snakebot | hxxp://mediafire[.]com/file/tzl6lfis7rjamb7/UHQ+Combo's[.]txt/file

Analysis

max time kernel
2701s
max time network
2702s
platform
windows10-2004_x64
resource
win10v2004-20230621-en
resource tags

arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system
submitted
04-07-2023 06:07

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

http://mediafire.com/file/tzl6lfis7rjamb7/UHQ+Combo's.txt/file

Score

10^/10

snakebot discovery persistence snakebot

Malware Config

Signatures

SnakeBOT
SnakeBOT is a heavily obfuscated .NET downloader.
snakebot

Contains SnakeBOT related strings 1 IoCs

snakebot

resource	yara_rule
behavioral1/files/0x00060000000232b1-286.dat	snakebot_strings

Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Scanning
T1046

Loads dropped DLL 20 IoCs

pid	Process
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe

Adds Run key to start application 2 TTPs 3 IoCs

persistence

Registry Run Keys / Startup Folder

T1060

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000\Software\Microsoft\Windows\CurrentVersion\Run	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000\Software\Microsoft\Windows\CurrentVersion\Run	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000\Software\Microsoft\Windows\CurrentVersion\Run	chrome.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102

Enumerates system info in registry 2 TTPs 9 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133329244752717733"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 57 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings	OpenWith.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4	OxygenX-0.8.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Version = "1"	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0"	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16"	OxygenX-0.8.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell	OxygenX-0.8.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 = 14002e803accbfb42cdb4c42b0297fe99a87c6410000	OxygenX-0.8.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell	OxygenX-0.8.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	OxygenX-0.8.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257"	OxygenX-0.8.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}"	OxygenX-0.8.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3	OxygenX-0.8.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4"	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16"	OxygenX-0.8.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2177513644-1903222820-241662473-1000\{C544B489-F72A-4221-8E91-5843B39A891F}	chrome.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\NodeSlot = "4"	OxygenX-0.8.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1"	OxygenX-0.8.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff	OxygenX-0.8.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000	OxygenX-0.8.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\	OxygenX-0.8.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0000000001000000ffffffff	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1"	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1"	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4"	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\NodeSlot = "3"	OxygenX-0.8.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\	OxygenX-0.8.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202	OxygenX-0.8.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Downloads"	OxygenX-0.8.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}	OxygenX-0.8.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings	OxygenX-0.8.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257"	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14"	OxygenX-0.8.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295"	OxygenX-0.8.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff	OxygenX-0.8.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell	OxygenX-0.8.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}"	OxygenX-0.8.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags	OxygenX-0.8.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}"	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0"	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1"	OxygenX-0.8.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU	OxygenX-0.8.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 0100000000000000ffffffff	OxygenX-0.8.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\MRUListEx = ffffffff	OxygenX-0.8.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\SniffedFolderType = "Generic"	OxygenX-0.8.exe
Key created	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg	OxygenX-0.8.exe
Set value (data)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1"	OxygenX-0.8.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2177513644-1903222820-241662473-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295"	OxygenX-0.8.exe

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
2672	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 8 IoCs

pid	Process
220	chrome.exe
220	chrome.exe
6044	chrome.exe
6044	chrome.exe
3216	chrome.exe
3216	chrome.exe
4504	chrome.exe
4504	chrome.exe

Suspicious behavior: GetForegroundWindowSpam 1 IoCs

pid	Process
1896	OxygenX-0.8.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 33 IoCs

pid	Process
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
4504	chrome.exe
4504	chrome.exe
4504	chrome.exe
4504	chrome.exe
4504	chrome.exe
4504	chrome.exe
4504	chrome.exe
4504	chrome.exe
4504	chrome.exe
4504	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	220	chrome.exe
Token: SeCreatePagefilePrivilege	220	chrome.exe
Token: SeShutdownPrivilege	6044	chrome.exe
Token: SeCreatePagefilePrivilege	6044	chrome.exe
Token: SeShutdownPrivilege	6044	chrome.exe
Token: SeCreatePagefilePrivilege	6044	chrome.exe
Token: SeShutdownPrivilege	6044	chrome.exe
Token: SeCreatePagefilePrivilege	6044	chrome.exe
Token: SeShutdownPrivilege	6044	chrome.exe
Token: SeCreatePagefilePrivilege	6044	chrome.exe
Token: SeShutdownPrivilege	6044	chrome.exe
Token: SeCreatePagefilePrivilege	6044	chrome.exe
Token: SeShutdownPrivilege	6044	chrome.exe
Token: SeCreatePagefilePrivilege	6044	chrome.exe
Token: SeShutdownPrivilege	6044	chrome.exe
Token: SeCreatePagefilePrivilege	6044	chrome.exe
Token: SeShutdownPrivilege	6044	chrome.exe
Token: SeCreatePagefilePrivilege	6044	chrome.exe
Token: SeShutdownPrivilege	6044	chrome.exe
Token: SeCreatePagefilePrivilege	6044	chrome.exe
Token: SeShutdownPrivilege	6044	chrome.exe
Token: SeCreatePagefilePrivilege	6044	chrome.exe
Token: SeShutdownPrivilege	6044	chrome.exe
Token: SeCreatePagefilePrivilege	6044	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
220	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe
6044	chrome.exe

Suspicious use of SetWindowsHookEx 18 IoCs

pid	Process
1772	OpenWith.exe
1772	OpenWith.exe
1772	OpenWith.exe
1772	OpenWith.exe
1772	OpenWith.exe
1772	OpenWith.exe
1772	OpenWith.exe
1772	OpenWith.exe
1772	OpenWith.exe
1772	OpenWith.exe
1772	OpenWith.exe
1772	OpenWith.exe
1772	OpenWith.exe
1772	OpenWith.exe
1772	OpenWith.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe
1896	OxygenX-0.8.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 220 wrote to memory of 4644	220	chrome.exe	85
PID 220 wrote to memory of 4644	220	chrome.exe	85
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 1292	220	chrome.exe	86
PID 220 wrote to memory of 3708	220	chrome.exe	87
PID 220 wrote to memory of 3708	220	chrome.exe	87
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88
PID 220 wrote to memory of 4624	220	chrome.exe	88

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" "--simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT'" http://mediafire.com/file/tzl6lfis7rjamb7/UHQ+Combo's.txt/file
1⤵
- Adds Run key to start application
- Enumerates system info in registry
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:220
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffad7069758,0x7ffad7069768,0x7ffad7069778
  2⤵
  PID:4644
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1820 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:2
  2⤵
  PID:1292
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:8
  2⤵
  PID:3708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2180 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:8
  2⤵
  PID:4624
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3096 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3064 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:4824
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4476 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=5088 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:5084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3260 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:4416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5332 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:4760
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5312 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:4932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5644 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:5076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5828 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:4284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=6100 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:4756
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=6352 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:2316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6984 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:5008
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6968 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:2036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=7288 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:1732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7420 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:8
  2⤵
  PID:3888
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=7480 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:5016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=7672 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:4996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=7640 --field-trial-handle=1880,i,1333670454627283074,3395754351302440526,131072 /prefetch:1
  2⤵
  PID:5188
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\UHQ Combos.txt
  2⤵
  PID:5284

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:700

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Adds Run key to start application
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Modifies registry class
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:6044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffad7069758,0x7ffad7069768,0x7ffad7069778
  2⤵
  PID:3648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1632 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:2
  2⤵
  PID:5548
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2108 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:8
  2⤵
  PID:5088
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2028 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:8
  2⤵
  PID:5024
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3084 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:1
  2⤵
  PID:5028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3116 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:1
  2⤵
  PID:4852
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4564 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:8
  2⤵
  PID:2564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4556 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:1
  2⤵
  PID:1372
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4876 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:8
  2⤵
  PID:1968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5020 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:8
  2⤵
  PID:5340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5048 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:8
  2⤵
  PID:5876
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5372 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:8
  2⤵
  PID:3536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5536 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:8
  2⤵
  PID:112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2216 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:1
  2⤵
  PID:5460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=856 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:1
  2⤵
  PID:5928
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3352 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:1
  2⤵
  PID:2564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1780 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:8
  2⤵
  PID:5376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5728 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:8
  2⤵
  PID:3528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=5140 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3368 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:3216
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1484 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:8
  2⤵
  PID:4872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4472 --field-trial-handle=1816,i,8880952319056424468,4406383317481671447,131072 /prefetch:8
  2⤵
  PID:1332

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:5768

C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
1⤵
PID:4912

C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
1⤵
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:1772
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\config.cfg
  2⤵
  - Opens file in notepad (likely ransom note)
  PID:2672

C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
"C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe" -jar "C:\Users\Admin\Desktop\MCChecker.jar"
1⤵
PID:4468

C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe
"C:\Program Files\Java\jre1.8.0_66\bin\javaw.exe" -jar "C:\Users\Admin\Desktop\MCChecker.jar"
1⤵
PID:884

C:\Users\Admin\Desktop\OxygenX-0.8.exe
"C:\Users\Admin\Desktop\OxygenX-0.8.exe"
1⤵
PID:5932
- C:\Users\Admin\Desktop\OxygenX-0.8.exe
  "C:\Users\Admin\Desktop\OxygenX-0.8.exe"
  2⤵
  - Loads dropped DLL
  - Modifies registry class
  - Suspicious behavior: GetForegroundWindowSpam
  - Suspicious use of SetWindowsHookEx
  PID:1896
- - C:\Windows\system32\cmd.exe
    C:\Windows\system32\cmd.exe /c cls
    3⤵
    PID:5520

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Adds Run key to start application
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
PID:4504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffad7069758,0x7ffad7069768,0x7ffad7069778
  2⤵
  PID:2200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:2
  2⤵
  PID:6072
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2176 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:8
  2⤵
  PID:5192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2272 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:8
  2⤵
  PID:5188
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3100 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:1
  2⤵
  PID:5488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3128 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:1
  2⤵
  PID:5724
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4472 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:8
  2⤵
  PID:3692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4704 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:1
  2⤵
  PID:2400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4828 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:8
  2⤵
  PID:2348
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5012 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:8
  2⤵
  PID:2272
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5176 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:8
  2⤵
  PID:1520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5244 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:1
  2⤵
  PID:3828
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3100 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:1
  2⤵
  PID:5208
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5172 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:1
  2⤵
  PID:4940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3096 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:1
  2⤵
  PID:4056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3332 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:1
  2⤵
  PID:184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5940 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:8
  2⤵
  - Modifies registry class
  PID:2708
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5904 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:8
  2⤵
  PID:5460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6412 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:8
  2⤵
  PID:4016
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=6548 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:1
  2⤵
  PID:2004
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1852 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:8
  2⤵
  PID:5484
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=2 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=2576 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:1
  2⤵
  PID:5848
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6708 --field-trial-handle=1932,i,11266744447947577122,12997488739660695250,131072 /prefetch:8
  2⤵
  PID:5576

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1512

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x500 0x444
1⤵
PID:5620

Network

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

T1060

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Web Service

T1102

Credential Access

Discovery

Network Service Scanning

T1046

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
f1278f5043c789e2dd6f66835899cfcb

SHA1
51dd897a3ef0091fde6203c54b5d307e9e3a6b5f

SHA256
140721e907f52f3c0249e6fde96b50f97967877fbdf610f8617ddd83d1825e6f

SHA512
e5d112fd9e7e5cf351861aeee7ed2378150a632abac725161be014d582e2d94997740d5e176aaeccf3e4b48cd7d3940cac30c9a44c7981ab82d9897ede2dc722

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
f1278f5043c789e2dd6f66835899cfcb

SHA1
51dd897a3ef0091fde6203c54b5d307e9e3a6b5f

SHA256
140721e907f52f3c0249e6fde96b50f97967877fbdf610f8617ddd83d1825e6f

SHA512
e5d112fd9e7e5cf351861aeee7ed2378150a632abac725161be014d582e2d94997740d5e176aaeccf3e4b48cd7d3940cac30c9a44c7981ab82d9897ede2dc722

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
a08f3fcf4dbe2926f3f40fc68805f55f

SHA1
dbfb0a0f1e8df1817f6cde3644866b30db2d59f9

SHA256
ab0c1a5fe9d266d71dbd5d11d58788a88a1ebb553a816c895e4a145a9b88ea81

SHA512
f777855a745b1a3b4e2594f8411b04c49056a4b89b9315ec81f184c4e7024fc0c77684a7143bdf783b5f962f738afbe9fdd9c8dbdcdec232f86ebee37c8e881e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
988f56c2d37ff788650d65054b410ac0

SHA1
d7634915519a6953734d785d683d658730142c18

SHA256
d2755cbc71cfd54c136ebfab5b9d52f0cd0fe6034daba168da96980ebf886b76

SHA512
faf2e80edc186ce975ec1aafdc44d247cceaabaee6b642f6a4cd5477fd6db1d421a9acc7e26913ed2e5e5d6bf2568c73a5522d3ef22e3c45e790ef933d56635f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
e2e52f68cd6ac6a2f71b1b5afedbdeba

SHA1
05e01036cccb25e5d2555dfa34b7c01eadeaa292

SHA256
358bbb947a008f08aa4d4fd3dd4ed3efa2181071719324a4c9d0bf52ffd5cbf7

SHA512
024d6947863ddee96b2d0715137bb06101019076c246eccfea8e2ee63ba440e9ead3f4729e174a8fb182811ed45dcbe5485cdaea0ba17a2f56299ac330ca7bd7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
119357c04f93a6f9f5e8a266768c6e23

SHA1
8a2f54763226955846ae1e55f893cfd6f9ea8b64

SHA256
ac2c7e0c93df70a94b5521c462fa19dca4eabceb52f8a1fc2308aa14939fd4fe

SHA512
dc1c4a836791c625535e07c0fd7341b18b06bc083f07aac21be3e8d7ffedae05bf5074ae8d69fab9c13f84107a6d4195d5b93025aa0afad6ee181e4473c4eb50

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
47KB

MD5
4a6a4d9d8de97c9bd23e59dea83f36db

SHA1
06212f352a467dff986b1306e43a6db871566597

SHA256
1206dd1e1562cf3252a0f8b3e025eb8e6661e4f93b4d40143faae25348fb275b

SHA512
240dc32c631bfff6d69e5b7968e2617be7541c9cedfe66a99e6cbb633c97c193fc4df33cd4a4fe7d5ac7422e99f7b9703fdae78c8aa3dadba5da9af2bd6c8763

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
77KB

MD5
57054ccba30c2dedde9b6139f72bf37e

SHA1
04d436872be1c702db70b33b56b97b9daa17ec48

SHA256
c4808b176fc686e19da8d088b99f9e607ea2a9040f736397343f8b35e0fc6511

SHA512
615341c2a5eb20bb491996b5a16685a1b11294c3db87d49a33f8a2162a94bc9bd1d529e8d57a8c28232a1154b2cce4b044b089954795a2855621693c2e5c9523

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
75KB

MD5
d69475326a6c6723afa8202e08b9cbca

SHA1
1d943cb898579bfcfd590124ab3d8f356eec6107

SHA256
3686769729a7e8809eefa7cd6dad066486fddbb7721a488ad761b139495bbadd

SHA512
9db8ee19e84eabe7cd76d53ebd5a3fe6524c06a2f346d396e8f679b86eb5187c06445d936f1d3990431f9d566727894b8ba867f65a809435014872e39b67f4c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
25KB

MD5
b4d7c7a6795cc250c816f5ac32c3b71b

SHA1
28f150d36e52f5cc8e5b73477cd68f8dfffd9fb0

SHA256
bc1d37541e8233cc5789b7086296161370790b94fc9f8a8b86491b6abe8976c4

SHA512
b1d5f01068baaa9cd6133eedf02ce80a217376d3bb5cf187f8690647c56685122bfd8a8773494bd595966d7cb657903aec8ca03a8c9442fb628e612e144b1dbb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
21KB

MD5
660c3b546f2a131de50b69b91f26c636

SHA1
70f80e7f10e1dd9180efe191ce92d28296ec9035

SHA256
fd91362b7111a0dcc85ef6bd9bc776881c7428f8631d5a32725711dce678bff9

SHA512
6be1e881fbb4a112440883aecb232c1afc28d0f247276ef3285b17b925ea0a5d3bac8eac6db906fc6ac64a4192dd740f5743ba62ba36d8204ff3e8669b123db2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
52KB

MD5
c3b00e2296686e73e66e326adefeeb85

SHA1
f259c63e38e32e300e234eb416ddeaf3377e1e6f

SHA256
5cd4e94979263b37fa333b3d48272eceb02402e327d2fccc490f05f8dfd0a018

SHA512
9691a808cc394f496edd695d274e0da1594e7d485f8804fad390dfe8e4220c8f9676deda32310b49deae589ad84601bc049ab14b341524b67f26ae1aa002ea02

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
124KB

MD5
e05e463127394d0b92f392adf8d89576

SHA1
576540911c8e31bcfc0bc5981622abef7bdc3cb1

SHA256
163abc76856e9426f3cfe006d5698018795298bea5d5ee775d730997806f3180

SHA512
dc8ac065bc875d4e4750efe5deb331e9a19fe2b8503bcde4f43b81366e8417a5c1253872f61db8cf9c91105d24455fe46c10f3df81982f39006745236909af81

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

Filesize
76KB

MD5
cc5b32799f0340c6fa380ab08e4e74f8

SHA1
77ea620ae3f6f91badb516456226755dc9d82956

SHA256
e470c474758cd1f5fb8ebda40556bc7c0166db384144f9d6e8ae35f230ab5a2b

SHA512
5b5c63e24481de01c30d272b9305226eb29a7922eda78102890ca5d4f17442525a1cf60e0f752e14b866d88842b40cdd8cfeccd0bc0fd8f1f371cf8e3d8b98f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

Filesize
75KB

MD5
c56ca30c790f376e339060c190d6819e

SHA1
f7e38ef3928a7a0de5ce357ff771cecffed05155

SHA256
c3c31122420b83786a6ccf912349ee9bbc5d258c2fa5ca45723a214ff59e88bf

SHA512
d2034ecc496cdacacf3accd5aa462e2f5a2ebf82813b207b0c4fa866ee459b4359240fb87174b63ae1a551165e6fdc893457a8407c9fd8b0c02d4338eefba8bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

Filesize
24KB

MD5
e8bed4c043fd4b0eca62efdefa4926d8

SHA1
ca3befd3b195545ae4ec7d82fb1082112cd5cdef

SHA256
dcabab3910ef463547b787ecf0a113aea60ec445a95d1409b8fcaefc81704f38

SHA512
b10e42bf5780a599b1778eb3cc52271a23cf91b0083cb3f3e9e68c37f715871cf96afbaf315e49d18460c27bc5793695cbd515f44901251dbdc8bf6c0fa94a97

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

Filesize
27KB

MD5
5b3f09ee34484f0db939fac73068bf0f

SHA1
4604ebac25431e4e13721f9b4a32b821e7dc010b

SHA256
dceeb0c6af63531e4f850156b3f93a7c7d3070d475729f633562a2d4931fe7cb

SHA512
77a1f7ebecc7fb2cccb5514a30258df616db702626af8fdb4c92985c5dbb7119b6deb59ef99e8804d1f85372636f63c76963aef99cfbee30daf4159ee9448c34

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
55KB

MD5
929475c9a6b2da5b7d8b548285ea2fd5

SHA1
f0d2ad090312afdf5d0394ed1d5add4dc1cb1493

SHA256
e6eb3b9131d2678cfd8696fbaafa122edfb9cecc8a3cc9376696e72531a058b3

SHA512
fe9bc1b56ee26214a38788bead688799555b133eb4cc260a06819ed5c8d1508b2d31959aadebf15e93b0e737b189b1ef389f134f7ce251b7b98ed62a44d6e0ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
36KB

MD5
c84ae5e276a02a0105b0ae8cf0dc0723

SHA1
912d093e37e78f57cc5449ff1ea9d2a50dd08b68

SHA256
c576f06b1b48aba8bf583507cc8f36bbeaabece5a45dc218a700610b53e3a390

SHA512
0dc8ce0fdd1ca74fec641550c037b6947b68771dc46ef59be9b84bbf5caeb8a05e053bcc27399d79a9478074cba18323f90c05ea3c11d2406b3d2b4c6f636df6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
36KB

MD5
35deaaf5ad991740f982d8078f21c9df

SHA1
5c67f7a044ae5cbc85ad0455e11df64bf186c439

SHA256
566b6b76a5fb5cc3a79d977027f1e5e75b9618ce1dbf2a28c5ef614ccd91de2e

SHA512
820b92b4d4eafb0d6b3bd724e2fff42d0542e17bd21dfbd278d71f950430784c9fc445f40aca901f4be13b1ef8450454323db2cf38283e3dbb1b24b6247ce994

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
36KB

MD5
de650443d5e73e7b9ef28b8a2c8f4a47

SHA1
f66595d7af8212cc1acb077bb54ff6a4bce4395d

SHA256
d0c648c686e62879282a88cadcfced98184528d06504d0c5cd437153d5e2b38a

SHA512
55a3967a8c936295cda523b7ab2c0bbc7919031351686ea1f0196c50d777d72864ab139c68a83081f65a455d87416968a162f033be812486c13db6f7ce1192de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

Filesize
38KB

MD5
2b7ec9fe5044c75348bc52964bf50b78

SHA1
039e784c53ba423877c5c845ffb044abbf4c110e

SHA256
71c9403962b1f930169325d2c812125a0088d2a695609486bb6f31185e84ff97

SHA512
92cb64599e198177093bda32e1c962fdccaa049d9875292b97c6b014d0d0afde750dcef27151751dda3f8639df41bed611bce7816c04d4e581b17b132d169016

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

Filesize
20KB

MD5
4f1934b4792140000aaa9baa45441c99

SHA1
a3d4e020899ab35d6c4c2f3d470b31770bb6b5d7

SHA256
420961f937bc6130f4810b39a1ad51fc7ec36bd6ae297bd2d943b766d39e2082

SHA512
5ff9f64fa8b58fdcdc823784608555d32759f38c575ce143fe0b5647d5305eff6b0d13449c3aeecb2d9384b6c9b2b7e792ba4e98d1b805a32a1026169b8f6bae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

Filesize
21KB

MD5
9ed6db35f49b7c6758e142b051bdbd06

SHA1
4b177eee5b7a417da02c84337375e3c835fd81be

SHA256
eb0e3db8eee4cd6692911566c04e17654f0281b7c7302017c03a904795da5540

SHA512
1e4661061d705c5d76f3138287d9350fcac4abeeb1b53beb199918ceb7173046037c760cefd3c5854bc48bc88211d7d313448a177bc7b593f452df1bfb80a291

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

Filesize
27KB

MD5
fabf824fda1c8b0e078b52a3940bcfcb

SHA1
2728040a2723a88d92a0bd57d6221d9f9d87ec5b

SHA256
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf

SHA512
e1a24f43968c89cf8654b33e1efa2da0fd3147bfdc5669a77c8615b1935c63cdc2838869a991f9ac25ec629581ebfb3624d3f9d2f77fadb24eca062ee560a903

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

Filesize
628KB

MD5
fc514721cdbfb943da3e2f0a83af8b9f

SHA1
c5de6f322ea73bfb2b19a718052e7f775257aa92

SHA256
1459a4c2d036e9bf1a897002f1e18a3b502c9661bacd06e616bd08d422058dd9

SHA512
ac187ed43d91ae14450749ede391650d8cde034726ae2e96be2fe9cdbe03ee60e958579e13e1d5fa5f9e304dfaa5aca0cd77c38ceca9e305adb668d0f97463b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

Filesize
27KB

MD5
fabf824fda1c8b0e078b52a3940bcfcb

SHA1
2728040a2723a88d92a0bd57d6221d9f9d87ec5b

SHA256
09390420931de1a5876504eb4ebc8af93bd0464e7837af05c971b8afd33f6dbf

SHA512
e1a24f43968c89cf8654b33e1efa2da0fd3147bfdc5669a77c8615b1935c63cdc2838869a991f9ac25ec629581ebfb3624d3f9d2f77fadb24eca062ee560a903

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

Filesize
19KB

MD5
b493b15ac6365707289149376c46be3b

SHA1
ff7f6ad6aba318eabb9f549fc65cd8ed1a666596

SHA256
1a8d5cd982c8f774f8d3e9024812353f1fdd9d5033e20c84bb57aedcd473b236

SHA512
2f6d4b434589697fc8104f5dd1e9f8e0bc5e881b6bee44e4ddf410a71e2a4f1372b60a01d2dd627aeaf961c916fd6074704199b1b8625e78a4c0e1b80d90d8ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

Filesize
18KB

MD5
53d646984c73e0e6bbd8e2cbfb7fa956

SHA1
566e23b608cdbf3214acf8ea12bba360b88e1b78

SHA256
31ba682a01ab317818f45a0f31dd3e0c3a3fa2dc14b4ba126ee142dec9a40e0d

SHA512
c642e55d71282802f85fd94a7131415f001404eddbd04b9e27f2ccce4bdce6b71a1219bfeec8ad5926d3fc1e4bd9fb8bb548b77fede98752d008e0b8edd4274a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032

Filesize
27KB

MD5
18feb2e9f4dc3ec84eea7d0ddb0070c5

SHA1
8e2935aac810b85a86c04478e452df3b418825cb

SHA256
c3dddd185c45e414d3bed595fbc08ea6d8ccb2b20197e3a087709d28ef6b01a2

SHA512
0aecf37fc07ebe36bc9d0b1aa00bd41396d2d0ce2fd78d51b78af31eff67835067879a00c6918fa0a65f409efe8c280e41e2d2dbceb2cbd4a63ac6f487c7a8a2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
d723e4fc86127219cb62240a4109d452

SHA1
cd551489b6229269feaec6859f1a00019a994a2a

SHA256
13b13abb08abc8f9ce704f16ea63a3672b4d256d96ab36127e7a7cd0b31e15a7

SHA512
9cf866bc2fff20fd873f4b3f5113bb1d3bd7caccbfcc5676cdbe92a1daec8cb4be5e9f8b8b95fe611c00104aa0c63ccccc99f7d44ed327573dd0de28b67daf57

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
f88dd5ead5f47b1747fbdb0e586834fd

SHA1
ab34a7c34c5b4aea6bbf0aa8f87886c8cdfe283e

SHA256
5963ea4675710d01bd91888b73c15e70a698d754f9a8dc72fefc74a4c4ec5df9

SHA512
97b256a383eee1d070eebfe3bd64c5d9d499b290876b8166a4224f5060ffb7edbe2f1a53600cb8e97360627b38b95628acf99363a0b0db72215556f3eeeb44dd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
032331a05955e119b3ec43375f657ad2

SHA1
f3c2f35f35808b286f42f5c2b7f05809e5521af5

SHA256
5ae4bb983fb7bddb85a96e1a3fa51c523066057fcedf68648814a8ebe1110827

SHA512
24bc40296a7ae9b96e69572ba9cec557fdb928ef831efa1e8eac3676363259a322607deea146844b24a27a17088808a5e0af0e10dee3b0248024b75e68b2622e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
2c03150d47d0220bebfc5ca86fc5437c

SHA1
0dbfd30e3ce58f025b3c6ec961a3f2e7e4def90b

SHA256
ceb8acde8eaf714e5b604c4148ab948cd4cdc2b8c39cbc9ed815b2f798442922

SHA512
d03831a3a7f9430e52edf6b38b3bc69e67cce7204cb34852b12e1127f372f96758316de9b0eb6bd317bd331f9f760d995419433ce0f8387ab2dd79f84c2c2468

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
3KB

MD5
d469d3d8546a4f5e6fc795e2ba2aa3fd

SHA1
fda52fb34620a8f3c359925057d16db1cb90549e

SHA256
089f9a6fbedd5104e905ed3b319897d54e8c5fe59eaedc5f4431826c87d11b2e

SHA512
ed12944f966601737b39ebe0f845f3d537776e9bb596d3751f3e814f6c6db303e216f97a33fe9ff20ca02f347f52118c3fafd0cf6af031dea3702d4a860349b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
160KB

MD5
c624e140eb9cca7f927a2f4034228bed

SHA1
9991d9245149b027f2afec01b9425434102207ff

SHA256
7e0db9713751dc68f4cd6fbf40c9bed2105e42beea2269df014ae2dc9f1c0c8a

SHA512
a107e8d2340c58dc577658cfe3f35e9731dc6326a1b881f010ce64cec32281bff6b359e9e6dc86501b8d4a387861345d0ba052ed9fa7a1752f996b4bbed251b4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_proxyscrape.com_0.indexeddb.leveldb\CURRENT

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_proxyscrape.com_0.indexeddb.leveldb\MANIFEST-000001

Filesize
23B

MD5
3fd11ff447c1ee23538dc4d9724427a3

SHA1
1335e6f71cc4e3cf7025233523b4760f8893e9c9

SHA256
720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

SHA512
10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

Filesize
32KB

MD5
2fa5b834f2d5e7871acd34096b985c04

SHA1
6ff5f78e7c714016fca5c352a952ef70e4580ed4

SHA256
ebd2624a8029000ac76d4b8f64bf445cb5df0b136be25b534f637b370a42aeaa

SHA512
3d1dc005f6d1cd95d80e67705f1a4b079f7f0fa7a93b73c69164ad5e9d000033e7d3a8b2dca271e8c736d62ab3adc87e2a435fde80dca3e7b5f3d3f8d37d7580

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
11KB

MD5
54ee3b9c4115e4273538e65934b7257f

SHA1
209d88b5df5efe14b78d269bf8cb7cce6c29b8db

SHA256
b4df035effca4089ff440ad470a23e4c4fb324306c8fb47bd9c34f82e3aa9f51

SHA512
a281dc6f9065099d19606e1f35772f910c656b1275e4d757f64bf92db60425134ba61d279d6b605692a2b7ce87e41105eeadef6b9d6e721b26c054b614f28bd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
d9f9f10509b21845b4250ec796592de5

SHA1
a5cbe6d23a87d7641c942d3707b8e752f284afda

SHA256
994b5428809dd7b7c9f5426c09753f58b57eb1d7a70acc48c69028541358ea43

SHA512
698bad8cae4cf2d499321ef02c5f9de4e01b3113fb34c3f74a13ff2f5d638eda5bbff4c0e402eff9484c215d9691e65a13caf788612dbfd2db5be8bd23dfff6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
d9f9f10509b21845b4250ec796592de5

SHA1
a5cbe6d23a87d7641c942d3707b8e752f284afda

SHA256
994b5428809dd7b7c9f5426c09753f58b57eb1d7a70acc48c69028541358ea43

SHA512
698bad8cae4cf2d499321ef02c5f9de4e01b3113fb34c3f74a13ff2f5d638eda5bbff4c0e402eff9484c215d9691e65a13caf788612dbfd2db5be8bd23dfff6d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
16KB

MD5
ac3e20d6b24077a95402d0f73514bae1

SHA1
fe0b63ba67cddd4995e6366f6904f66dd94f5ee2

SHA256
0205258afcd51b7e50f8031a4981912bf992d681f64f7cdb60d7e312ac8ea8fd

SHA512
66c36c49450ff0023ff0fe88df4c9233477aff35a275f33c440454f9eabd45447871b9db71d95f3b2c04dd93872022704d9d418cf9b8c3e3a7b9d6b543100a1f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

Filesize
36KB

MD5
4912d795925fe7ec7c83ccf4961b5faa

SHA1
d38ddb267714a858ebfb8035bb258c9699a768f8

SHA256
5364619c0b7e746e36d2d273ea8a57a59c629264321e329a05405e02a73cee8d

SHA512
b94cd7932a0ee7bc23899b4d526285126bd6a4f298e496f664c4476723db409861332b7b22dc918d72e908a147a01bde9764ce9c6f470ccd0d17665baa8fb54e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
6b841b3a5b94ae743fcd09227394bd7b

SHA1
7e46bd57f350f7ff8a1c160038be10fd29e4dc47

SHA256
32b2ecee30930bef6cf8a3206ecd1dbfc6cb9bc564bd276ce4b467e0e5435fbf

SHA512
0bc187cb0e94dc8d80de0a0df316d955ebb759a617e3f54a44e4633fff878e84c2747e8a3fba95e325315737900e040d14a64d7cdd736ecd002213cc270103bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
6b841b3a5b94ae743fcd09227394bd7b

SHA1
7e46bd57f350f7ff8a1c160038be10fd29e4dc47

SHA256
32b2ecee30930bef6cf8a3206ecd1dbfc6cb9bc564bd276ce4b467e0e5435fbf

SHA512
0bc187cb0e94dc8d80de0a0df316d955ebb759a617e3f54a44e4633fff878e84c2747e8a3fba95e325315737900e040d14a64d7cdd736ecd002213cc270103bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
c7612d842c0293c2c4a31bcec1e23001

SHA1
7528fe825bb6ce62524fcbfa839c7403cb6dec36

SHA256
eec34f67a5140e806f8baf0a32ce947e1ff79130caf97ee4ef201aa7d0e3a60e

SHA512
2f54abf7916816d39c7080e6a34ce4fd2540db00f3d8e62f5c0d59ea80ab3e02a14ce69801f7afd20bd22728bb33e206120b2e022f9aef1534f5b6b28b5a570f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
96e92e14e68724a07cc6e94bce3533b6

SHA1
82f5aea209db86eb46357c49993ebc3b5c30e027

SHA256
5b38c3f9e664f8577ac482827440413e015d5494140e29505a0b5b338cca8333

SHA512
d164ccee372f83f56b1cd9cad0e8963dea913d30fe3a862153aff376894680e78bea67744e3f0477b3994d92129e3153cc5addb1edf2a46f510dab5b747c8c1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
0de2b661bbc23b3747d4c79823f3f10e

SHA1
bdebf1b90dab1a09e1aae08d552692c8368d5d24

SHA256
0c2b7db186eaac28d5b800f0db6d388f4b793276d276fdb7ba44a943e303fcdf

SHA512
b6ed0cd9d768dad077344a0662e23fb18a2fcb8aae4a2523706e5c799e6f44fa724df9aa4623d0223e97e63c6a629ae8442d780c24ce5e54434f4655036be5a7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
854a0f42470179471f20c663839e2331

SHA1
a5e68fcc1b0abcf007346959b21ff1a4f9007e65

SHA256
c5dd94b28221784261d470f43384b2e1d5e2039dceed940d07003cc0924f0517

SHA512
6aa2d1ea813631b70a8f9626c594561455efd092c4200041e8caefe7b383ee7db80a0c51aa11a7c68046035a4c7c244820f35258cd57e410e315391ab8e33e8f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
ad4dec8e046e6409f06f10db3e400c38

SHA1
7793ec77bdab3e857049867eeb9e0565d27da6f1

SHA256
2e450408bc000f63f54ada36e6376e797738d019437ef85dd1bd707fc215caff

SHA512
5a587b07ea2c30308ff33246310d9a4b5980a29443b5df90fe0afde8773af33d4c9b3df656a72840245769bd2dcfda610bd2ced0f69463baac043f7184163140

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
ae23931cecd1a4c7836760edfc516a20

SHA1
449878ac0e2158eae3c9c39833efee7d644210c1

SHA256
3b0e52051a2cb393c4986322652f74b42a82adb9b2c84bf99cbd7ccfcd341c27

SHA512
1df9e309d7066629b9b1c7261ab7982ed593e1e6cc2593b3165859ee352b4fba39709c44d7e3a49e3a82932c3b2444661cd4f2fd1f824bcc09ac42fe39ef00bf

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
82f6aec51c96ddb624ef9e1ae1217915

SHA1
db6620522f8803bfd39cc7a7da3483d291e6a160

SHA256
f7dc7606a3a792c84b14ca3e793d16b50112be0186be422467ca5699487b8454

SHA512
a758619f552537b2030bc321ad469d38c7fb86e885fd67c1ddc9b1f2f8a8022908d4cb7538c3410f71993c7aa29fe25ebb3ad8914f0f73e8071a18ffe7399407

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
54676af34daa5a4a6b77563666ad55c7

SHA1
f362202ec618434241564f24c0b0dec86845de9c

SHA256
426a7351f1634edbdba9398168be5643aa9f6d8d99fa6975f80508bf9e318a19

SHA512
a379a89401b272d15f39685b0117c7a290c41d6d1aaccaf939ac8176a32a47b85cd51feb90b156f999badcf6667d0bb43cbe66900eeb35b79a5100e9b7103a8b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
357e9dc557fe70797529dcd03b0d3a16

SHA1
5ab514d1842b1cd6489daf2a8f518fb383d68399

SHA256
a579b69e95eea13453fd1275eeca1ecda241f120a9d3c657468bce39e3905116

SHA512
4f9758090879687750d366a1c0eb906fe503c15b78ce438a50bb043104c839ea1965c3b451c0bd66756679cd4655675ea67d47ca7dcf56acc17ffce8bab9eed8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
2719856ac4abcddbf8379cc588bce100

SHA1
affce70fc9f362aade75f77b44aaecdb0c3ec38c

SHA256
1acfafc996081a6fe716d7364ee07bb9fa71edf5c9b3f17654b6f923a58fed5d

SHA512
7883db033c8edb73e8379ffaedd93dbc29356b376205ab6ae917157942b2221f9826bf4c5d31fd8ae0f2580fb25c17fef396c8969926fd5f646d05cecc2e6283

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
dce63558be07d04b8b7a41661e303580

SHA1
0dbe7427ebb175f2bf0212d20692d4bcff41025a

SHA256
e6f91d30b24746ef1dfd273e4717dfe89c4e87ef94f2ccea5ca8136ad3a68c61

SHA512
593a0e7f9f18ee86f6fa57ac212979cd027e3c0b0f5bddf27c5da6014cab8b6b52d0d8788ec5605221732ad42efe5f53f294ffbc235e15356973308bc74d992a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
01c596c5e43fb02fcb2f9151eb920c7f

SHA1
97df0bcda7bcb0aa34af7c904ffd4b99c3dad506

SHA256
ef552041707889ffa00606cadbc40766182e55ba894edf05305829870de378b9

SHA512
d845de0623eede22e7def533df8e663c4d8a593e9c7998b2b6726cfb5ca12ca0603abba20cbcc3dd90ea60b07fd739c3c64a46c31c3080a10b9991daa4faf78e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
9b1daa48978b4a1f5dfb977ca6362fd6

SHA1
4045fac862a5cf725713b8622aee4415e3707f98

SHA256
93078ae0be479532eef64e3d16ee21de5e1cd390d703d0329f9d3782f16119df

SHA512
ee24fb801fdc8062cade587b252b1c709f6564c2ceb319a0eed0241639e4b86aa93a5b4fd04c638d826b9bd28b4bb34a70497a7f50cb52e7708d57afb0f4d2d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
b1174dcdfaa2cac9a783bfe5348946ee

SHA1
520f8ce8b42ced9fb28faf0d389b7ab3583b75ab

SHA256
60562d466403806daf0b2608ea174de18dcfcc2eb922ead4e31f093325f138b9

SHA512
6ccfc9f9baba1188940bcfec0b0aeff7a0da9ad8dab37f76f71500775e19ac8230595d93521e5eab2fed08712eb1909a708ac8a5a8414a85f13e937dcd49a0d3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e8e18147cd8a6b7aa437311ab413ca9f

SHA1
55ac1e9b343981c2487c1e2c96b8ffbae9ec4f35

SHA256
0c4d69956395da50f19b25e5e678a88c9ed59ba79f22dd3aa46fc653fb651225

SHA512
037ee41e2106cb2d3b4cf8166b4c58347ec2f8a48b111631685263d27b75a22d8b0a621f6b919c24714e0f05ae50048931576b34a7cb00f96deb5f9ff122166f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
e8e18147cd8a6b7aa437311ab413ca9f

SHA1
55ac1e9b343981c2487c1e2c96b8ffbae9ec4f35

SHA256
0c4d69956395da50f19b25e5e678a88c9ed59ba79f22dd3aa46fc653fb651225

SHA512
037ee41e2106cb2d3b4cf8166b4c58347ec2f8a48b111631685263d27b75a22d8b0a621f6b919c24714e0f05ae50048931576b34a7cb00f96deb5f9ff122166f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
013a3b755a13beb223e0bdb30be81772

SHA1
189b04302303884a9f60574217f28e6972f304fc

SHA256
c3ed6460399ed9b62df9b1c08390ced47d1efb0e3dcc22f2a8597c7269244918

SHA512
08106499815150aeab978515928f560a6cb12067715c1a7cb417eb44083423e54efec3beb109b17ff7ce1ab82d52c261b199c164ee7101ee4e98656fc2a51142

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
1f6120934aa56e4f174955fe9c273bb0

SHA1
82f20251a5eb086e7d28d014a1e0f06ea00ef06a

SHA256
a8e2c590d26488f5b87477cd0faed5a55ddf46cff1d6a817fabf057b69e364b5

SHA512
b08460cb62a0c1b9ba320976322f5fd908707a704c03c2adf38d2926020e7130662c39c81b572dec5a1eeb1ccdcbffd3ed6eb32dee7f209a9ad34285931ca5ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
768c125cb935800516074200be515b2b

SHA1
cc782dfd340917acf15e1c70346e8f17fa906bc5

SHA256
595e33806bcf68ce57d2a3bfe8f303ea067f0ec426ef635fbee747516100cee8

SHA512
48187cbf5c0bfe4afa3374c4438843449114114420087972610ae8f2af2f20e3b2695bbfe786c53e64ae90d3cca0b8f5a5cb206629fc63b5c88bec80555f54a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
1f7ebb3eafa94a17e128db433b623102

SHA1
ab0e468c86b98834e402710937ea6044f1462519

SHA256
5305ab2bddf0c86a3715c24ff656df14f1b56b282372c9d7d92f37b46b302b89

SHA512
dc708280ded9eeb5e7116efcbe72f1657baec7ca4e2838bdbef2dfafe0f66c06bb10fa3a7786831816509411905cfb297c3c023a6e2cbb52cfc4a76c5ff4ea0d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
a9caa7d1fffb21112c0906e9c5a58e14

SHA1
ea484481ce4316c4b643a61e8008208a69b4cef8

SHA256
a2bb65b8ad9a55fd53a9f1e2c1f6309d14209c3cb98044710244edc6a7a83dcd

SHA512
9541647303a95ada08c8e7d3793510ca20aadf8f7c59419cfa34aa01ee39fd601171fd0b65e6caccdf207ab63c32578dc52ecc4a499aed8d50d58232eccd26f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
a32005b8d25fd1fcd726d27322574a8e

SHA1
179e880acbcb72c3a247028b070000f925b0e1b4

SHA256
07391b34820468c96b38c2ac0fe002932cc9c2156c743b7228d768d69891c6b9

SHA512
1b9e625e878a82c8ead8cfec71924e2d8e6ad6bca86e59476620c34ba401f52f11324210192ab4fc24894477294043ffa908a451af40f6b1ce68964342d9ddbd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
acaff6f1c6c0226b84c6a8972564bd8b

SHA1
e2d766b56b29eba6c3da065a9603963f716c5f44

SHA256
5ff5996234e65817ce695324beaee2d019317d7abbd97e946bfa32c4f1b70171

SHA512
f6133f253317279e1e3c90cd575dcd16a22534d11294bd5ab6406db66506d3567654335d16b645e4fc12d858f24191d4c594beb178fbc7461311c15673bb400a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
a87cb95228614a260b9ad50ad9d2211b

SHA1
7fa07f21f1bb794924a80552ccb734570e70a7a8

SHA256
1fa1971c74cdf4740601bd512ae942fdc45dc46eabe6d7c06950fcf68da41845

SHA512
c4fcf056e7e2ac213b077885a790fde386d4801f630937a201f31148836dd5b63f8daa8c2eaa7cf87f9a877bba04d3bfcd1d0aa8063a8f0ef112802701140e16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
120B

MD5
74548296628f565313378bf52f9f2429

SHA1
b511c725733ac336331deb26c2d16a0479c98315

SHA256
ffe0bcb341e1f7e97d882b1ea57fd7cc9ad069588792b88da2c56a0df2cc2a84

SHA512
9e01f058e19f302f29bdfb68ea7a07925ddf9cdc72d56dc06d65ef41f91252418476f42bdccb9319be3e5164e8f8df80da42201f5822ce25df40f8b2c0e1be7b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58894f.TMP

Filesize
120B

MD5
2e9423eb42d0c97e36aefeb3de6c220f

SHA1
ec5017533ee0cbfd3f9b9822f1c678f225e20cc0

SHA256
1511328b21a2d5fb09fbf9207caaaa5cd420e58fdd594ea41528dc82c5b481b4

SHA512
9030f085c277d08441d95b52a19c748c95fbd68dbe0b43ec59e9ae0e25f9360a100c34b9f3b95071d007fa37e330996f88135273115f15746b1b868d2d9a8299

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
345B

MD5
fe4d92e17bd3cd3ea5e35b532142a68d

SHA1
e3866eb470083aa10e725d029599f8f9cb55658c

SHA256
5e7a3d912722c589dc9a056d5c92df912b8164ff3488474a84711a5f3953c57f

SHA512
d96273d20431112d2d2cb0369e58d7a76d9f4309223595bf7f6c5f20e5540c03af2919259829199ebfd616705d822f48ec6ffb5ca76022edfb8c7495de12a6bc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
324B

MD5
014126aaf38f92180c4264acdb171513

SHA1
5f77fee376fa854b3bc0117be12a505f8aba6c7c

SHA256
554737dcaed7de88f9f4c18ea54c8525a5eff031a17bdc988182bcce94760692

SHA512
ed263112d2b4ef40cf0c3b983c1c80f28e283041073f2b1d161c12f0874f08adec51c5c80606e9a1344f8faef4ee4f8189891462653c5be890136968cc39a5fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
ff283377fac8a123f8f1b57721ee28f3

SHA1
addade196036edb9d190385d7357f8620f9d333a

SHA256
cc2600a2a9d0108a4276e52f3da46f3c37a8000cf3f5013c349861d58911a01c

SHA512
17ad9d9d55874cf9955005450818ec15af15f5c0eab2aa4cfe799fa564ab73f4232deac991a125e0fcd44c5e01d04565b3fb7a5f68ae065abe1f0090d1b8d10e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\a4e5beaf-6b54-4d2d-a679-344e6d47fd39.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
437b06a942179e60c6710542b43a1c85

SHA1
7a7d041de25aedf594c34b501ae5b1ba545d9462

SHA256
7d6730e3ea1154394dec9c847c4a8a2789fefdf7503094a0576274d9ba2fddb5

SHA512
335d9bc4964b5a8e513fb9d1ddee456c86037229b8925bd30b836dfbff5bfba647d8b03bf2ec32f245d64635fd0f1cf05fef62131f51617d88598f3c3c00ebfd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
fbcd09931dbe3493b0f4de9e9ffa7f10

SHA1
5a1c509326b34f66c35fe7cc252eaca86c2a29d2

SHA256
298c1d5fc116aedd66e02006862635d1211e718de23b3067b7e48cc0a32864b8

SHA512
e8890ae80c3e3b7b10f626ee10b4b22132c8f5f628ecce39b1b3679c323d07934a9ace5a666463aaf62e2595d47a39ef1b36f5cb40ac4baa9b9c13c4b42ae007

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
b970b614d918a9ab36c0a1d54fc13f85

SHA1
e12646ca50e0758a9a21815ad5e0abf173adac06

SHA256
dd8a510b417ac6928991a67ff8070d62d0515bf52b9076164c55267572d0aa4d

SHA512
60e5f3b7122e3a8d06f52b509e084f6281a81a1b07c2f355d44f4fdc04d7d2d701698ee03e54372e922f92dff5394b074683071c06aa052a13c3b8556ba5d41c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
cf47c0a5d13737d939f82fa0d4ef3a2e

SHA1
c986fd4c6df808e32b631252538a56dc12274078

SHA256
2e44e52316390082ef878f36152c2c2c1124de1e9b093380a62b251c37c53157

SHA512
b85f55fc25fbaf2930f792566a8cd5d7e6befc817f9ae5595dcc6228eb1cafab413b0b03dbb7ef05fd0d92110c0bcbf6e246d8252aa0a6e056f8ac536afef886

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
172KB

MD5
b970b614d918a9ab36c0a1d54fc13f85

SHA1
e12646ca50e0758a9a21815ad5e0abf173adac06

SHA256
dd8a510b417ac6928991a67ff8070d62d0515bf52b9076164c55267572d0aa4d

SHA512
60e5f3b7122e3a8d06f52b509e084f6281a81a1b07c2f355d44f4fdc04d7d2d701698ee03e54372e922f92dff5394b074683071c06aa052a13c3b8556ba5d41c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
e168e543145f8e3b99e829e6ab9b5c78

SHA1
cc4a915ddc641809f803565dc4eabe506d1c4da1

SHA256
0a0d7e15eb8542fe32c9ed06aa3485d37e9acb8ba63d6f08e37079e8fb6d7483

SHA512
e4e9251ae7cbd328ff829dd938d19da016cbbe72c41682952aa671641b7787c4059d494186d2aaeb34545229c4fb3c0292f5a8b3fb8db7182552d85d9fff0038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
87KB

MD5
cb57019cad8e40a4d211263f08cb7329

SHA1
5b39d91235b3ab4e10c7a04a84ef349be017473f

SHA256
1d08013e78b5ecaa743dda2688c36b1c57d0f610105a9ef06d67413e2d99758f

SHA512
2e65d17233ff1219ee638fd81a941d04cc7b8ae8cf6a642d5d329b44b193f244dfd470df59474dfd1e37ca6fcb832de9ee3cc6470cd2b7d626a89313e91302a8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
106KB

MD5
af4314bfc2be31b705a9c7cdf6c17541

SHA1
cfef58e0ea70291df5b3221e5ecfa1d56ec9990e

SHA256
27c61337c07b1e07951b095e80cfbdd635194531af7bce70076fe7d97079e991

SHA512
73f4c812765700e62837925d9bb8607876c7b6ce8fa75c1e8012e42589d7109e17d36dcd56bcf1ad5df91dd950b5812799aa180e0d6893374d1c8518351c3263

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
109KB

MD5
856c5c8895d3f3fc226b7a9194067fce

SHA1
bd502e83941718898905e72ec2bb698831fc91cc

SHA256
3703a3a1d82c44416f6dcde01972ca0faf2c82461a2f170c76d26dbbd10f65e1

SHA512
5e01acc610894cc680c951c2f770ae939647c205a988981c860dfe999f5fc503bf29ffaa375571a412351802c0df2e5d68efd58ec9c21dbecab9fa6e54c3888a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe591294.TMP

Filesize
97KB

MD5
d6dc0855259e05a1c8e7d3a970b20554

SHA1
ea93b70def342b16cadca2088485887716559554

SHA256
19962976be15450605ba94158bec386eb500000c03d6ccb43d57ef6c1802dfea

SHA512
db083798f1a9f90b92c9e60d2f2d53a4392ebca40dc9b0350607c8726cd3b26437588dd932031bdc8599dda1d3c2b314c7223004079e879f91fe3f8a375729db

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\Desktop\results\[04-07-2023 06-12-00]\Bad.txt

Filesize
4KB

MD5
840b21f875dedd904c7a55bc8a3b6924

SHA1
af916d2cc42598d0aad13c14a4c1b4f7d9ba3956

SHA256
cc4c341de21081c64b0dbab811ec5cc5ecf4b86682b5d2d6f838b2aad8657105

SHA512
48b444a9090a71d8e70ee5ae7a4d1840ad654a9533950404d12c06ccf7b921eaccaf3e9c198c0ab3bac27dc600409589114f07a460f791a7b2e3b51e2a540bf2

Download Submit
C:\Users\Admin\Downloads\MCCheckerr.zip.crdownload

Filesize
1.2MB

MD5
cc8d65933c057900c04b62898681c784

SHA1
6c7d8b786502d8a6e8f1fd0b2c1f63182567f6f6

SHA256
48e3fb8f516458440f074d1238ba7a9e572c2a326479617285c203cc925bfe34

SHA512
7ed4e486468219891d33f9a261a7200b95e99c4a3857e79264d36c5ab2f25c1f907fabd01cbca9da9b2e91ae956827c776e0cacfde076cf860de9be76a98fce2

Download Submit
C:\Users\Admin\Downloads\OxygenX-v0.8-for-windows.zip

Filesize
11.2MB

MD5
0d638828bbfbe544a832e4fea68ab492

SHA1
d909a44479a84ae4e019cd19de929915c6fd73f5

SHA256
fae0ad410e0a2a4e8bdedcb9d1b0e1ebb36771077940648d6bc6e8aa1c98ba2d

SHA512
1e22f749d9ed925db7860a86ee6648981378fafdabe0c71cfc51b9d20a091fd13385441f42b57fa4ff85bf2e526be11842d328820426d13aa5ba23faf0e5f734

Download Submit
C:\Users\Admin\Downloads\UHQ Combos.txt

Filesize
16.4MB

MD5
740dff899eb542e622c8be06c00ac7ea

SHA1
17bf37534362756b4c30bcb0a516db9f75694c4e

SHA256
24a1bbdb800a18cd74fc2fe81c898b1bd0952bde2c2f2eb8975b08150c8941ec

SHA512
b8959a38145106c30dfd4d5324db2fff215b2064a4bbc936aa652b6ffe06e1816a96a892b7ef803cb132a7aac536b27ac8cc1a7892f7f0401497c507c9deae3b

Download Submit
memory/884-909-0x0000000001280000-0x0000000001281000-memory.dmp

Filesize
4KB

Download
memory/4468-896-0x0000000002A60000-0x0000000002A61000-memory.dmp

Filesize
4KB

Download