hxxps://github[.]com/x8BitRain/BonziRogue

Analysis

max time kernel
62s
max time network
226s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
02/09/2023, 13:44

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://github.com/x8BitRain/BonziRogue

Score

8^/10

Malware Config

Signatures

Downloads MZ/PE file

Executes dropped EXE 2 IoCs

pid	Process
2308	BonziKill.exe
1148	BonziBuddy_original.exe

Loads dropped DLL 5 IoCs

pid	Process
2308	BonziKill.exe
2308	BonziKill.exe
2308	BonziKill.exe
2308	BonziKill.exe
2308	BonziKill.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs

Web Service
T1102
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Opens file in notepad (likely ransom note) 1 IoCs

ransomware

pid	Process
1616	NOTEPAD.EXE

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2180	chrome.exe
2180	chrome.exe
2872	chrome.exe
2872	chrome.exe

Suspicious use of AdjustPrivilegeToken 58 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2180	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe
Token: SeShutdownPrivilege	2872	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
1148	BonziBuddy_original.exe
1148	BonziBuddy_original.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
2180	chrome.exe
1148	BonziBuddy_original.exe
1148	BonziBuddy_original.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe
2872	chrome.exe

Suspicious use of SetWindowsHookEx 1 IoCs

pid	Process
1148	BonziBuddy_original.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2180 wrote to memory of 2436	2180	chrome.exe	28
PID 2180 wrote to memory of 2436	2180	chrome.exe	28
PID 2180 wrote to memory of 2436	2180	chrome.exe	28
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 2720	2180	chrome.exe	30
PID 2180 wrote to memory of 1988	2180	chrome.exe	31
PID 2180 wrote to memory of 1988	2180	chrome.exe	31
PID 2180 wrote to memory of 1988	2180	chrome.exe	31
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32
PID 2180 wrote to memory of 2732	2180	chrome.exe	32

Uses Task Scheduler COM API 1 TTPs
The Task Scheduler COM API can be used to schedule applications to run on boot or at set times.
persistence

Query Registry
T1012
Uses Volume Shadow Copy WMI provider
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware
Uses Volume Shadow Copy service COM API
The Volume Shadow Copy service is used to manage backups/snapshots.
ransomware

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/x8BitRain/BonziRogue
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2180
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6919758,0x7fef6919768,0x7fef6919778
  2⤵
  PID:2436
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1140 --field-trial-handle=1160,i,10472196413392047991,6562615397914943037,131072 /prefetch:2
  2⤵
  PID:2720
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1516 --field-trial-handle=1160,i,10472196413392047991,6562615397914943037,131072 /prefetch:8
  2⤵
  PID:1988
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1592 --field-trial-handle=1160,i,10472196413392047991,6562615397914943037,131072 /prefetch:8
  2⤵
  PID:2732
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=1588 --field-trial-handle=1160,i,10472196413392047991,6562615397914943037,131072 /prefetch:1
  2⤵
  PID:2516
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2288 --field-trial-handle=1160,i,10472196413392047991,6562615397914943037,131072 /prefetch:1
  2⤵
  PID:2544
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3228 --field-trial-handle=1160,i,10472196413392047991,6562615397914943037,131072 /prefetch:2
  2⤵
  PID:1316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2556 --field-trial-handle=1160,i,10472196413392047991,6562615397914943037,131072 /prefetch:2
  2⤵
  PID:2300
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3256 --field-trial-handle=1160,i,10472196413392047991,6562615397914943037,131072 /prefetch:8
  2⤵
  PID:2904
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3768 --field-trial-handle=1160,i,10472196413392047991,6562615397914943037,131072 /prefetch:8
  2⤵
  PID:2688
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3996 --field-trial-handle=1160,i,10472196413392047991,6562615397914943037,131072 /prefetch:8
  2⤵
  PID:2184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3960 --field-trial-handle=1160,i,10472196413392047991,6562615397914943037,131072 /prefetch:8
  2⤵
  PID:568
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3760 --field-trial-handle=1160,i,10472196413392047991,6562615397914943037,131072 /prefetch:8
  2⤵
  PID:1616
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3364 --field-trial-handle=1160,i,10472196413392047991,6562615397914943037,131072 /prefetch:8
  2⤵
  PID:1196

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2224

C:\Users\Admin\Downloads\BonziKill.exe
"C:\Users\Admin\Downloads\BonziKill.exe"
1⤵
- Executes dropped EXE
- Loads dropped DLL
PID:2308
- C:\bonzi\BonziBuddy_original.exe
  "C:\bonzi\BonziBuddy_original.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious use of FindShellTrayWindow
  - Suspicious use of SendNotifyMessage
  - Suspicious use of SetWindowsHookEx
  PID:1148

C:\Program Files (x86)\Windows Media Player\wmplayer.exe
"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:1
1⤵
PID:2864
- C:\Program Files (x86)\Windows Media Player\setup_wm.exe
  "C:\Program Files (x86)\Windows Media Player\setup_wm.exe" /RunOnce:"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:1
  2⤵
  PID:2848

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:2872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6919758,0x7fef6919768,0x7fef6919778
  2⤵
  PID:2076
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1184 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:2
  2⤵
  PID:2304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1516 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:8
  2⤵
  PID:3044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1596 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:8
  2⤵
  PID:2932
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2080 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:1
  2⤵
  PID:1576
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2072 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:1
  2⤵
  PID:2296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1184 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:2
  2⤵
  PID:1160
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2396 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:1
  2⤵
  PID:968
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3468 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:8
  2⤵
  PID:2936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3584 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:8
  2⤵
  PID:1948
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3876 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:8
  2⤵
  PID:1404
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3976 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:1
  2⤵
  PID:2056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2560 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:1
  2⤵
  PID:2800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2072 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:1
  2⤵
  PID:1044
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2068 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:8
  2⤵
  PID:2804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3828 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:8
  2⤵
  PID:1872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=892 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:1
  2⤵
  PID:3064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3872 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:1
  2⤵
  PID:1556
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4044 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:8
  2⤵
  PID:1108
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4172 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:8
  2⤵
  PID:872
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4236 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:1
  2⤵
  PID:2196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=576 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:1
  2⤵
  PID:1032
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4208 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:1
  2⤵
  PID:304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4052 --field-trial-handle=1204,i,2755080989041138050,3589138386805864247,131072 /prefetch:8
  2⤵
  PID:2196

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:1716

C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\BonziKill\" -spe -an -ai#7zMap23945:80:7zEvent29486
1⤵
PID:2196

C:\Users\Admin\Downloads\BonziKill\BonziKill.exe
"C:\Users\Admin\Downloads\BonziKill\BonziKill.exe"
1⤵
PID:2224
- C:\bonzi\BonziBuddy_original.exe
  "C:\bonzi\BonziBuddy_original.exe"
  2⤵
  PID:2780

C:\Windows\system32\rundll32.exe
"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\Downloads\Bonzi.acs
1⤵
PID:1436
- C:\Windows\system32\NOTEPAD.EXE
  "C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Bonzi.acs
  2⤵
  - Opens file in notepad (likely ransom note)
  PID:1616

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
PID:2200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6919758,0x7fef6919768,0x7fef6919778
  2⤵
  PID:1192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1180 --field-trial-handle=1252,i,16590739589571130468,2094202568919621382,131072 /prefetch:2
  2⤵
  PID:2364
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1508 --field-trial-handle=1252,i,16590739589571130468,2094202568919621382,131072 /prefetch:8
  2⤵
  PID:2940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1600 --field-trial-handle=1252,i,16590739589571130468,2094202568919621382,131072 /prefetch:8
  2⤵
  PID:2536
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2248 --field-trial-handle=1252,i,16590739589571130468,2094202568919621382,131072 /prefetch:1
  2⤵
  PID:472
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2260 --field-trial-handle=1252,i,16590739589571130468,2094202568919621382,131072 /prefetch:1
  2⤵
  PID:1200
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=2528 --field-trial-handle=1252,i,16590739589571130468,2094202568919621382,131072 /prefetch:2
  2⤵
  PID:2996
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1480 --field-trial-handle=1252,i,16590739589571130468,2094202568919621382,131072 /prefetch:1
  2⤵
  PID:1564
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3420 --field-trial-handle=1252,i,16590739589571130468,2094202568919621382,131072 /prefetch:8
  2⤵
  PID:640
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3408 --field-trial-handle=1252,i,16590739589571130468,2094202568919621382,131072 /prefetch:8
  2⤵
  PID:1060
- C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
  "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
  2⤵
  PID:2932
- - C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
    "C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x13f487688,0x13f487698,0x13f4876a8
    3⤵
    PID:2056
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4004 --field-trial-handle=1252,i,16590739589571130468,2094202568919621382,131072 /prefetch:8
  2⤵
  PID:2784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --enable-chrome-cart --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3856 --field-trial-handle=1252,i,16590739589571130468,2094202568919621382,131072 /prefetch:1
  2⤵
  PID:2356

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:2704

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

Filesize
344B

MD5
7646750c8d898babaefb80cc9268fff5

SHA1
7a9531500c0e31555f4ad3ea3c5a3a2523e9517d

SHA256
88aca572af5b669c8bdab0a168455cf0af9dee746ed4f7f0d5677a6ff7288e40

SHA512
2d84a8b78a9c519bd83a18edf934bee4acd23a7c7ce103233c6c7f3017091e4dd06f6bb611fb6339278e424dbbe045685d817646f6d5179a0fc9cbda348f7b2a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\0f2125c1-1876-48ff-9101-f81fadb011f6.tmp

Filesize
97KB

MD5
3edb0c216ba06d13ecd91d0bd7b3609c

SHA1
a0ae0a43bdad6293843d82100cc6e573b9c0664d

SHA256
d2139f43adf691489ce394b43f4eb6f612d96c2e87d17178e51adef5ac31eb7e

SHA512
eb68bfacf2652456da17331c2973720e3ea31dd1a271e942c80e4672f22fd350c06aef4420c012c4eb7b974a4087f8275129ac0f614b1b8514b2e078796ff6fb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\196c19dd-060b-4d86-bf62-5582ddd79086.tmp

Filesize
190KB

MD5
b3d543dc38cca1e46a63c6eb874f59cc

SHA1
26030790ff97400dea159a9c70255efa6113d2a5

SHA256
5f0acf2981fc7094bd701bdd226192d5e6de7e3f18d4c673649cc9d054285110

SHA512
c330c4a5b53b8cb6865c5825b25f3743b45033bde25a016bc158f8b18f1a104449168df562849b840f7f6c183d81be880bdb81e1397f0ac8843fc5419eca1a05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\6abbe37d-a0c9-4baf-99da-00aa4331c403.tmp

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\71e8260b-ae37-4428-a952-83a89d9dd457.tmp

Filesize
97KB

MD5
bf3b21c32262296161dd0d5b1ee57ce4

SHA1
264635e64457fa5415c36262890e438954049813

SHA256
2e034cfc82ec0f2365189272dae0f493b064e6e1606d8f3f6da8149f42004598

SHA512
9a74cbeac387877cb55aaa787e5b204989a4679161325ddf94f149de049d252c9560b82b470907ac9e4bf669dd52fd96855a6b95ac0ee6773dbe797339b6a0be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
4977ee92a9962d176583e46ddaf1b835

SHA1
279476bffa0298e641fcb57183ab9d6810026a2c

SHA256
7409375ac9c5e32b1d27fba7d6f93ee7dcaaa7848e1b96de944b97bff42b4497

SHA512
8b93f2a41250504b791fc379e524952c7013479404fb02dc7f065443e48aa40079ea3215c0b1ddb8dcab55d902ed97be378694cbbb5911df0d6776973c1dfd61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
4977ee92a9962d176583e46ddaf1b835

SHA1
279476bffa0298e641fcb57183ab9d6810026a2c

SHA256
7409375ac9c5e32b1d27fba7d6f93ee7dcaaa7848e1b96de944b97bff42b4497

SHA512
8b93f2a41250504b791fc379e524952c7013479404fb02dc7f065443e48aa40079ea3215c0b1ddb8dcab55d902ed97be378694cbbb5911df0d6776973c1dfd61

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
542d932e2fa42a1dfc0a075feb6f578d

SHA1
094758f4768bffab2c00091fbd8fe195a7f80d69

SHA256
1b4f643000306d355f5bb5007192f6ec5bcabac2216137695aff01e83bbd9e3b

SHA512
6c796cc89268e826a5ebfc89e71292cf19d381c9bd6396d8703a2a0ef47da07614ac39783424eb33f24b3facf5e8f2a2dc8fe9942ee714c2430f23b0225c92f5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
1KB

MD5
f281d600bf4391c04afc9720f9c43995

SHA1
5d6f81b2417c623046fb798b9d6f29a588017ab3

SHA256
2c994bf5c0e69596d53fe48dd480b6c71289e310902e15ae9c4c0c1dc406964d

SHA512
ddfd9f869ce3bccbb88476f8b7f2f3a031030a55535e68b16f2138ea2d44da4c98b83ff7b0c052eb650b9f6aa3c9a7be0af3467281676956210558a33d7f2148

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000011.dbtmp

Filesize
16B

MD5
6de46ed1e4e3a2ca9cf0c6d2c5bb98ca

SHA1
e45e85d3d91d58698f749c321a822bcccd2e5df7

SHA256
a197cc479c3bc03ef7b8d2b228f02a9bfc8c7cc6343719c5e26bebc0ca4ecf06

SHA512
710620a671c13935820ed0f3f78269f6975c05cf5f00542ebc855498ae9f12278da85feef14774206753771a4c876ae11946f341bb6c4d72ebcd99d7cff20dcd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

Filesize
20KB

MD5
463e147a3136e842fb8b002128372919

SHA1
a8db2667b0d4bea7d7c97daf9581e378c8dc7f0c

SHA256
a39ded846e447679751e7ab63f142ed635b16da623b84b1d91af864d59ee5155

SHA512
252f6f6a578283fee747c8b3fc4ce7bd22088494e6197775716d03202ef93125f38f7be2415dc1feb2c6c3b54c308dc3c92c81a6e38676151aab5b531e4039fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000008.dbtmp

Filesize
16B

MD5
589c49f8a8e18ec6998a7a30b4958ebc

SHA1
cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e

SHA256
26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8

SHA512
e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
148KB

MD5
8f6676ef54fd7d86c5a53f30b0d0891f

SHA1
e5c61ea2e76e3d81f982f1791fce47974976ef55

SHA256
576ff4ed23b4e6dbfd599be2945b34edd011a8f670a5d49245f03aa0a8496a55

SHA512
8931783fd20a2a2babb88caf8b478c642a58c8966d67881b3ab18a7925730d1a7c1112c9dff02c6a69c58dbe32eb22a682c4ab922adb52e7f5d335b655855b36

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf787abb.TMP

Filesize
16B

MD5
46295cac801e5d4857d09837238a6394

SHA1
44e0fa1b517dbf802b18faf0785eeea6ac51594b

SHA256
0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

SHA512
8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000007.log

Filesize
9KB

MD5
35bbd700dbf6d5dc601e64d70cdacbc7

SHA1
f3ad12611ed6863a51ce2e0ae070026545787a17

SHA256
fc6ad55fa376d5bc544223b30da52ca6e847786c053eaa94e8d0df28db19ae51

SHA512
3b78c38a5f11404dcaa7fea503c1ff8f78184104411904d3becb6fe4514b8181c8b7998e26b7fe5be84ed43c2a25398c53a169b548dfae76a6c013f95fa4ba19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\CURRENT

Filesize
16B

MD5
aefd77f47fb84fae5ea194496b44c67a

SHA1
dcfbb6a5b8d05662c4858664f81693bb7f803b82

SHA256
4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611

SHA512
b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

Filesize
136B

MD5
313875cabfb34dcf65ef2638f3e8682d

SHA1
6540c70c9ab6a87bf330579bbe9c1218a67fdd3d

SHA256
f68de9d4ee337c1b835ad0b17a89df06ea8d65980668adc439086a53608016f7

SHA512
c32a527a00560d506a6201a7aaf29cd37c82a5edf76506f2a5c75d686ca4ad1d532a5fa21cc85132bfa72c4f6940e435b29e068c2be95e8ed3e8c230601f902e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\MANIFEST-000006

Filesize
50B

MD5
78c55e45e9d1dc2e44283cf45c66728a

SHA1
88e234d9f7a513c4806845ce5c07e0016cf13352

SHA256
7b69a2bee12703825dc20e7d07292125180b86685d2d1b9fd097df76fc6791ec

SHA512
f2ad4594024871286b98a94223b8e7155c7934ef4ebb55f25a4a485a059f75b572d21bc96e9b48ed394be8a41fe0208f7bfb6e28a79d75640c5b684f0c848fe3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
2KB

MD5
8d19fd47c589701cb581d180c11103a0

SHA1
aad7b3119c53964fc7cb5b30c67d64f0ef31e85f

SHA256
4d390d78973821e278affe791f6533195229f5913a7d45e4dd7e31dcc951e8af

SHA512
433155f98c15886959ca0ef6e65370c8976b4d8ca1391e2a3985857640a3efa05e3e7266e5c552f157d6af29595198682a4a0a763fff64ef61b50eea08a866ab

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
1KB

MD5
8b444282c618d96bf42ea0921da94db1

SHA1
d066ada7b723ef6800ff99cd9fb115f9ca528018

SHA256
766325d0e4085ebe18d5194951b4bf0df881a2f19ea09f502867e4937130ff32

SHA512
596a62cc905962e7c7bb5005fb0f749d0b699163154e0b85c4292ba56aea6bc84f0ed691d1b54202354ea8f804ef3ed7f03f5a0ea3c230bcf6c9a78eb16414ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
454d7fcd6042fabdf41e4794655d96d3

SHA1
e3f5e23b41fa125928951257cb95523a06f81c30

SHA256
0e0d8febfe5feed09f2dd7bbce6fd243892ee78b1d322e114beab77adae42e17

SHA512
4a9b6c475b089076e5cf981d515e5de9fc311896b02b5600d01d7d121f15dfe42a589667123b8b969b489463f2a4b00b5962d9590ca98c1462e03d6e00ad61f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
a6e9f89344de70efe890d2399e24946d

SHA1
cab88214a887e1234d6e99d878b1d1811feeabb5

SHA256
b1202bae6b60aa4a78292a447bebfeff129a4ece405c80a7beb72441f1a01066

SHA512
4f4e5f7e63c2dad431326444cd2115b1c158d71da453b2fab970bef388dc899be1348dd6abcaeda260bc0d13a02645b725f8501e471aa7dd3e5fc5de87c0f5e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
be1d044db17bb219d93f8f9fd687a6ab

SHA1
5919c652db6d72d77bc1732c65d016aeaf98592b

SHA256
c9a42c352a2c72d6b435c648e1730ed8fc708bb7cafbc8628f0e389218150483

SHA512
3fd82f6537a5c76c5a4c43020e088311188ebbaed558835e52f98f558ca034c1135f57d73f46c210ae8682cdea57a329b5f29547b7dd94e06521de77a17a25c8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
49a1bbada661a6ed95d5636a1c8b62b1

SHA1
18229cf92e327a7255a02db48f690485f4853add

SHA256
c30e17aa686d486135dfd576c52920c2f114182b505d504d078ea4aad29d457a

SHA512
eabe43d36ad6c7d2f3ef85c60d70a8332750226f880df01bb343c34f8072d0480d165e72e263193df4fc05d53003e1ed6314fde79162a74f5a900bf003f7593a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
6d4f6df0615446a6bfc31f5be90f1a1b

SHA1
8a62b8cdddc817418d745a514b00868964733ee3

SHA256
ae56464dbacdb1ab865bf88c5e58713175d3423fe81b9d47a54b13203f794b1b

SHA512
9ba9d6e1390e6eda6dab86e14b1cbe9de2d13fadd19f8e7ac39a7706815890e95bef33e3a850fa11cebfd28a6c21e33bf7c6828dff209e0ea2de72a6bdd51ae6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
ba32576ef0cd0e7cd3f77a07189c2976

SHA1
32f80ae96d39dfbfe234e011c4cdd2f4d0e15ef2

SHA256
92c9f2e76824961a858acae1d16fb9d72178f492e1a144b04d3badcd9bb74550

SHA512
6cc23879eeb9c5ec84b343e1044b76843832ed12db3103df3924e3e42ffd2396e9725df11e11141d0bffd16e3987ac5956706c267f8e8c821817e1e3b177af09

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
c8594f637c0e86e1cc93151db8a5c21a

SHA1
a45c21791b6a3d0053fe56c4cfa765a9a5476628

SHA256
34418a3ea33d83e611eb31acbd8b264241ab7ff2a28d3ede953cacf510803421

SHA512
fa786ba6e88f4afe9afb070e26e52a9f1ee90e56f8d05242c7c3c2f11402bc13fc7b9d3b021575d0618301806a03aefd567466105c9ff881c12503e2236c2142

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
af6b60975554046cbc253489a2bde04e

SHA1
ef56cf6cf6f96c8372813037a2fab3aa0a64ae0f

SHA256
03fb1780a589d171b9040f0497dc2e732156749bc0c03b21c273048c835a99d7

SHA512
6c0487d1b42108ed15f2f69c042b6add609bcb0bc044b6904ea047f2f6f6a31d5dda09794bee5640fd064e37b8b84d8b79a4e2f4c79fac3439ecb4aa49bbd9b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
4KB

MD5
a58f305ee2abf437599a58b648b19e6f

SHA1
0498dda29e6fa5ceba06a6d554a28195d2c2edfc

SHA256
f843c6e7cc274950ba621ae3e7fbd6e21d75562e07b299db3e0148a29954ea17

SHA512
27d7e9e29ae7b649fce61ccf166e2fd2bec3c3ac57d34513bb159c593f7c12d80b107317818cad6b6daa1450c4b923e3d004f2a3d1afeceb83ef2ec3a74bd037

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
5KB

MD5
50f6294a3f4b394615c1ff8664cda302

SHA1
6577305beadfdc834eaf630c9be1195da7d3b76d

SHA256
b6fabe0f0372286d337ecc0a572521d478022de7ef609e6e78c01b744dba0c25

SHA512
b9db7b14680924e89a205c4d9dc0e7ecc9b7c35e494c66429b150291260fc05908779ea6f01d527279d2f2dd9c4ae1ea8247a3292cb1e8f49a91b57d6019622f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
8e3976ece69707431c243647b18621e6

SHA1
62816c36e4595e261bf85845b5bb7a77df5c985e

SHA256
21f263e3898ec783c6a06f209cef7ebd8deb4c3b334b37156f083f25ce227edf

SHA512
e65142f72663eab8bd19897a7ee39b129026a7b6f92d3fda0e979d3b52f558fe5b6f3f7980a1b653b23811b2603fa694740baec8c766c22e91b019d9fcd6097a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
0a1df6a19040937ceb3047278ff51171

SHA1
37aa807a84ee057b7bffa8d8e8835c1e2e6b1dfb

SHA256
92c8a148a3fe936dfeb3921a37073bd830b23a98484532fb18ff2bac7f6da23c

SHA512
425096870cff9a1e41c417664f5cb32f30149a2e71399caf15557ed6363d2b919f112f8732c812742e5e76fe921c6070505112516e2e0a50a82e66330436b696

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
982a17212638235b59f12dad1b7f8c32

SHA1
4ed1903ab12ab4d2a2c92f854137055f2f66999a

SHA256
ee9ddbacc7d532c5b43f66fa26420a34e6e226a093533dee9c6f204383dff9aa

SHA512
0e65bd85b7301f898b7483aff7b1893c270549a87a2899bc223676920bf85e395efd6bb1611d5728862ecc8975f18f6abb35ab7da6091ff6d81f0186cb7c5d6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\CURRENT

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

Filesize
247B

MD5
e598372ef46fa261045662acc55c0254

SHA1
6622c0f89adfebbf1a2d2af20036158fa6fa457d

SHA256
60a7b6030d9cc4ad325293f5c8db5ea11e5b01de403224e6b4dbfd2c3751bc78

SHA512
a4b5a13bd9c46335f7b164fded2311dd3ec5cc5effba66054b98a0bfc098a2963fe8d77a144fa49dfb14bbff749afa5ea2bd06e7185270e694ccb9d1343e9692

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13338135878166800

Filesize
4KB

MD5
0afd28fd82d11b8a51803644915facc6

SHA1
9aac97baf3d96ef9939cb288da5b828fe12480eb

SHA256
535ef4c4f4d465e95a6322abab8fb53ada934c79a6763167f8d6ed7321408e17

SHA512
f5abc3bb42304c912855e0b66bb5c3e2409b08273765b76ed6e64a190ec009981f0bfa9520dfe556258d59e0f6c5d98c6c46acf082493fabf255a1a04cbca153

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000008.log

Filesize
72B

MD5
186693f46a40ad6a9e62569d83066637

SHA1
d83a339b034a6274db352bb1d93a084b4d4e93a4

SHA256
0271ca9a4e871f58efc51785e36e9c177fc71fc19f920b7526582d56dace48f8

SHA512
b5fe3cc2b5cea16ed76c15e044cb74733ca2003a21e75ae6408abfe3dd9df797469c3b47cb60e35025cd2a477a81b26ee432e61ef34651c688f8ce0624a65428

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\CURRENT

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

Filesize
136B

MD5
b16e43a87fd4b6c7dcbf0e1570eb6d7d

SHA1
363ec25db390cb41a100b688b7b55002623c89fa

SHA256
7570bacc82f58b3f2d5d8b4c0e533c1f2ddd0e19b5b62ff7f46e4dfd231c962e

SHA512
e5234c6540bd849036e4b349d9f3ad0936c649073be2ee495ad6b15b9afa117d83a4ff59e09f2d6c96d502d6aedb78597ba6918456a0ed2f64bafdf6bb2f9d0b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\MANIFEST-000007

Filesize
107B

MD5
22b937965712bdbc90f3c4e5cd2a8950

SHA1
25a5df32156e12134996410c5f7d9e59b1d6c155

SHA256
cad3bbec41899ea5205612fc1494fa7ba88847fb75437a2def22211a4003e2eb

SHA512
931427ad4609ab4ca12b2ee852d4965680f58602b00c182a2d340acf3163d888be6cfad87ca089f2b47929ddfa66be03ab13a6d24922397334d6997d4c8ede3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000009.dbtmp

Filesize
16B

MD5
979c29c2917bed63ccf520ece1d18cda

SHA1
65cd81cdce0be04c74222b54d0881d3fdfe4736c

SHA256
b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53

SHA512
e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
136B

MD5
9c1636e936e36526bedea9dc00f7064e

SHA1
0577b8607c91300771f181d5c52e5485b23438d0

SHA256
d051be48dc2e8e776f05b3a9b4b480df247e7b63da12d17127c8c877ee2fb40d

SHA512
fcffd87b1b467c87ff39449e99e65ec25b360b50e48a64ac88f8aefb48a4050abf1cad46f423b2776913e05d4c18af26d6773d0aa0ecfa3c07558b6df80bc8c1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000007

Filesize
117B

MD5
2ac0494b5c4c6d605281ee87339a0cc7

SHA1
6ea0fd5480bd086ed4110d0622388574f0222666

SHA256
53161ecf97484ce07e22fbed3f642f3c1daec51a22b84be407522e5d38d2afbd

SHA512
77c6a0422b17b90dcc84094e184020613bfc7f71f07bb6fe15a68f48330e7b374c5228d65606341248983e3ec17c9b30a61e31ebdfac73f7e6abeb9d2b5f8f7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
6781553db9589d2bc6bf8058bdade1ca

SHA1
c453d74654f730ba4381f183110c4cd9f40f62e9

SHA256
35fd186e979168ad6d7d5af8d2e93b2e920a7e4e4a03e67c8cae418548cc6471

SHA512
03523c268caa4729018b55d25c7fd6c815af83b2faf92651a1ed3d735eb4bbc8c6fdc60264efe03c399b2fe0cc6d5530d630fe87b80c960c46579cb82fb934f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\adbf0408-cff2-4905-953f-1ffdcf53a69b.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b8130451-e0eb-436f-8fca-2b60858e6b4a.tmp

Filesize
5KB

MD5
b67f82e73ceced52fe4fb09de5f1854c

SHA1
7b47012a8da2d3b6b15c0e543d5e8102c8fb5e56

SHA256
dbbd4d751bd47a217a71143b86eac18f7996cb32639186963a960c4bbcc64109

SHA512
b7a4665be704cd8d3afbc6ed5bf57b1817af62748c407c3f22937e62446eee88d5c3a8c3258927e54b058f5b4486fe2ffd17e5f560f0fde170b5499147657ff1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000009.log

Filesize
3KB

MD5
77f8f541a0d32a02a0ee6c78dbd715d2

SHA1
61fc3c3f9e79b1363e9a7d0f61817550c19d2418

SHA256
10bcdf42c99aa44c17c3c150af6cb367ca7ac0402a4587beb01b567975cbf651

SHA512
08d3b5d08e801992b3daf05c9bd442a126ab62d6844af5349dfa4cf6f78b104da35eba6216b3bcfbb23a7e511666539c858a3a043e8322365361df3145bea82f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000010.dbtmp

Filesize
16B

MD5
60e3f691077715586b918375dd23c6b0

SHA1
476d3eab15649c40c6aebfb6ac2366db50283d1b

SHA256
e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee

SHA512
d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000013.dbtmp

Filesize
16B

MD5
a6813b63372959d9440379e29a2b2575

SHA1
394c17d11669e9cb7e2071422a2fd0c80e4cab76

SHA256
e6325e36f681074fccd2b1371dbf6f4535a6630e5b95c9ddff92c48ec11ce312

SHA512
3215a0b16c833b46e6be40fe8e3156e91ec0a5f5d570a5133b65c857237826053bf5d011de1fcc4a13304d7d641bcba931178f8b79ee163f97eb0db08829e711

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\CURRENT

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

Filesize
249B

MD5
68dfaf1c626d10ee6954863370015e3d

SHA1
c91a7fb11c0ff98614d334a68516eb17cf84eef7

SHA256
423b288d0867784361cc593f25eda6aed30222640a22c045ed8b050de5117ded

SHA512
d0f692f587f3dc1632c089cedbb1510958ac4c274e5038b03d6bcec245d2595a8655fbcd7c7e3722bf71ae6c20d1cbc09dbf75be9aee1ff0351c8d0de1107f96

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\MANIFEST-000007

Filesize
98B

MD5
005293bb1e73454e3968ab76c06f2aaa

SHA1
9f48bce729179b292797f65583d43af84c7d3f12

SHA256
3c64a1e8e11a2a039c6f312fe4500d3e2f4d6fc7898ab8fb2c285f0c0754a852

SHA512
b6de68c6b9397e27ebe96cee1b794421594000ecc8c339cc067f5d64bf14f6084aacb58fde25f8583228edd93741b54f61b38ad5af816d65dec49841bd3acfa0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000008.ldb

Filesize
317B

MD5
2459beaedf89336b35b46e81d398e1ee

SHA1
97b29bb57aed326e60ad64953ca96dc0aa33c37e

SHA256
f8c592bfaceb32c8cad228fdef38482c5d6b4cc058ae0668f69880e0590c1051

SHA512
7c08b0b06d6bc76ef6e8a5b7376cd75d5dd9060cace183e3096addf7756a989e8680d7fc2cf3811beb7c9cf0d268ccb77e1d1e96826300bc6f428230be468af6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000009.log

Filesize
34B

MD5
12275f46db968e27e4edb23a4517904d

SHA1
1bd41f5f55dc8532c45c5ed91bd0823deabe3d3a

SHA256
0b9769e63620205002586d7dbefa19d6c3573ffa65bc86eb49113ec271feea4a

SHA512
084364c331be5c6b8c537a6c56b732ccdbb45f0d74a1e0ed89ac195e9ae43e15f15c953e3ed188990f0abb7e0e6456fa4b6b34562a02c180f7c061a7728c8b66

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\CURRENT

Filesize
16B

MD5
18e723571b00fb1694a3bad6c78e4054

SHA1
afcc0ef32d46fe59e0483f9a3c891d3034d12f32

SHA256
8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa

SHA512
43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

Filesize
249B

MD5
fbdfb34f24a273d1aa375941b11a86af

SHA1
803a1ef123b24f242f61284c305faaf596e0c6c8

SHA256
fbaf0c8d3a77fff821cdc09ed16702ca21410fa61da4ae3cde6f15a0a6f87709

SHA512
cd26fd02c987503247e100787c7d9b65387424e2a91e0755b65962d2e7a78380445f5e217ab099c2af15d0d51ed14373ba91373d5a6b0697d0ae0283c216640f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\MANIFEST-000007

Filesize
118B

MD5
799ec7fe3eea5adb74029f4b64b291e0

SHA1
aa50caa4f5631ee0d6f6ccbb3a6ed3e36482f11b

SHA256
a8f16494d87c4a3b9292d978a0a75d60c6672e96dba1d92d659b6b8267b89f13

SHA512
0e28235a8986a3722ab5b118f9c15773819cf71441abef7c36902da65a6662e31d061bedce9d8409eb63de33647a637aa9efb5660f97cb20574a584fb23ec797

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
9eae63c7a967fc314dd311d9f46a45b7

SHA1
caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf

SHA256
4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d

SHA512
bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
190KB

MD5
c827a1bfbebec1f0d19f1b80be52bd01

SHA1
3df681d0188f889b0b555afd1d924e16faeb4a61

SHA256
42a3d751f3c27bdbba2bcc8212290a3fe516fbc71a6258339a56ec4daad2a8fc

SHA512
8425c586b77fe5c3d31ee7bfaa1685db9313742c18e9dae62dcafaf7e6a6c9b8e022e96aba4b369f30e32acf0e426c2010c4687344a7d590333ad576ff977fba

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
97KB

MD5
db4ff3f756b34d3881d6d4510e959ab0

SHA1
ee72008c5054b84ae48c16aa2a0188662097c400

SHA256
88ebc0af712cf3637a0367a96fb3742d1ea7359919d04d306cf6081ca5c60584

SHA512
2e87fcfee987c5f716537088e5395e748425589b31da30af2031f30121f02aca3bc9dd6d24aae23f5f3fe9f8dbaf3343bf1dc48bb44ba4be0c9ef39528357d05

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
97KB

MD5
bf3b21c32262296161dd0d5b1ee57ce4

SHA1
264635e64457fa5415c36262890e438954049813

SHA256
2e034cfc82ec0f2365189272dae0f493b064e6e1606d8f3f6da8149f42004598

SHA512
9a74cbeac387877cb55aaa787e5b204989a4679161325ddf94f149de049d252c9560b82b470907ac9e4bf669dd52fd96855a6b95ac0ee6773dbe797339b6a0be

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
97KB

MD5
52ff05d34e16579849a9314f34cc2c42

SHA1
48b56a59c550d1c7134f714c096ea3d707c840bc

SHA256
7653844ee9b5ac5e88a6fa7fa6cab4b614f7dac68c3c3a8354f5dad084396e85

SHA512
26b83dea2050217e4d50b75a5621d7b46580df441ca23a371d30e814adff47b4f62086e57c036fffb424fab804a5d13889952a88fa5443c940f828f5a72246b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
190KB

MD5
3f8b81c872bbddb2003cd67e84282a67

SHA1
3fa539692bd9e153c549dc47f3248687ce8e3c86

SHA256
280293d1773b43ed9a2a32f1cf777afed2c1602b743202d92e5e218de514b886

SHA512
97c0d8e62c4db84e66db063017b61cc817041458fe9ff92b57737e9d99221b4ff65b4501af037760c3ee45357bf49106f49ead4b4153df2ecc63c61e22a4d562

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
f50f89a0a91564d0b8a211f8921aa7de

SHA1
112403a17dd69d5b9018b8cede023cb3b54eab7d

SHA256
b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec

SHA512
bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

Filesize
86B

MD5
961e3604f228b0d10541ebf921500c86

SHA1
6e00570d9f78d9cfebe67d4da5efe546543949a7

SHA256
f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed

SHA512
535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit
C:\Users\Admin\AppData\Local\Temp\Cab584F.tmp

Filesize
61KB

MD5
f3441b8572aae8801c04f3060b550443

SHA1
4ef0a35436125d6821831ef36c28ffaf196cda15

SHA256
6720349e7d82ee0a8e73920d3c2b7cb2912d9fcf2edb6fd98f2f12820158b0bf

SHA512
5ba01ba421b50030e380ae6bbcd2f681f2a91947fe7fedb3c8e6b5f24dce9517abf57b1cf26cc6078d4bb53bde6fcfb2561591337c841f8f2cb121a3d71661b9

Download Submit
C:\Users\Admin\AppData\Local\Temp\MASH0001.TMP

Filesize
6KB

MD5
7eccc259af24ba7a5a0638562536068d

SHA1
acd3e0fc2e10dfb2e57efa608a60297efb32e54e

SHA256
2e682f6b72fe7f464da31c01cb4769c8fcf556957405740140394282d4fe0db7

SHA512
7fc719c7c0499efc6eff2594e1e46390a421db4ae6c36c5f8822cccca52cedf6be4d9282e49db246a9533fcb929a70cd4e7a25e09984f69db2c922f6c4ba6f8e

Download Submit
C:\Users\Admin\AppData\Local\Temp\Tar5862.tmp

Filesize
163KB

MD5
9441737383d21192400eca82fda910ec

SHA1
725e0d606a4fc9ba44aa8ffde65bed15e65367e4

SHA256
bc3a6e84e41faeb57e7c21aa3b60c2a64777107009727c5b7c0ed8fe658909e5

SHA512
7608dd653a66cd364392a78d4711b48d1707768d36996e4d38871c6843b5714e1d7da4b4cc6db969e6000cfa182bcb74216ef6823d1063f036fc5c3413fb8dcf

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmp60285.WMC\allservices.xml

Filesize
546B

MD5
df03e65b8e082f24dab09c57bc9c6241

SHA1
6b0dacbf38744c9a381830e6a5dc4c71bd7cedbf

SHA256
155b9c588061c71832af329fafa5678835d9153b8fbb7592195ae953d0c455ba

SHA512
ef1cc8d27fbc5da5daab854c933d3914b84ee539d4d2f0126dc1a04a830c5599e39a923c80257653638b1b99b0073a7174cc164be5887181730883c752ba2f99

Download Submit
C:\Users\Admin\AppData\Local\Temp\tmp61564.WMC\serviceinfo.xml

Filesize
523B

MD5
d58da90d6dc51f97cb84dfbffe2b2300

SHA1
5f86b06b992a3146cb698a99932ead57a5ec4666

SHA256
93acdb79543d9248ca3fca661f3ac287e6004e4b3dafd79d4c4070794ffbf2ad

SHA512
7f1e95e5aa4c8a0e4c967135c78f22f4505f2a48bbc619924d0096bf4a94d469389b9e8488c12edacfba819517b8376546687d1145660ad1f49d8c20a744e636

Download Submit
C:\Users\Admin\Downloads\1d7eefb0-513e-40de-8ed9-af6e4332684e.tmp

Filesize
333KB

MD5
d6d7608ce9c387dce4c58468bfdb5836

SHA1
f43df82100f7f0cc627e98a0d6fa51bbc27d37e5

SHA256
04c5ec0035c1ec13f5a7222e7cb01726d9b80382ff0f4acd55f388da7aa43666

SHA512
dacc6d0d99797dee1ae0cead0265f12dea23b7cab4762b7be465c7a3a5351e6f776c3d1dffdf174d0bd7afe2b1adecb81ada1ab251bc017966990ef232f8a083

Download Submit
C:\Users\Admin\Downloads\BonziKill.exe

Filesize
77.8MB

MD5
97893da3ea0e186290435246020bf018

SHA1
9a898f7e782cde4d1c98793a70faf363627a1596

SHA256
27dcecbb8e47c6f20f54466d4f14afade78c9518f614c6555fe64b9f37efb6fd

SHA512
ea54c3b9011e7ea3e024b88da20de7d282393455b504937e4a48e4a7f963d48391f9bd46cf31fb4ae3e63464f8d9467a48581217cf587fcee1d137e5edf6e9c8

Download Submit
C:\Users\Admin\Downloads\BonziKill.exe

Filesize
77.8MB

MD5
97893da3ea0e186290435246020bf018

SHA1
9a898f7e782cde4d1c98793a70faf363627a1596

SHA256
27dcecbb8e47c6f20f54466d4f14afade78c9518f614c6555fe64b9f37efb6fd

SHA512
ea54c3b9011e7ea3e024b88da20de7d282393455b504937e4a48e4a7f963d48391f9bd46cf31fb4ae3e63464f8d9467a48581217cf587fcee1d137e5edf6e9c8

Download Submit
C:\Users\Admin\Downloads\BonziKill.exe

Filesize
77.8MB

MD5
97893da3ea0e186290435246020bf018

SHA1
9a898f7e782cde4d1c98793a70faf363627a1596

SHA256
27dcecbb8e47c6f20f54466d4f14afade78c9518f614c6555fe64b9f37efb6fd

SHA512
ea54c3b9011e7ea3e024b88da20de7d282393455b504937e4a48e4a7f963d48391f9bd46cf31fb4ae3e63464f8d9467a48581217cf587fcee1d137e5edf6e9c8

Download Submit
C:\bonzi\BonziBuddy_original.exe

Filesize
126KB

MD5
ff8e3bef2b1c444e59d21d5291c81d96

SHA1
a838dc974a49dc0fad824cedcf794c8c9651d410

SHA256
50a65ffcb48cb6ba99ccf79d855696cfdfb28ff21d0f71666c8fae9dfedf878e

SHA512
b872737dd5f1f114785bf948fa8018aed228be99dafd07bf850bab1a4772564f59ed2cc60faedbf3eaf84f12908e1ed2bf07a526484edc6ded0692ce575e4927

Download Submit
C:\bonzi\BonziBuddy_original.exe

Filesize
126KB

MD5
ff8e3bef2b1c444e59d21d5291c81d96

SHA1
a838dc974a49dc0fad824cedcf794c8c9651d410

SHA256
50a65ffcb48cb6ba99ccf79d855696cfdfb28ff21d0f71666c8fae9dfedf878e

SHA512
b872737dd5f1f114785bf948fa8018aed228be99dafd07bf850bab1a4772564f59ed2cc60faedbf3eaf84f12908e1ed2bf07a526484edc6ded0692ce575e4927

Download Submit
C:\bonzi\BonziBuddy_original.exe

Filesize
126KB

MD5
ff8e3bef2b1c444e59d21d5291c81d96

SHA1
a838dc974a49dc0fad824cedcf794c8c9651d410

SHA256
50a65ffcb48cb6ba99ccf79d855696cfdfb28ff21d0f71666c8fae9dfedf878e

SHA512
b872737dd5f1f114785bf948fa8018aed228be99dafd07bf850bab1a4772564f59ed2cc60faedbf3eaf84f12908e1ed2bf07a526484edc6ded0692ce575e4927

Download Submit
C:\bonzi\netscape\res\html\gopher-audio.gif

Filesize
163B

MD5
0c428f6883c912e150ce42c954b1bd36

SHA1
bcfcdc2946c6e8113083d57538de5713aa033e9a

SHA256
39c501d97b098136e6d3ef487ebc2a04b00b367af8bf04a16ce183064656dc2e

SHA512
d809489178b96dafd4a0c95edd56fac21625aabb2b7dc8260345eb96b9c3c7ecb1b18505746bed15581ebfa1265cf96c8aff3953dbc6d69d56b31fcf54db228c

Download Submit
C:\bonzi\netscape\res\table-remove-column-active.gif

Filesize
835B

MD5
cdeeb11aaefc565b7e2e6de6c5122adb

SHA1
67c0bbae8ac6dd12cb66621f3539fae6971d91e0

SHA256
1ba095a2abd0fd53efb16480111e199cb06cdc0f7205c73691ce83e302af1c03

SHA512
b123401eaf3d0407638c1e0f3a17d102987b769139d83f2af346d5f5c3a1f16a7aab17bd9c046583542d15fbdcf11d24206a4bdf62885bf87b2aca4ecacb77a9

Download Submit
C:\bonzi\netscape\res\table-remove-column-hover.gif

Filesize
841B

MD5
f6f8b831f31c8a4081e61403b258d944

SHA1
389daf6bcd0ba84a413dce4aff02ae9800eb1061

SHA256
f19d34969cef9b58e845f4f3630ec3df5a3cc054831f3880c1b68a34afa431d8

SHA512
01bb9b06927083d052b11a76ce147073bc25d7c95308d189dbc5598776f83ba26c22a260450f41c2d18e4c3ec86aa24719a90bdeae1417ebd4b1066b80c8fbab

Download Submit
C:\bonzi\netscape\res\table-remove-column.gif

Filesize
841B

MD5
90ef7ea72f363d421c608e37141f0e29

SHA1
891c963cb3c26628dcb18db5653eaca5275b0f9e

SHA256
dd6549e0c43acaa44bba371928f96cb02f71440149f6ae4d2e9ad4706cbe2231

SHA512
6a05229fd5e33ccab5b5e4f185395fb77447384c83b2d0ca5379106e3a06296a6e372acf8c3be7b7d1e8046d5b3002ec5c4c4c22ea186fdff828acd2aa5702d5

Download Submit
\bonzi\BonziBuddy_original.exe

Filesize
126KB

MD5
ff8e3bef2b1c444e59d21d5291c81d96

SHA1
a838dc974a49dc0fad824cedcf794c8c9651d410

SHA256
50a65ffcb48cb6ba99ccf79d855696cfdfb28ff21d0f71666c8fae9dfedf878e

SHA512
b872737dd5f1f114785bf948fa8018aed228be99dafd07bf850bab1a4772564f59ed2cc60faedbf3eaf84f12908e1ed2bf07a526484edc6ded0692ce575e4927

Download Submit
\bonzi\BonziBuddy_original.exe

Filesize
126KB

MD5
ff8e3bef2b1c444e59d21d5291c81d96

SHA1
a838dc974a49dc0fad824cedcf794c8c9651d410

SHA256
50a65ffcb48cb6ba99ccf79d855696cfdfb28ff21d0f71666c8fae9dfedf878e

SHA512
b872737dd5f1f114785bf948fa8018aed228be99dafd07bf850bab1a4772564f59ed2cc60faedbf3eaf84f12908e1ed2bf07a526484edc6ded0692ce575e4927

Download Submit
\bonzi\BonziBuddy_original.exe

Filesize
126KB

MD5
ff8e3bef2b1c444e59d21d5291c81d96

SHA1
a838dc974a49dc0fad824cedcf794c8c9651d410

SHA256
50a65ffcb48cb6ba99ccf79d855696cfdfb28ff21d0f71666c8fae9dfedf878e

SHA512
b872737dd5f1f114785bf948fa8018aed228be99dafd07bf850bab1a4772564f59ed2cc60faedbf3eaf84f12908e1ed2bf07a526484edc6ded0692ce575e4927

Download Submit
\bonzi\BonziBuddy_original.exe

Filesize
126KB

MD5
ff8e3bef2b1c444e59d21d5291c81d96

SHA1
a838dc974a49dc0fad824cedcf794c8c9651d410

SHA256
50a65ffcb48cb6ba99ccf79d855696cfdfb28ff21d0f71666c8fae9dfedf878e

SHA512
b872737dd5f1f114785bf948fa8018aed228be99dafd07bf850bab1a4772564f59ed2cc60faedbf3eaf84f12908e1ed2bf07a526484edc6ded0692ce575e4927

Download Submit
\bonzi\BonziBuddy_original.exe

Filesize
126KB

MD5
ff8e3bef2b1c444e59d21d5291c81d96

SHA1
a838dc974a49dc0fad824cedcf794c8c9651d410

SHA256
50a65ffcb48cb6ba99ccf79d855696cfdfb28ff21d0f71666c8fae9dfedf878e

SHA512
b872737dd5f1f114785bf948fa8018aed228be99dafd07bf850bab1a4772564f59ed2cc60faedbf3eaf84f12908e1ed2bf07a526484edc6ded0692ce575e4927

Download Submit
memory/1148-829-0x0000000000400000-0x000000000046F000-memory.dmp

Filesize
444KB

Download
memory/1148-844-0x0000000000400000-0x000000000046F000-memory.dmp

Filesize
444KB

Download
memory/1148-831-0x0000000000400000-0x000000000046F000-memory.dmp

Filesize
444KB

Download
memory/1148-832-0x0000000000400000-0x000000000046F000-memory.dmp

Filesize
444KB

Download
memory/2224-1622-0x0000000002CC0000-0x0000000002D2F000-memory.dmp

Filesize
444KB

Download
memory/2224-2149-0x0000000002CD0000-0x0000000002D3F000-memory.dmp

Filesize
444KB

Download
memory/2224-1625-0x0000000002CD0000-0x0000000002D3F000-memory.dmp

Filesize
444KB

Download
memory/2224-1623-0x0000000002CD0000-0x0000000002D3F000-memory.dmp

Filesize
444KB

Download
memory/2224-2147-0x0000000002CD0000-0x0000000002D3F000-memory.dmp

Filesize
444KB

Download
memory/2224-2148-0x0000000002CD0000-0x0000000002D3F000-memory.dmp

Filesize
444KB

Download
memory/2308-826-0x0000000001000000-0x000000000106F000-memory.dmp

Filesize
444KB

Download
memory/2308-815-0x0000000001000000-0x000000000106F000-memory.dmp

Filesize
444KB

Download
memory/2308-825-0x0000000001000000-0x000000000106F000-memory.dmp

Filesize
444KB

Download
memory/2308-824-0x0000000001000000-0x000000000106F000-memory.dmp

Filesize
444KB

Download
memory/2308-827-0x0000000001000000-0x000000000106F000-memory.dmp

Filesize
444KB

Download
memory/2780-2154-0x0000000000400000-0x000000000046F000-memory.dmp

Filesize
444KB

Download
memory/2780-1627-0x0000000000400000-0x000000000046F000-memory.dmp

Filesize
444KB

Download
memory/2780-2371-0x0000000000400000-0x000000000046F000-memory.dmp

Filesize
444KB

Download