8686714b2fcc3ba93a72e679954b01467788e542cca3df01e1cd2923f1aa0806a64c160beb3862883772d97e9f71a3b3bb7d835fb82c1316f7281c7ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | bfb74de0e7a9bbfa77846947795d5a60 |
| SHA1 | 3ad05f558694b2cac76447741734975ee96581ca |
| SHA256 | 3f4547d3f9266ac4fcdb976e4b797d43f12dfe01649affa18ecf9f30c32cec35 |
| SHA512 | 243bd16a4c49c98f3c4d4d5effb7fb53fc7628077538436cce92d9d5402032d385ed28cc09a311f2fecb6c1265dde21c7d69cbfd3459c8675425c0603700ab34 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
| MD5 | 72f840b0d2a4b4f4aeb26351f11292fe |
| SHA1 | 877532cf00ec5e2d2bacb123a652929a841a3685 |
| SHA256 | 84d1de837028a4c2dff38cf206ffa25534d315a30096926cc012f7c502e319f1 |
| SHA512 | f65e84ea243de49c7b984418f4d7c7421df462e561b2a8478dd09bca485abec64b378f29ad9b1c06f49cb61d0d30585f0b6a09048701cfd1169d531fa36e4118 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5b6e87d3ab22ad0ed33f32f937f78a68 |
| SHA1 | c9841993964d14100170608a0cbf9d5850c89b91 |
| SHA256 | f3b6c6e6022676de56f6a83c01c7ba74c143866bdd8e709b7ad17f84de8fa8f0 |
| SHA512 | b83850ee9098dcf41a068991a453db611bbb4c58de0e100851373844216846130b3e5d16b8022a6acc0507c18ca7c866d72b28b54940f4104b813eda5b91ee11 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | b1d325d0130fa710d61d64977c94688b |
| SHA1 | e0859c5d1df13c47331804da2c70071bdd348ff8 |
| SHA256 | c970bf08cd877f85c92a04e2b39664aba11afcf99ef07683da843372be3a7a9c |
| SHA512 | 14e8387edf597ff03ffcc9a5ab490a04f4beaec334d8517ff4e1e7e164f710c761601bff813a911e03f005d8fb46987c13394368fdcc8e16893f57cb53a6b1b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5805f6.TMP
| MD5 | a51c23a2a84fb06cdcaefe5f5932a060 |
| SHA1 | da4e8d725f1160cb777c24b3366f946e5b38c8cb |
| SHA256 | 635dba771443afa973599f18b0e17c6e08fc9545c63fdf1773890c01854f9942 |
| SHA512 | 0b10c7bea17517435b6624c3bccb3c831bd79163a8e88d7e3164484d9d29cfbbdd6c8c09691c66a902ede6904d3509cce0c96411df06bbaba99245a52f03a272 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 629a52faa403f0c6e1d39aad1f0ce438 |
| SHA1 | fe757dee7163d8241358dd8262c793ec2ad496dd |
| SHA256 | 3a428b9f35fd334264a154cd7214d3343a0726d64a542e636518c6d72defa980 |
| SHA512 | d3e2a22a4b2d1b515aab71c64faad897b335374d4c90cf5d04ba6ed2b0c78152136cd5603921f5a22f9f1feb7781dee9f80ed4964d74de0ebb439c0ec33298d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ae12c74ed0611e77235e88cfeb61df4f |
| SHA1 | 4863e3eb5383bcc74cbb0211dfcd5933bc7695c3 |
| SHA256 | 02639842326e8471e481f88a62da89e89c7cc007e9397a082c0274351a5a3392 |
| SHA512 | 377b8c579667cc39d36fc3a88e3af5435ce4731042c47e5cafa94fd2e21c36dfe6801765adcb74dbc415bf5226099c134040481409d639dcaca34efc894fad2c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 170d0fb0798a0ae4b571cc34c8441dd2 |
| SHA1 | 16250255fced8f4c8c1d18cd13783cb24d0306e1 |
| SHA256 | f088f1017f851727c119855296783486745536629382deb442ef535c12a2f244 |
| SHA512 | 48a6a43e0c5c102f0a4cc2d2339240309ae0b966c36d603d75889bef047671245ec758d183c8f0fce0e41186f7c877c4babe52155118d47b32dd3d7a6f774ab4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | eb84eee4d349120383197290a21809db |
| SHA1 | 2672a60148a2232fa949f79371e73ad8835edfbf |
| SHA256 | ea3188db568968efa16973833bf7a787b9adf504d941fe719ad80a00f1cdc156 |
| SHA512 | b83cdbc8eca1f31a31fa4620e0f6d73d0f1fb0eb57b82cdbbe936452109175c14f06e1b674ab248ff4fd8c3503deb316a2ca5b9fc5c05b56425bc62f229633a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 9f56147d1a049b48f2927034f2ad5636 |
| SHA1 | 179ff9cc6b7a39038cd95ab4f70433d8e03a14e6 |
| SHA256 | f034398d943074b5dd18986ecaeeaf280b79d472f6dc1b6d5a9550416a8f280e |
| SHA512 | b9d47a7c77f78ce633e12b8d4b5390d6cf62d37825e7f39efab1bd01f811efc69cea57f80fa63531f0905960a9885169e4d1c138a3ca83f2da5ff1fea059bf05 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 6eb988edbf7ecd26a9ae37ffed50ee13 |
| SHA1 | 6b765da2b57ab8b407e27b9ff2e350de0e830500 |
| SHA256 | 3ba7bec05c317358951cfabeb1434c0ad127fd62e8058c150bb7adb046572319 |
| SHA512 | accbada241a4d8ce189087bef07fb71f3a33c576aa742e1da963ab485a88475e8716a7b27e171922bc53a64c64d11f1ebd2d9b7ad12f51ef413734d7cfe93f1f |
C:\Users\Admin\Downloads\RobloxPlayerLauncher.exe
| MD5 | 623cd7b48f9b5f0bfd233ebb930cff82 |
| SHA1 | ec32d6a43eac16209aafae6cb3912c398e9b80c0 |
| SHA256 | e87df0e979ba5facdc9f7893bddb968ec0e1ae44c709a887982d31687e2389d0 |
| SHA512 | 107cd6ef0de342b4fc10c3ab509a2bef3b4945da7d1108c36c64bd2f38eb540a8885068477fe9a97755d2c5f6e5d5e0f01b8e4bf1846a65285f1471fce604ca3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\INetCache\IE\G1ORIWBN\BatchIncrement[1].json
| MD5 | bedbf7d7d69748886e9b48f45c75fbbe |
| SHA1 | aa0789d89bfbd44ca1bffe83851af95b6afb012c |
| SHA256 | b4a55cfd050f4a62b1c4831ca0ab6ffadde1fe1c3f583917eade12f8c6726f61 |
| SHA512 | 7dde268af9a2c678be8ec818ea4f12619ecc010cba39b4998d833602b42de505d36371393f33709c2eca788bc8c93634a4fd6bec29452098dbb2317f4c8847f6 |
C:\Program Files (x86)\Roblox\Versions\RobloxStudioLauncherBeta.exe
| MD5 | 3bf891bf24d2216d1f799334d88a14ec |
| SHA1 | 0962cdfcac41c498ea9469df19c4f6e069be04af |
| SHA256 | bea0ba994ac766b5956695f0520fb9dfb2c6a73f4e9fff349d29efd39163bf94 |
| SHA512 | 7d6ba4776c4916729018cf3c486095e9f57d2e1b2954a576efb00931f1d8e3fa989e9a7e3a05a36bcd1bea5a30112abf5999e1ed0e90045ab64b9af6d2f2c48c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4b9d5d32fb01e371b5a614b731f839a0 |
| SHA1 | 32f41add10ed280faa2a57f206628c0480f13701 |
| SHA256 | fce74d874e160bc415829377e703d4e040287c51032cad9b6c7aa4a9aabc9359 |
| SHA512 | 84fd736872784de5eb43a36915144065ff7fb29a765d7a8226b9bd3e7b5c1e2a28155063c531e6a0cdde741d96560c7ab9eaf70fd868d4a809088d395cebbdd4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8978015940b17e9f2b74514bc760d000 |
| SHA1 | 86bc212e2f36bba7d06b3a0b6b4a4c91a77d232e |
| SHA256 | 2d50057dd063354b43b781a326e0dff7048b9373b55a568189da83490410670f |
| SHA512 | 75f153f32c07aa9eee35d698cd337fb0be0883f3fccd67b1ff55d4c615a9da8696ff6e7ca44c4e5f1edbb4eecf5cc24f56d7b7afcb4019089def12a2cb7f2695 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 4807079dfc9969652a130551a8f5c0c2 |
| SHA1 | e213ac53327f391979dd5de36c6d27e8e784cb0a |
| SHA256 | fdbf910c9ab39eea36480042d61f90bcd18b5c0a0a7710eefb4d0d3300be6da8 |
| SHA512 | aed120a677c7e4ea561b5fc95b44f0d17c098170909bd0b14ca83ba665d146e61be2079fed3927aa7b7c48e906c7f39337ea6a72ddd8527d80836b69ea68b6ad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | edd1715599ffeb54816b276c8122afe3 |
| SHA1 | 5ac289fa26c0ec6f8585aa427f52fc5dec3a1deb |
| SHA256 | 1632bf88c8cf3195d3dc9446168ed6a4764dd607baacb91d3fe2d7c9e514bf38 |
| SHA512 | 2b173eb4f6ee51b97cc05c75b1ab912d9129be735a8c6b272dd50df268dc4a483afd6c61a1b49ca816415b4b0715b7d537530e856f01fd1bd5c5fa623110a643 |