Malware Analysis Report

2024-11-16 15:52

Sample ID 240204-wc83aafee7
Target http://youareanidiot.org
Tags
google phishing
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file http://youareanidiot.org was found to be: Known bad.

Malicious Activity Summary

google phishing

Detected google phishing page

Enumerates physical storage devices

Program crash

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SetWindowsHookEx

Uses Task Scheduler COM API

Uses Volume Shadow Copy WMI provider

Uses Volume Shadow Copy service COM API

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Modifies Internet Explorer settings

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-04 17:47

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-04 17:47

Reported

2024-02-04 18:18

Platform

win7-20231215-en

Max time kernel

413s

Max time network

1657s

Command Line

"C:\Program Files\Internet Explorer\iexplore.exe" http://youareanidiot.org

Signatures

Detected google phishing page

phishing google

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Set value (data) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\LastProcessed = 008ae96b9257da01 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000000000001000000ffffffffffffffffffffffffffffffff3d0000003d000000c3040000a2020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\CompatibilityFlags = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\DecayDateQueue = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a883829c536588438b4279b7bc6c193000000000020000000000106600000001000020000000238b2b74377625328ccbec679ca6c653528d8f849058391b42043780d8fbb111000000000e800000000200002000000085d8f6c3023d7b41620937193315ccf55c7d25ceca55e8038572df81379b76d72000000091034f24c39b087cdd3991b026ea25c2e67cc533fd87c79ad825015da681ac42400000008a1c59be09966a6818413f7049587d915844e6a281fb6b7b40b22f6c61128e52b13291be062c7b807a77a3a2ef5ef32963e65aedba81362de96c4e286a2a57c7 C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NTPFirstRun = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\MINIE\TabBandWidth = "500" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\LowRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive\{9FEBC701-C385-11EE-A581-D2016227024C} = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\FullScreen = "no" C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\SearchScopes\DownloadRetries = "3" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DomainSuggestion C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DOMStorage\bing.com\NumberOfSubdomains = "1" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\InternetRegistry C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\GPU C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "0" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DOMStorage C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DOMStorage\bing.com C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\AdminActive C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000200000003000000ffffffffffffffffffffffffffffffff2400000024000000aa04000089020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage\MFV = 01000000d08c9ddf0115d1118c7a00c04fc297eb01000000a883829c536588438b4279b7bc6c19300000000002000000000010660000000100002000000003ff8f1bd89ac9cb4f2525b4eee31d68f4a6cdb1379b7ad93250519a9276992e000000000e80000000020000200000000273d0d3e5164ad41e1a21eff8eacfae11a4a011724c218f107a64690c5fb39790000000012f8cbf12e63d5b02bb0b277234ec2f104882774eeeb58006f0efb46e8f7597f95cd7242b0e19fcf2558b4a22adecb10bd202d247e9f1c0c5548b45d2d71fced067876c7c345b763fc1b4e8ed78d65da08c24cc17b0ebabb989c0c562fb0e29c798565becb474fca03329b5a632ef1c81b3e87e4e937ae06351380e8fec5c78e19b145768cb01ad5e64d63a72fbcf8740000000977aaf8ca1d591288ed49a596722746505497fa3a5a36651388ff6edabc7aad271e0512485dfad3cc5e0ef5cba3ad155f09b09afafb3f56841f4c3075a47677c C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\Window_Placement = 2c0000000000000001000000ffffffffffffffffffffffffffffffff5400000000000000da04000065020000 C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\DomainSuggestion\NextUpdateDate = "413230785" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\LowRegistry\DontShowMeThisDialogAgain C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\IntelliForms\AskUser = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\SearchScopes C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\IETld\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\PageSetup C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery\AdminActive = "1" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Zoom C:\Program Files\Internet Explorer\iexplore.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main\WindowsSearch\Version = "WS not running" C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Recovery\PendingRecovery C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\NewTabPage C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\Main C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\BrowserEmulation\LowMic C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\IntelliForms C:\Program Files\Internet Explorer\iexplore.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3308111660-3636268597-2291490419-1000\Software\Microsoft\Internet Explorer\MINIE C:\Program Files\Internet Explorer\iexplore.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Token: SeIncBasePriorityPrivilege N/A C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Internet Explorer\iexplore.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2448 wrote to memory of 2904 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2448 wrote to memory of 2904 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2448 wrote to memory of 2904 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2448 wrote to memory of 2904 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2448 wrote to memory of 1828 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2448 wrote to memory of 1828 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2448 wrote to memory of 1828 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2448 wrote to memory of 1828 N/A C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
PID 2816 wrote to memory of 1784 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1784 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1784 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 2356 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2816 wrote to memory of 1028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy WMI provider

ransomware

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe" http://youareanidiot.org

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2448 CREDAT:275457 /prefetch:2

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2448 CREDAT:472082 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5f59758,0x7fef5f59768,0x7fef5f59778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1144 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1496 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1588 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2304 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2312 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=3224 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1124 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3272 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3544 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3512 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3468 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2336 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=1104 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3956 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1456 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3828 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4020 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=2492 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3400 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4248 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=2360 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=2492 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4344 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=4352 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=2744 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=4176 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=4424 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4564 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5116 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5336 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=4864 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5352 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=5548 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=5216 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=4340 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=4312 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=5160 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=5432 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=3984 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5008 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5160 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:8

C:\Users\Admin\AppData\Local\Temp\Temp1_Idiot.zip\YouAreAnIdiot.exe

"C:\Users\Admin\AppData\Local\Temp\Temp1_Idiot.zip\YouAreAnIdiot.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 3516 -s 736

C:\Users\Admin\AppData\Local\Temp\Temp1_Idiot.zip\YouAreAnIdiot.exe

"C:\Users\Admin\AppData\Local\Temp\Temp1_Idiot.zip\YouAreAnIdiot.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 3260 -s 736

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Temp1_Idiot.zip\Interop.ShockwaveFlashObjects.dll

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Temp1_Idiot.zip\Interop.ShockwaveFlashObjects.dll

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Temp1_Idiot.zip\AxInterop.ShockwaveFlashObjects.dll

C:\Users\Admin\AppData\Local\Temp\Temp1_Idiot.zip\YouAreAnIdiot.exe

"C:\Users\Admin\AppData\Local\Temp\Temp1_Idiot.zip\YouAreAnIdiot.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 4020 -s 864

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=5412 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=5280 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=4144 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=4188 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=5536 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=5516 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=884 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=5940 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=3540 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=884 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=3348 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=1028 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=5516 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=4316 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=1728 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=4296 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=4308 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=2456 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=1188 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=5220 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=4252 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=4792 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=3968 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=4060 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=5012 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=2440 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=5928 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=2472 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=4264 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=1324 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4044 --field-trial-handle=1276,i,4678659799604625729,14704944034004945610,131072 /prefetch:8

C:\Users\Admin\AppData\Local\Temp\Temp1_Idiot (1).zip\YouAreAnIdiot.exe

"C:\Users\Admin\AppData\Local\Temp\Temp1_Idiot (1).zip\YouAreAnIdiot.exe"

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Temp1_Idiot (1).zip\AxInterop.ShockwaveFlashObjects.dll

C:\Windows\system32\rundll32.exe

"C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\Temp1_Idiot (1).zip\Interop.ShockwaveFlashObjects.dll

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 1780 -s 868

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef5f59758,0x7fef5f59768,0x7fef5f59778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1168 --field-trial-handle=1328,i,8512886079831134239,6357871548267771776,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1528 --field-trial-handle=1328,i,8512886079831134239,6357871548267771776,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1664 --field-trial-handle=1328,i,8512886079831134239,6357871548267771776,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2304 --field-trial-handle=1328,i,8512886079831134239,6357871548267771776,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2316 --field-trial-handle=1328,i,8512886079831134239,6357871548267771776,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1416 --field-trial-handle=1328,i,8512886079831134239,6357871548267771776,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3216 --field-trial-handle=1328,i,8512886079831134239,6357871548267771776,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3748 --field-trial-handle=1328,i,8512886079831134239,6357871548267771776,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4196 --field-trial-handle=1328,i,8512886079831134239,6357871548267771776,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=2252 --field-trial-handle=1328,i,8512886079831134239,6357871548267771776,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2088 --field-trial-handle=1328,i,8512886079831134239,6357871548267771776,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4100 --field-trial-handle=1328,i,8512886079831134239,6357871548267771776,131072 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 youareanidiot.org udp
US 50.28.56.190:80 youareanidiot.org tcp
US 50.28.56.190:80 youareanidiot.org tcp
US 8.8.8.8:53 ww1.youareanidiot.org udp
DE 64.190.63.136:80 ww1.youareanidiot.org tcp
DE 64.190.63.136:80 ww1.youareanidiot.org tcp
US 8.8.8.8:53 parking.parklogic.com udp
US 8.8.8.8:53 www.google.com udp
US 67.225.218.50:80 parking.parklogic.com tcp
US 67.225.218.50:80 parking.parklogic.com tcp
GB 142.250.178.4:80 www.google.com tcp
GB 142.250.178.4:80 www.google.com tcp
US 8.8.8.8:53 img.sedoparking.com udp
US 205.234.175.175:80 img.sedoparking.com tcp
US 205.234.175.175:80 img.sedoparking.com tcp
US 8.8.8.8:53 partner.googleadservices.com udp
US 8.8.8.8:53 www.adsensecustomsearchads.com udp
GB 142.250.178.2:443 partner.googleadservices.com tcp
GB 142.250.178.2:443 partner.googleadservices.com tcp
GB 172.217.16.238:443 www.adsensecustomsearchads.com tcp
GB 172.217.16.238:443 www.adsensecustomsearchads.com tcp
US 8.8.8.8:53 api.bing.com udp
US 13.107.5.80:80 api.bing.com tcp
US 13.107.5.80:80 api.bing.com tcp
GB 92.123.128.157:80 www.bing.com tcp
GB 92.123.128.157:80 www.bing.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 92.123.128.178:443 r.bing.com tcp
GB 92.123.128.178:443 r.bing.com tcp
GB 92.123.128.157:80 th.bing.com tcp
GB 92.123.128.157:80 th.bing.com tcp
GB 92.123.128.157:80 th.bing.com tcp
GB 92.123.128.157:80 th.bing.com tcp
GB 92.123.128.178:443 r.bing.com tcp
GB 92.123.128.178:443 r.bing.com tcp
GB 92.123.128.157:80 th.bing.com tcp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 www.microsoft.com udp
GB 92.123.128.178:443 r.bing.com tcp
GB 92.123.128.178:443 r.bing.com tcp
GB 92.123.128.178:443 r.bing.com tcp
GB 92.123.128.178:443 r.bing.com tcp
GB 92.123.128.178:443 r.bing.com tcp
US 8.8.8.8:53 youareanidiot.cc udp
US 172.67.143.125:443 youareanidiot.cc tcp
US 172.67.143.125:443 youareanidiot.cc tcp
US 172.67.143.125:443 youareanidiot.cc tcp
US 172.67.143.125:443 youareanidiot.cc tcp
US 172.67.143.125:443 youareanidiot.cc tcp
US 172.67.143.125:443 youareanidiot.cc tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 204.79.197.200:443 ieonline.microsoft.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 r.bing.com udp
GB 92.123.128.178:443 r.bing.com tcp
GB 92.123.128.178:443 r.bing.com tcp
GB 92.123.128.157:80 r.bing.com tcp
US 8.8.8.8:53 platform.bing.com udp
US 204.79.197.237:80 platform.bing.com tcp
US 204.79.197.237:80 platform.bing.com tcp
GB 92.123.128.157:80 r.bing.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
IE 40.126.31.67:443 login.microsoftonline.com tcp
IE 40.126.31.67:443 login.microsoftonline.com tcp
US 8.8.8.8:53 a4.bing.com udp
GB 23.48.165.156:80 a4.bing.com tcp
GB 23.48.165.156:80 a4.bing.com tcp
GB 23.48.165.156:80 a4.bing.com tcp
GB 23.48.165.156:80 a4.bing.com tcp
GB 23.48.165.156:80 a4.bing.com tcp
GB 23.48.165.156:80 a4.bing.com tcp
GB 92.123.128.157:443 r.bing.com tcp
GB 92.123.128.178:443 r.bing.com tcp
GB 92.123.128.157:443 r.bing.com tcp
GB 92.123.128.178:443 r.bing.com tcp
GB 92.123.128.178:443 r.bing.com tcp
GB 92.123.128.178:443 r.bing.com tcp
US 8.8.8.8:53 th.bing.com udp
US 8.8.8.8:53 th.bing.com udp
GB 92.123.128.178:443 th.bing.com tcp
GB 92.123.128.178:443 th.bing.com tcp
GB 92.123.128.178:443 th.bing.com tcp
GB 92.123.128.178:443 th.bing.com tcp
GB 92.123.128.157:80 th.bing.com tcp
GB 92.123.128.157:80 th.bing.com tcp
GB 92.123.128.157:80 th.bing.com tcp
GB 92.123.128.157:80 th.bing.com tcp
GB 92.123.128.157:80 th.bing.com tcp
GB 92.123.128.157:80 th.bing.com tcp
GB 92.123.128.157:80 th.bing.com tcp
GB 92.123.128.157:80 th.bing.com tcp
GB 92.123.128.178:443 th.bing.com tcp
GB 92.123.128.178:443 th.bing.com tcp
GB 92.123.128.178:443 th.bing.com tcp
GB 92.123.128.178:443 th.bing.com tcp
GB 92.123.128.178:443 th.bing.com tcp
GB 92.123.128.178:443 th.bing.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
GB 142.250.200.46:443 www.youtube.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 tools.google.com udp
GB 172.217.169.14:443 tools.google.com tcp
GB 172.217.169.14:443 tools.google.com tcp
US 8.8.8.8:53 www.microsoft.com udp
GB 173.222.13.219:443 www.microsoft.com tcp
GB 173.222.13.219:443 www.microsoft.com tcp
GB 173.222.13.219:443 www.microsoft.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 216.58.212.206:443 apis.google.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 consent.google.com udp
GB 216.58.212.206:443 apis.google.com udp
US 8.8.8.8:53 archive.org udp
US 207.241.224.2:443 archive.org tcp
US 207.241.224.2:443 archive.org tcp
US 8.8.8.8:53 polyfill.archive.org udp
US 207.241.239.242:443 polyfill.archive.org tcp
US 8.8.8.8:53 analytics.archive.org udp
US 8.8.8.8:53 esm.archive.org udp
US 207.241.225.195:443 analytics.archive.org tcp
US 207.241.239.242:443 esm.archive.org tcp
US 207.241.239.242:443 esm.archive.org tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 cors.archive.org udp
US 207.241.224.2:443 cors.archive.org tcp
US 207.241.224.2:443 cors.archive.org tcp
US 8.8.8.8:53 ia801708.us.archive.org udp
US 207.241.233.38:443 ia801708.us.archive.org tcp
US 207.241.233.38:443 ia801708.us.archive.org tcp
US 8.8.8.8:53 ia601708.us.archive.org udp
US 207.241.227.98:443 ia601708.us.archive.org tcp
US 8.8.8.8:53 ia801902.us.archive.org udp
US 207.241.228.102:443 ia801902.us.archive.org tcp
US 207.241.228.102:443 ia801902.us.archive.org tcp
US 8.8.8.8:53 ia601902.us.archive.org udp
US 207.241.227.42:443 ia601902.us.archive.org tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 google.com udp
GB 216.58.204.78:443 google.com tcp
GB 172.217.169.35:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
GB 216.58.212.238:443 encrypted-vtbn0.gstatic.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.200.46:443 www.youtube.com udp
US 8.8.8.8:53 rr3---sn-1gi7znes.googlevideo.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.212.246:443 i.ytimg.com tcp
GB 216.58.212.246:443 i.ytimg.com tcp
CH 173.194.160.72:443 rr3---sn-1gi7znes.googlevideo.com tcp
CH 173.194.160.72:443 rr3---sn-1gi7znes.googlevideo.com tcp
US 8.8.8.8:53 rr5---sn-1gi7znes.googlevideo.com udp
CH 173.194.160.74:443 rr5---sn-1gi7znes.googlevideo.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 rr1---sn-q4flrnsl.googlevideo.com udp
US 173.194.57.70:443 rr1---sn-q4flrnsl.googlevideo.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com udp
GB 216.58.212.246:443 i.ytimg.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.74:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 172.217.16.225:443 yt3.ggpht.com tcp
US 8.8.8.8:53 consent.youtube.com udp
GB 142.250.187.206:443 consent.youtube.com tcp
US 8.8.8.8:53 youtube.com udp
GB 142.250.187.238:443 youtube.com tcp
GB 142.250.187.238:443 youtube.com tcp
CH 173.194.160.72:443 rr3---sn-1gi7znes.googlevideo.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 rr3---sn-5hneknee.googlevideo.com udp
NL 74.125.8.72:443 rr3---sn-5hneknee.googlevideo.com udp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.178.6:443 static.doubleclick.net tcp
GB 172.217.16.225:443 yt3.ggpht.com udp
GB 142.250.187.238:443 youtube.com tcp
GB 172.217.16.225:443 yt3.ggpht.com tcp
US 8.8.8.8:53 www.sendspace.com udp
US 172.67.170.105:443 www.sendspace.com tcp
US 172.67.170.105:443 www.sendspace.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 adncdnend.azureedge.net udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 8.8.8.8:53 apis.google.com udp
US 152.199.19.161:443 adncdnend.azureedge.net tcp
GB 216.58.212.206:443 apis.google.com udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 cat2.hbwrapper.com udp
US 8.8.8.8:53 cloudflare.com udp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 68.183.18.251:443 cat2.hbwrapper.com tcp
US 104.16.133.229:443 cloudflare.com tcp
US 8.8.8.8:53 bidder.criteo.com udp
US 8.8.8.8:53 prebid.adnxs.com udp
US 8.8.8.8:53 ib.adnxs.com udp
GB 142.250.179.226:443 securepubads.g.doubleclick.net tcp
NL 185.89.210.90:443 ib.adnxs.com tcp
US 8.8.8.8:53 cat.hbwrapper.com udp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 8.8.8.8:53 prebid.a-mo.net udp
US 192.241.157.60:443 cat.hbwrapper.com tcp
US 8.8.8.8:53 hbopenbid.pubmatic.com udp
NL 145.40.97.67:443 prebid.a-mo.net tcp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
US 8.8.8.8:53 btlr.sharethrough.com udp
US 8.8.8.8:53 prebid.media.net udp
DE 3.66.48.129:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 ssc.33across.com udp
US 34.120.63.153:443 prebid.media.net tcp
US 34.149.20.76:443 ssc.33across.com tcp
US 8.8.8.8:53 udmserve.net udp
US 104.16.133.229:443 cloudflare.com tcp
US 68.71.249.118:443 udmserve.net tcp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
GB 96.17.179.205:80 apps.identrust.com tcp
GB 96.17.179.184:80 apps.identrust.com tcp
GB 96.17.179.205:80 apps.identrust.com tcp
US 8.8.8.8:53 prebid.cootlogix.com udp
US 8.8.8.8:53 widgets.outbrain.com udp
US 104.238.132.18:443 prebid.cootlogix.com tcp
GB 23.44.233.82:443 widgets.outbrain.com tcp
NL 185.89.208.11:443 prebid.adnxs.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
BE 74.125.206.154:443 stats.g.doubleclick.net tcp
GB 142.250.179.226:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 id5-sync.com udp
DE 162.19.138.120:443 id5-sync.com tcp
US 8.8.8.8:53 api.rlcdn.com udp
US 8.8.8.8:53 static.criteo.net udp
US 8.8.8.8:53 tcheck.outbrainimg.com udp
US 8.8.8.8:53 widget-pixels.outbrain.com udp
US 8.8.8.8:53 engine.spotscenered.info udp
NL 178.250.1.3:443 static.criteo.net tcp
US 104.18.97.60:443 engine.spotscenered.info tcp
GB 23.44.233.179:443 tcheck.outbrainimg.com tcp
US 34.120.133.55:443 api.rlcdn.com tcp
US 104.18.97.60:443 engine.spotscenered.info udp
US 8.8.8.8:53 ba1b293af81e61b52051bf210ae25d17.safeframe.googlesyndication.com udp
GB 216.58.213.1:443 ba1b293af81e61b52051bf210ae25d17.safeframe.googlesyndication.com tcp
US 216.239.32.36:443 region1.google-analytics.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 contextual.media.net udp
GB 23.44.232.189:443 acdn.adnxs.com tcp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 sync.cootlogix.com udp
GB 92.123.240.21:443 contextual.media.net tcp
US 8.8.8.8:53 ads.pubmatic.com udp
US 67.202.105.21:443 ssc-cms.33across.com tcp
US 159.65.230.163:443 sync.cootlogix.com tcp
GB 23.44.232.202:443 ads.pubmatic.com tcp
US 8.8.8.8:53 invstatic101.creativecdn.com udp
US 8.8.8.8:53 tags.crwdcntrl.net udp
US 8.8.8.8:53 lb.eu-1-id5-sync.com udp
US 34.96.70.87:443 invstatic101.creativecdn.com tcp
US 13.33.52.45:443 tags.crwdcntrl.net tcp
DE 141.95.33.120:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 esp.rtbhouse.com udp
US 35.190.39.111:443 esp.rtbhouse.com tcp
US 8.8.8.8:53 cdn.id5-sync.com udp
US 104.22.52.86:443 cdn.id5-sync.com tcp
GB 172.217.169.35:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 bcp.crwdcntrl.net udp
GB 216.58.204.78:443 www.youtube.com udp
IE 52.48.9.219:443 bcp.crwdcntrl.net tcp
US 8.8.8.8:53 cdn.prod.uidapi.com udp
US 8.8.8.8:53 check.analytics.rlcdn.com udp
GB 54.230.10.126:443 check.analytics.rlcdn.com tcp
GB 18.165.155.172:443 cdn.prod.uidapi.com tcp
GB 18.165.155.172:443 cdn.prod.uidapi.com tcp
GB 54.230.10.126:443 check.analytics.rlcdn.com tcp
NL 178.250.1.3:443 static.criteo.net tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
DE 162.19.138.120:443 lb.eu-1-id5-sync.com tcp
US 8.8.8.8:53 cdn-ima.33across.com udp
US 172.64.152.89:443 cdn-ima.33across.com tcp
US 172.64.152.89:443 cdn-ima.33across.com tcp
US 8.8.8.8:53 oa.openxcdn.net udp
US 34.102.146.192:443 oa.openxcdn.net tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 www.ovardu.com udp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 172.67.174.4:443 www.ovardu.com tcp
US 172.67.174.4:443 www.ovardu.com tcp
US 8.8.8.8:53 oajs.openx.net udp
US 34.120.107.143:443 oajs.openx.net tcp
US 8.8.8.8:53 mv.outbrain.com udp
GB 151.101.62.132:443 mv.outbrain.com tcp
US 8.8.8.8:53 image6.pubmatic.com udp
US 8.8.8.8:53 enlisted.net udp
NL 198.47.127.19:443 image6.pubmatic.com tcp
US 104.22.42.210:443 enlisted.net tcp
NL 185.89.210.90:443 ib.adnxs.com tcp
US 8.8.8.8:53 google-bidout-d.openx.net udp
US 35.244.159.8:443 google-bidout-d.openx.net tcp
US 35.244.159.8:443 google-bidout-d.openx.net tcp
GB 23.44.233.82:443 widget-pixels.outbrain.com tcp
US 8.8.8.8:53 mcdp-chidc2.outbrain.com udp
US 64.74.236.127:443 mcdp-chidc2.outbrain.com tcp
US 8.8.8.8:53 images.outbrainimg.com udp
GB 23.44.233.179:443 images.outbrainimg.com tcp
GB 216.58.212.227:80 www.gstatic.com tcp
GB 23.44.233.179:443 images.outbrainimg.com tcp
GB 23.44.233.82:443 widget-pixels.outbrain.com tcp
GB 23.44.233.82:443 widget-pixels.outbrain.com tcp
GB 23.44.233.82:443 widget-pixels.outbrain.com tcp
US 104.22.42.210:443 enlisted.net tcp
US 104.22.42.210:443 enlisted.net tcp
US 104.22.42.210:443 enlisted.net tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
NL 142.250.27.84:443 accounts.google.com udp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
GB 172.217.169.65:443 tpc.googlesyndication.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 static.enlisted.net udp
GB 93.123.11.62:443 static.enlisted.net tcp
GB 93.123.11.62:443 static.enlisted.net tcp
GB 93.123.11.62:443 static.enlisted.net tcp
IE 63.35.126.133:8383 uep.gaijin.net tcp
IE 63.35.126.133:8383 uep.gaijin.net tcp
US 8.8.8.8:53 consent.cookiefirst.com udp
GB 143.244.38.136:443 consent.cookiefirst.com tcp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 s.yimg.com udp
US 204.79.197.200:443 bat.bing.com tcp
GB 87.248.114.11:443 s.yimg.com tcp
BE 74.125.206.154:443 stats.g.doubleclick.net udp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
GB 143.244.38.136:443 consent.cookiefirst.com tcp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 edge.cookiefirst.com udp
GB 87.248.114.11:443 s.yimg.com tcp
RU 77.88.21.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 sp.analytics.yahoo.com udp
IE 212.82.100.181:443 sp.analytics.yahoo.com tcp
US 8.8.8.8:53 script.anura.io udp
GB 18.169.22.210:443 script.anura.io tcp
US 8.8.8.8:53 ads.anura.io udp
GB 3.162.20.55:443 ads.anura.io tcp
US 8.8.8.8:53 stun.anura.io udp
DE 18.158.229.59:443 stun.anura.io udp
GB 18.169.22.210:443 script.anura.io tcp
RU 87.250.250.119:443 mc.yandex.ru tcp
GB 93.123.11.62:443 static.enlisted.net tcp
US 104.22.42.210:443 enlisted.net tcp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
US 104.22.42.210:443 enlisted.net tcp
RU 87.250.250.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 redirector.gvt1.com udp
GB 172.217.169.46:443 redirector.gvt1.com tcp
US 8.8.8.8:53 r3---sn-1gieen7e.gvt1.com udp
CH 74.125.173.168:443 r3---sn-1gieen7e.gvt1.com udp
US 104.22.42.210:443 enlisted.net tcp
US 104.22.42.210:443 enlisted.net tcp
US 104.22.42.210:443 enlisted.net tcp
US 104.22.42.210:443 enlisted.net tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com tcp
RU 87.250.250.119:443 mc.yandex.ru tcp
US 216.239.32.36:443 region1.analytics.google.com udp
US 8.8.8.8:53 log.outbrainimg.com udp
US 50.31.142.31:443 log.outbrainimg.com tcp
US 50.31.142.31:443 log.outbrainimg.com tcp
US 50.31.142.31:443 log.outbrainimg.com tcp
US 8.8.8.8:53 eventlog.outbrain.com udp
US 50.31.142.223:443 eventlog.outbrain.com tcp
GB 172.217.169.35:443 beacons.gcp.gvt2.com udp
BE 74.125.206.154:443 stats.g.doubleclick.net udp
US 8.8.8.8:53 fs12n4.sendspace.com udp
CA 69.31.136.53:443 fs12n4.sendspace.com tcp
CA 69.31.136.53:443 fs12n4.sendspace.com tcp
US 8.8.8.8:53 crt.sectigo.com udp
US 104.18.38.233:80 crt.sectigo.com tcp
NL 142.250.27.84:443 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 142.250.72.163:443 beacons2.gvt2.com tcp
US 142.250.72.163:443 beacons2.gvt2.com udp
US 216.239.32.36:443 region1.analytics.google.com udp
US 216.239.32.36:443 region1.analytics.google.com tcp
GB 172.217.169.35:443 beacons.gcp.gvt2.com udp
BE 74.125.206.154:443 stats.g.doubleclick.net udp
CA 69.31.136.53:443 fs12n4.sendspace.com tcp
CA 69.31.136.53:443 fs12n4.sendspace.com tcp
BE 74.125.206.154:443 stats.g.doubleclick.net tcp
US 172.67.170.105:443 www.sendspace.com udp
US 8.8.8.8:53 prebid.adnxs.com udp
US 8.8.8.8:53 ib.adnxs.com udp
US 192.241.157.60:443 cat.hbwrapper.com tcp
NL 178.250.1.8:443 bidder.criteo.com tcp
US 192.241.157.60:443 cat.hbwrapper.com tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
US 8.8.8.8:53 prebid.a-mo.net udp
GB 185.64.190.77:443 hbopenbid.pubmatic.com tcp
NL 185.89.208.11:443 prebid.adnxs.com tcp
US 8.8.8.8:53 hb-api.omnitagjs.com udp
US 8.8.8.8:53 btlr.sharethrough.com udp
NL 145.40.97.66:443 prebid.a-mo.net tcp
FR 185.255.84.150:443 hb-api.omnitagjs.com tcp
DE 52.29.22.58:443 btlr.sharethrough.com tcp
US 8.8.8.8:53 prebid.media.net udp
US 34.120.63.153:443 prebid.media.net udp
US 34.149.20.76:443 ssc.33across.com udp
US 68.71.249.118:443 udmserve.net tcp
US 8.8.8.8:53 prebid.cootlogix.com udp
US 206.189.233.111:443 prebid.cootlogix.com tcp
US 8.8.8.8:53 mv.outbrain.com udp
US 206.189.233.111:443 prebid.cootlogix.com tcp
GB 146.75.74.132:443 mv.outbrain.com tcp
GB 142.250.179.226:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 2bb789a34ed13a42f1afcb0f0777c564.safeframe.googlesyndication.com udp
GB 216.58.213.1:443 2bb789a34ed13a42f1afcb0f0777c564.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 widgets.outbrain.com udp
GB 96.16.109.182:443 widgets.outbrain.com tcp
US 64.74.236.127:443 mcdp-chidc2.outbrain.com tcp
US 8.8.8.8:53 images.outbrainimg.com udp
GB 95.100.245.166:443 images.outbrainimg.com tcp
US 8.8.8.8:53 www.google.com udp
GB 172.217.169.65:443 tpc.googlesyndication.com udp
GB 142.250.178.4:443 www.google.com udp
US 50.31.142.31:443 log.outbrainimg.com tcp
US 8.8.8.8:53 ads.pubmatic.com udp
NL 145.40.97.66:443 prebid.a-mo.net tcp
NL 185.89.210.141:443 ib.adnxs.com tcp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 ssc-cms.33across.com udp
US 8.8.8.8:53 contextual.media.net udp
US 8.8.8.8:53 sync.cootlogix.com udp
US 8.8.8.8:53 image6.pubmatic.com udp
US 151.101.1.108:443 acdn.adnxs.com tcp
GB 173.222.12.26:443 contextual.media.net udp
US 67.202.105.23:443 ssc-cms.33across.com tcp
US 68.183.118.170:443 sync.cootlogix.com tcp
NL 198.47.127.19:443 image6.pubmatic.com tcp
NL 198.47.127.19:443 image6.pubmatic.com tcp
GB 96.16.109.9:443 ads.pubmatic.com tcp
US 8.8.8.8:53 fs12n1.sendspace.com udp
CA 69.31.136.53:443 fs12n1.sendspace.com tcp
CA 69.31.136.53:443 fs12n1.sendspace.com tcp
US 50.31.142.31:443 log.outbrainimg.com tcp
US 50.31.142.31:443 log.outbrainimg.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 id.google.com udp
GB 142.250.179.227:443 id.google.com tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
GB 142.250.187.206:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.187.206:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.187.206:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.179.227:443 id.google.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 172.217.169.65:443 tpc.googlesyndication.com udp
GB 172.217.169.65:443 tpc.googlesyndication.com tcp
GB 142.250.187.206:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
GB 142.250.187.238:443 encrypted-tbn2.gstatic.com tcp
GB 142.250.200.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.200.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.200.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.200.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.187.206:443 encrypted-tbn0.gstatic.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
CH 172.217.168.67:443 beacons.gcp.gvt2.com udp
CH 172.217.168.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.22:443 i.ytimg.com udp
GB 172.217.169.22:443 i.ytimg.com tcp
US 8.8.8.8:53 freebitco.in udp
US 172.66.42.243:443 freebitco.in tcp
US 172.66.42.243:443 freebitco.in tcp
US 8.8.8.8:53 crypto-news.webpkgcache.com udp
GB 172.217.16.225:443 crypto-news.webpkgcache.com tcp
GB 172.217.16.225:443 crypto-news.webpkgcache.com udp
US 8.8.8.8:53 pki.goog udp
US 216.239.32.29:80 pki.goog tcp
US 172.66.42.243:443 freebitco.in tcp
US 172.66.42.243:443 freebitco.in tcp
US 172.66.42.243:443 freebitco.in udp
US 8.8.8.8:53 static1.freebitco.in udp
US 8.8.8.8:53 sirv.freebitco.in udp
US 172.66.41.13:443 sirv.freebitco.in tcp
US 172.66.41.13:443 sirv.freebitco.in tcp
US 172.66.41.13:443 sirv.freebitco.in tcp
US 172.66.41.13:443 sirv.freebitco.in tcp
US 8.8.8.8:53 captchas.freebitco.in udp
US 8.8.8.8:53 pushpad.xyz udp
US 172.66.42.243:443 captchas.freebitco.in tcp
US 8.8.8.8:53 hcaptcha.com udp
US 172.66.41.13:443 captchas.freebitco.in tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 104.19.219.90:443 hcaptcha.com tcp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 172.67.73.76:443 pushpad.xyz tcp
US 8.8.8.8:53 ajax.cloudflare.com udp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 104.17.73.14:443 ajax.cloudflare.com tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 172.66.42.243:443 captchas.freebitco.in tcp
US 104.19.219.90:443 hcaptcha.com tcp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 104.19.219.90:443 newassets.hcaptcha.com tcp
US 104.19.219.90:443 newassets.hcaptcha.com tcp
US 172.67.73.76:443 pushpad.xyz tcp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 track.freebitco.in udp
DE 3.64.244.172:443 track.freebitco.in tcp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
CH 172.217.168.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 172.217.169.67:443 beacons3.gvt2.com tcp
CH 172.217.168.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons3.gvt2.com udp
US 172.66.41.13:443 captchas.freebitco.in tcp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com udp
US 104.19.219.90:443 newassets.hcaptcha.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 104.19.219.90:443 newassets.hcaptcha.com tcp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 stats.g.doubleclick.net udp
BE 74.125.206.157:443 stats.g.doubleclick.net udp
US 172.67.73.76:443 pushpad.xyz tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 kit.fontawesome.com udp
US 8.8.8.8:53 static6.freebitco.in udp
GB 216.58.201.106:443 ajax.googleapis.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 172.64.147.188:443 kit.fontawesome.com tcp
US 172.66.41.13:443 static6.freebitco.in tcp
US 172.66.41.13:443 static6.freebitco.in tcp
US 172.66.41.13:443 static6.freebitco.in tcp
US 172.66.41.13:443 static6.freebitco.in tcp
US 172.66.41.13:443 static6.freebitco.in tcp
DE 3.64.244.172:443 track.freebitco.in tcp
US 8.8.8.8:53 static.hotjar.com udp
GB 216.58.201.106:443 ajax.googleapis.com udp
US 13.33.52.93:443 static.hotjar.com tcp
GB 216.58.201.106:443 ajax.googleapis.com tcp
US 8.8.8.8:53 script.hotjar.com udp
GB 54.230.10.124:443 script.hotjar.com tcp
GB 142.250.178.4:443 www.google.com udp
CH 172.217.168.67:443 beacons.gcp.gvt2.com udp
CH 172.217.168.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 e2c54.gcp.gvt2.com udp
US 35.219.153.27:443 e2c54.gcp.gvt2.com tcp
US 8.8.8.8:53 udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFHPCFFP\sedo_logo[1].png

MD5 def00c11b1596db4efee6a9fbe64fc27
SHA1 bd298981e6d8d7e4ffa18abcf687041f4246672d
SHA256 95c427fa3143b1896faf42a6406686ce7602cb39052081bb32d12b51c9e047e4
SHA512 c056e95dbfa1aab3a50dff18c6d577dbffea72c93316ffc53b6b7aa41dcc7707a810d563894589a7305de0b76610f88150b2034670de368773b2b356f14ad30f

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 6cc6b06fab40f9658193d6cb5e523991
SHA1 8bb9187e36101cccee168a59fc4a0a81a75ccee6
SHA256 96c226bfda3ddaf56c1ddd6a2ce13c99857da5da5cc69a81eb05703d3d5d8f8e
SHA512 466b7868b3e042c735f4f6a9342c8a1c48ce76926220429165f73a38019f35c227c190816fc25dc5c09870575ff3e510286e516af9a4aadb2d3c0db5788b708a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9636656e0542f75d7f3028b1b3d88eb9
SHA1 a5da593c6c1e6d6c474ec05bcfbdd987fbfffdac
SHA256 87f9b1712f6c80cb82413c2148b3b5f22b54ecf2d02f175ebcee1db51fa46a84
SHA512 6d2ae1d267652a6de487adbde503220bd42de122169950d52264abed369c02a29285c6a5cfd5c9087b14f57d5396070973d8fcdc04803a48bc4d9b216e074048

C:\Users\Admin\AppData\Local\Temp\Tar6174.tmp

MD5 9c0c641c06238516f27941aa1166d427
SHA1 64cd549fb8cf014fcd9312aa7a5b023847b6c977
SHA256 4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f
SHA512 936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

C:\Users\Admin\AppData\Local\Temp\Cab6163.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ca53c5408e83fadf0b9979e850483765
SHA1 eb37e56a203582ec4951c914c8a524d6ea93b122
SHA256 e0188b104b744ca495c9f09cc859faa1b3dd511d06d0f79438df023a01096630
SHA512 f61079b1eda43eabd87fa003fd8f305a35dd1793f04f380b916cf55a4fbeddef6874f862df6b525ab5644ad969abc5a911d62e3144cd127ebfb07323956bad44

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 21dcb55a5a227a058470cbe80bbd72ed
SHA1 8431e5c7881f7186e6b29e66a2e1db8d8d78db34
SHA256 f3e744f8466a541aec7d33d8039fc95e862afd3d6ae03b8798c78a529c233c46
SHA512 97abee77402ef7229d186af0f31bff65fee6f916488b474e8290b6ff6c38a4ce4717b5450756d2f9e7f4eb5d885f11bce3523db8c015f247c238f29df98cf7ab

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6bcc1732cac27b398bf69fbe3fa634c4
SHA1 98cfdfc7702d924859dd800a0e3a4a8740e5bbc3
SHA256 46e108a07b37ae423b1065072a940ca76e8cebcf3949e310db4478ef792cad10
SHA512 c31b5f897d783fae41df6e2323cc2eb9509601948daddded87a21beba8ef858034c48894819f73aca7143d276d2aa0892098a9d16e9fcaf1be94484b0e5f61c8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 61295e55762de90eb4837b70ba11f888
SHA1 adc92bc7780eb5d48712f276a62979600872f101
SHA256 506c92bb9724d49271350b813c4d91c658647709b5e45b257e4c41db73b9aef1
SHA512 8a54095f16dd97c93dd71793bee218646ed8dd761ec1cff8c67650620802f33723eb748468c796aa9be0396e7717192c087f3c62ac64184a95094593d8aa25a4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f99b1c58eb58cd7d32892cad0f7bedeb
SHA1 26cc1960489c0782b20dbd6889d1558e5218d3cf
SHA256 80af51dc6b41808cc118c68bcc80c1b73406be1434d69b7c023d130b04a5018e
SHA512 7f5aa843bd7e8b5a42655baba97c7a67a2056682ce2f69247841d72dbe11db3ac57c86ff8e6ce7f839b99e8c9753995ba0d28dc36b7898a0d2adea7bbc694a75

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 69fb2f4f501dc0100402074f42f8c315
SHA1 c5592e6147ca777e52599829206cfda9538b5899
SHA256 2d3ae2b1190d9f1e5a594d1e5c2424690d07c5e28c32cb1e5410f6441373349e
SHA512 30c933b9f1d73ab1f196d978d61685689c3d59c73ad687202288d7897dc614660ba97109ab27f5fc5c24014a40d2acde3a97357f3e13c8f6bc9ec95cf14c185a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2c65631f79e0ee3e9617ff1f72b88589
SHA1 e37905018a670dc27ced3c720f12214d22fcb88a
SHA256 3c9026af2df536a9388461493209d24419639bf5ab57758627090b865ebe286a
SHA512 89708b57d22253ba46befe52255ab3b809cbde771c7db615ac14cf15a3dd593880badbb68e62bfa9f7eec8beb4d7a8372a64955a4e0fac6124e58017e2255e33

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 535ef9f3214331529fd094f09e2a6f77
SHA1 81757344f400a742500f2509ef223e2265dfd330
SHA256 98e48c66e949c6cc5b4833e21a752f4d4b386ed7e1de5a021a8b74efd176a297
SHA512 16d8ae957f13b72c1e6c6386ecf306ad2bff3613f1eca5311e8d205c89832e6e05a8a6addb1731faf9759831810d8d91c3c7c10f83011b5dafd4bc5839592369

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 17b04783ce11ac1a8ba2114d5d456905
SHA1 a931556dc3784396b371861e1b683d1b5ff6c38f
SHA256 262122735dc86ca70b263dfe62fdccb04f066f9178616e0ca7f6cacc0069ab7f
SHA512 2ea0a84d9a21ed2d0e2fc9c7ed868347fbc410f81b947b9cb914793c1f309ccde8ac5903ebe1b3d9e054aec67f3525f1bfe40c750253005df7f3c6a273f5cc29

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ea8b7545342e02aae215d38b0af2b00f
SHA1 e5f36fe38cc13894ec8f6b988a6b54883920c826
SHA256 b4011f35279aac53247b6b06e8f2b98dcfddea4772a902c00fd78b5625c53628
SHA512 7c9219dd7ff9e4c582a3ec3c27de082a97e3c1214b37738def42af61f5ad3d5a6b46297dccb14c182c1417a690516f6d758f2d97bd937d5c2b00629f5ea6f57b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4ae793048ed2f7d04c7d013fc7d4921f
SHA1 a1e4a485996c1f0e2d501f9b4e1a22af88d48872
SHA256 d885bf3e80524be646379c9ac247dab5c71ac8bec2d92ec77027c32e7741a2b4
SHA512 2e3f07cca133a1d23077950da99177ecdf6384b5939820e6975a228e3acbdc737588eee6e93be383266e08b4b4d23ee5585806b3d83ec61d99cd3c56f8087d02

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YVWL6AI\qsml[1].xml

MD5 93f47117e20a9e802a36d1e1645cae3e
SHA1 aec8cdcc6d8bba0cb29f36325655a044bc913605
SHA256 d9aa172e8dd6988804b4a4f6bc7026bd59f9118227b76133874751e066da98f2
SHA512 ea04ddfb0dbe7866f62fb22b7327f40f6fe8ba0fc304677853f0e1f9f969ddf73b95ecc9f47784941a4494d1177fdb327d4bd3cc3d792ac25aca4cf6cd393450

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\87800CQL.txt

MD5 15f856968314b701799f7e4d79caafcf
SHA1 f6078bd162784d61bb5fca255914a42deaba51c8
SHA256 144e226d60a1814f3d358193aa4cc862a033be871d55697aae77d35f847a3553
SHA512 7c3074692f86c77930736cebc0749f1001708ea0fb632cf9b4969f12c3b6a095a8b18670cb9658859d3aa1ac2425eb41dc390f9935c091b8c9de7b6877ff062d

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YVWL6AI\qsml[3].xml

MD5 510fd81a4fbdbe5b8a8e462a5352b0a0
SHA1 8e4388191e00466a17262fb1c63e200fd3eef9d7
SHA256 dee64cf133c99a443cd25fcb5cd0e0d045c14021fe701f6a704d5a81a5893c23
SHA512 c915d0ec3d2de6713547e69e67ed82b3244f0894814533ff4f32b479d0fd4b7d8d94b7a0b16c5e84faff9d0b72072b87d112fa4448ef98fa687b6499ef37c53c

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YVWL6AI\qsml[4].xml

MD5 905786ff3b711107a092ed70450b7a53
SHA1 b7cc720a86acb4a4785640c938b8908bbe03794d
SHA256 604797bf421cf8d31c3c69589cd02217f45b6909da112ccbab63ad89af2d45c9
SHA512 fe5fb67834f1ab011315d7acbb75c94bbf91f9b3924bd0867422c371c48e86edca30cc593a5244dd84df5926278a1b5dcb138ccf01b90942a5ace1982618a26b

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YVWL6AI\qsml[5].xml

MD5 a4aabb3e7540271a1f8f255be11f7c7d
SHA1 4797e7ae3a20e7055e9122a44b459fb9dcda0fa9
SHA256 93372332846a25e6cf7d464dc89318c38a797c2a78910de55f33e4f0790ba334
SHA512 e662d9ae91047c4363c5c2f75a4dc782cdb9dd86a5dfa2057c1af4a9d1cff1c01526af7b42e916d2dc53d2b6a3b2b4e159d80ce8f89f7c008695bab4216ed9a0

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6MCRSFJ\favicon-trans-bg-blue-mg[1].ico

MD5 30967b1b52cb6df18a8af8fcc04f83c9
SHA1 aaf67cd84fcd64fb2d8974d7135d6f1e4fc03588
SHA256 439b6089e45ef1e0c37ef88764d5c99a3b2752609c4e2af3376480d7ffcfaf2e
SHA512 7cb3c09a81fbd301741e7cf5296c406baf1c76685d354c54457c87f6471867390a1aeed9f95701eb9361d7dfacce31afd1d240841037fc1de4a120c66c1b088c

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 edf50f8788f67f9e44205f67e88e8a27
SHA1 aeeb2aa2e66571f2bf3240ba993fb31599afb243
SHA256 437e59b3516b12d2e54c56b81fe4ca8fbf2e8efb7e2bfeee3ccf20ef50cb425a
SHA512 93ba4e1a447e40ca56fb66e69a85532a023fa00747924d8bacd5cb27a94dba6978a6b4b25db1bffc608134b67e14a90c4fa6381ca9c662c5f97f09a4001fa34b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 30c40080af7fd5166c357ac142127dd0
SHA1 943f20c2a4ca3f6d5228726361bd257a9d3d7006
SHA256 acd5117f5d38dcfa7ea54efff7de38cf5b3d9b9355309795a5a73657f5b6e70d
SHA512 a2d931b5e08d96c1a83034c6c8731911553ee56519a6fd561f7da097f80f6c6bb77835eb29dd4827f8f883ed21f113a1d8f55a395f83b9341ee76484e7a0bbfd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 31010f094c637cbe55157a7e975df665
SHA1 9e19432a30f6a2ee4ad04ca4070208f0b5fff6d4
SHA256 2abbad0308c55a176670a7909a7182b1eae8e764f2898ba43cc0137a0c975c01
SHA512 3a8778245f5d2fd58a4cc361304377759194a12035237efc59e3c63a9130f4e69bcd572bbd01f4b2eabaf721d77f878b209acec092f3e4826403735b1112a7e3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 7e8af6d74082a52d8acd981b4e06e150
SHA1 c5a3dc1ef4e9149f4c48354d43ac60ef3eb6c700
SHA256 012304a59fc69e24d02a22d157271cf084eb63502e2d60185201a665a35a2006
SHA512 2d35f5f744f793566212f60d2f4b211ebf942e85fdcc5a2dd57cc68ea4fd4d4cb03b91bc5991fe381e0735912488f17dbfe1398587539305638cde7c4ec9dcbc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F0ACCF77CDCBFF39F6191887F6D2D357

MD5 a266bb7dcc38a562631361bbf61dd11b
SHA1 3b1efd3a66ea28b16697394703a72ca340a05bd5
SHA256 df545bf919a2439c36983b54cdfc903dfa4f37d3996d8d84b4c31eec6f3c163e
SHA512 0da8ef4f8f6ed3d16d2bc8eb816b9e6e1345dfe2d91160196c47e6149a1d6aedaafadcefd66acdea7f72dcf0832770192ceac15b0c559c4ccc2c0e5581d5aefc

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5b5ea66fe3c16a149f46fdbb5e4f31f5
SHA1 379d8b09f198f6d05523f4303cb0eff7e7a474e8
SHA256 32107d6e41566dda73a2f57287eef1f3590c2b11ab1d9c3412dbc0369ae4f6ad
SHA512 60eaf8e826012011fc835cfc9122a3d7d785b96e22212169d196ff0c02f43a8e7e60dcccdb0092452300cb6c4036c0ed8f6368756b8793c285df4d015b23aa49

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 db3b0aeec198eb2a48455fe53e57fb29
SHA1 830d2570c0270b3930e7565b5ec6baf14c32b4f7
SHA256 afa4a2561a46fe4960fdee04f95246f65ba96167ebd97a974a6c64505079a621
SHA512 e5e900a358a26894f53f69721619754eef7b4d9f87ddb355dce12a53499288ead9682e17897293e8212ac22aea881a3c058a53e0052216f04203f9519f816e1a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\6B2043001D270792DFFD725518EAFE2C

MD5 f55da450a5fb287e1e0f0dcc965756ca
SHA1 7e04de896a3e666d00e687d33ffad93be83d349e
SHA256 31ad6648f8104138c738f39ea4320133393e3a18cc02296ef97c2ac9ef6731d0
SHA512 19bd9a319dfdaad7c13a6b085e51c67c0f9cb1eb4babc4c2b5cdf921c13002ca324e62dfa05f344e340d0d100aa4d6fac0683552162ccc7c0321a8d146da0630

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 749b75f5b5b6bf4b2271373bd1f07711
SHA1 f096d3a160eb48578c4f008bac05f2b3fdea7d3e
SHA256 d9b27664d901909b37f9b6730ea5ba91df409067cccea9b9b7a0c40d983a6d87
SHA512 d94d2fd4f39c11a28fa4497e6301a027541b90e5e520937aaf4e1a6a3fd1ee2bb535b0edfab6b7c8f8748487c7ef8ed130759336c72e7dd09ff1415bb59b7680

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 47ff269374d535cb178746b116ba4093
SHA1 a2681cb5b96e027347aa1a8ada90452543d29fb4
SHA256 dd55371f5ac0dddc45a59f9f5f7ffc7a89037320f14c580bb05ed76d965bf438
SHA512 5a623e6eef57126bb203a74ee22b013b5c93bfd6be41be77b645614bad56a5223a609bfc53c17ad2df2ca0d972368ab5f6514dc60d45d69f2f32f5e3474d6370

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d2c8294d755ccca365d783d56c6ef220
SHA1 cd8e3b276574a666ed79f9336cb49c11281ca99b
SHA256 896452f1bc97d198a3dfdd69e253b8c480024f4fda68f224bc37fac58c02101a
SHA512 2dce70c55ebcddd3effab4224c98d02f7c6f5f9fba71b0bb5feae223db895e495f241bdddb57afebedd421ea1d39ae75d40f7ec78f2a18ff6d1a755af1c52f77

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\6B2043001D270792DFFD725518EAFE2C

MD5 1c7dea9934f668d920981627805368ea
SHA1 08f77fc8480029c22b2e98b82e3fc370b298cd9f
SHA256 189df36da485023335070cbd1cb5120cc7cfe7d6b003066f1d5cc511c53b9048
SHA512 2ce52e46bf8afe16ea23c97b2e3f4241f2d83165965362163ea9e89ba9420484ef598ce2f1059bde1e9fa76d254410b982743a9d53baf8397972b0a74334959a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3ac07367aa9581e63611955037586883
SHA1 6ceb4e857d6820b4040d0af44e994f64bab4e25a
SHA256 ce7abc0a6dd39832156daa0dd737f3d7f80570c4ecf1c1bab2d5087e9c8c7317
SHA512 ea6e5db4396689e2837c0b6b766a8d5d872cdab75b4e3f0f166e3892d0bd152787a647d55c95e5343099cb5cf5b6f6587c56e1f2cd78b4666c3ee79126a66499

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f1e6f93435fc8a205e5125d71741ccf8
SHA1 e8e3dc640ee3d6e9a203cb27167713e89f80d3b7
SHA256 1adce5298337f13cb28cdbd9b6fb9972e0ec36cbb5dbe9d8437f8c6ec595fa19
SHA512 c277a5f6b8a4cd939b6e8e873c646f60f294addf4d6494cde119124233f5f06d4576a7d50bfb4a97ab9f945759fb07f0a67c7b802cc0814458218a6f983eb446

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 75e1fb0497d2310cd83e712a5809859c
SHA1 df4aecc463a402d3b18de46064785a96546387a5
SHA256 00bcba89bdf8d3023333de941104867bc00c64921da18d226625b4281f307253
SHA512 5f7e441b0dffd739032b0ea2229bac654054aa4ad5a80744df52e41497efe051587264545e45b70896c1371e9ddfbdddc3825b16a930fdcc96f08279874eb746

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c29778a2fb90d3f82133729fc3158837
SHA1 7adc98fa4b88614fdbb07ae09db13d7d28b8b72a
SHA256 a52b0c3f07ad01261c9d7a5b6ad6ddfcefb025634b7a96ef863215856a0e5e77
SHA512 a965a1ae208ad25038ca69c74b2cb471ef6f17e9374ac8c42b4e99c99bb5d3e99a5112c296fec56b4b8576e6a78eb905ff373a8ae0211a906082f5f3986d17c0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cba81c09a39e3c83cac8775349c65349
SHA1 84848dd10aac7f5cb3d153dd50178eb0ca48b1b6
SHA256 aa639ee5a1c2770c4dd26584510b9f948f5f616b2bab585d1e3fc827bb96e5a3
SHA512 ce877d93f14bd7e5497007ef0e4b46efcb4ccfeda66dc9ca7ddba1ed0969a385add497603b4b143e424d1b788e6db4f4f53a1d9e33747ec222f09a1dab7f3f8f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f94d7cfed14b0d843ebbf866075d6334
SHA1 4f6d470642554ec2b7d2551a2739858f0d9efb11
SHA256 d2467c29715764638e3029eb5d4eb5a527871cba6a772f7a29fc38dd193ee909
SHA512 6cd42c83ab4529288bda5c898dee474bbc2097b80de2360fd9037e623091df543aab70ffff4ba4b0d34cd33ca38baa08a6ff33562fb3411b1147625031d1a624

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2879b21b40037d3bf3e45beac0a35879
SHA1 2e91f6a8d899b651f5bc0909e73ae19e715e913e
SHA256 e081ab17a4db0ec064c7230cee63f3d573037b6dd6b2c307987a14236f579941
SHA512 523433d30516e8b55daa1a679ac9d411dc07f7b9e7baee5f9670d55cc1aea890d601932c1b2907ddf70ae40de25bdf3c1c1ceb1b9bc78aa3d2213ca246726e97

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 44f96e71f4a532c98ad08bfe452296ba
SHA1 15fc6aa7178f2507653d522cd1e231bcacf99555
SHA256 1a4e31c3207fc4d68b62be53e9bda2013766a8b916778ba995b98ff854a0e6d5
SHA512 b64d78cb7b5379024832b838b26a1fe9a8c75d05e90116eaf2db02dd4f50d5b961d527c27711a76993bd0f1a5b254066af457180dddb28d9409e0f22710a859d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7451d42de0447b7f7da3734be1d54bc0
SHA1 0cd70994d51ca3514c5242cee4ef1c8ccb88d752
SHA256 e1fa4c8ed3a79623e039dd3678fbc6557cbe202ff97beccd08f4d33132d2f337
SHA512 865fd582924ebb20ed78dee03b5c54496cc12f671f7b384278f49060ddaad57237b4ae130adfbe7c92404a65a6cf6771b1b22cea0eba5766e5f50e3c5231238a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fdbdce0b0b516b1c9866562cbe8cb635
SHA1 0731d08438c2b4f7e4c3b57530925195bba86773
SHA256 e1c85bd74d6247b06a030f08ceea5835409b829a38e3a86643f7881725cc1054
SHA512 bf11bf5ec4bb3954560a9d7f13496d17df9f299cde5dc34f5534c68dd43cda51a7766b4eba1d68fb0e7ac78c4fc43d9f5e05f8809df4328f78b3bdf67827e60c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 55847105899490c5d7ec6839dd6bb5cb
SHA1 dd07f55b328cc71af838099685c93b40ff2441a9
SHA256 95aaed97d757db9562f7cf81fd8d8109c66f5d9da230ae2bb60bd2ce882ceab9
SHA512 9dc8a378dd90ecabc782fd8e1f2ffbda054f43304fe640d256c8309ff183f509ca19535c5610943e3eaddd68032c4f319b72ecf56c2fdedba1a2b2025759444b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 990031c7ed3960862633736d1be04a44
SHA1 ac0c98f90f23e4847fab4fc8664e5ebc6234e3c6
SHA256 671ed722cb71927aa5e2cb9dc273d6cc57073362ae37040b13010532005a2069
SHA512 135604d9a89dbf0a3d9da3e4aa302b69733e86b941e9ef760351d792cd9e9d8ed2efa292e2a606ba91fae8270718edb898ca589ddd50149d2f5be06b14a6c448

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 999440809d2cfecaf1b9918aeee8c072
SHA1 cdda99852789b4ebd539bdc7bac74c8b18f195b3
SHA256 feda9bda8e3cd3934365b0d1d3341693c149bfde87ab5c446fd0bd67cfeed86b
SHA512 5f2c99960031e2df77b740fa7db768eb23a73529d25239a8df3e4d7154a0e5181c55b69dcb898de4254a8792750afd2e79e5e7cc1a1030a5a41ad7cecd789adb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c9b8ee983d2c1043401dc850694d912f
SHA1 e24f55e87cf46ce73e7928351e5d16b40375c1e8
SHA256 1a90eec309c4c6d141adf457bdd15fa72f6aec97cd8e48408e74566f8d3a47b3
SHA512 b29ea58bc324d52870b15c58450ea559533d5c12ce95743940c5d73369c76e17f42c9a33d8848200aad94b015ddb2230268d2b5bb672e32cd07394be792704ac

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 31c94388664a52b7e79d25e57f74af90
SHA1 e22db2cf75d168a857dd1f3d274999eaa70bc297
SHA256 2b1b47a6a11352eb27eae926f03f4ba90aa5f537f77a27649cdb668caff178aa
SHA512 722558a60a2deea0892a02dd446c1a791c513be9ae6da91db632aacd201fb2b8832c07de4295130f9a84980300f8682ba8dbe6adcb865518362ac6ea651b3257

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 55321faeec1b74012dfc19e8d424bbd5
SHA1 10c4f859c14a0d260b88703ac93ed793377478d5
SHA256 0e538aa9016420f6aec8820dba8c8dec6c5c431a9505d3f537a981182ef557b6
SHA512 c955c3d8c3c96dd7afa67bfc60455bc2413e19f32711425af8c777dd2dfaceea465644ab9233188e867a7c471aa11c5cc5a12d2a9cdfb7514c9b33d703f4e3a9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6c68aeca4cf6030631f37f9fe3bec738
SHA1 43fee8b1e821862a12e1f21ef7ffcd5f900c3e5b
SHA256 156e7773c491fa3a2ae62e6c2b9b7f6307f034f5f0313f779397df63a45f00eb
SHA512 b7979d09389c625aacc6db21482057fe104f7405b9f49f9553e1e6e41d2350a2ba2e4971ac15d90bb9ba9b38c73d7ff7f3dea5365a8d5671afe41c33ec1e14be

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9d869ad16a15377f7f83714401569e59
SHA1 36c9eea06e7beb3dd144d94f61dd3a4ae10f0a55
SHA256 4ce8a38e72796c90f06ad1bf4b2692a912ac82acf47b33691805e9d2a7a976a9
SHA512 cb70b2946fb3ea097d7266a3e1a7128dc4a38d6eced7e7a4cdbc6d468a395b3a1d7e2348b69524a737f962d6190052fae786f935553039121481c1d4f35a3e3f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3206e9f209a3afa54c03a1de85808df0
SHA1 bc8e1aa70582faadf93c95ee511ab8d5580788c5
SHA256 216eb00b7dcf8ba3504a9eb15c92be1d955e383868193c2801a5bab4e2c5006e
SHA512 7b2cc818ded8caef7f9ccff58b60d017c1109b55c1a8e637ed7a46b2dce0e0aed47cc1ad73f50c1d30b09e446c4f8b5b4cf73837ea4d4f7a1e0235c26311393f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 3d6a45e16b3946e5f747f51cb2a16b38
SHA1 b379f3704ca26dd622208e7515d9172dd9d578b1
SHA256 2712728fadfc303be17a2a3ba5b83e27c8fbd2905a5380cf549c10cc2c84d45c
SHA512 547cbe414909b85901cb08f0d64fc3b814f8360f96cd939afdea8106b33939721893d1965fcbeb27e786bb26849651501d8c7297a31f3c1cea0eb4bd09e72ff9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\24BD96D5497F70B3F510A6B53CD43F3E_3A89246FB90C5EE6620004F1AE0EB0EA

MD5 198e2ea8bea5727b97d64fd928792899
SHA1 3ae95c52c0f279e2c9e6e66d1c678723a4f147a2
SHA256 617a240f806a74696b0df740bf24383b13be802395b6516c8a15a1f9f86570b0
SHA512 dbc34a54796b22ea71b7ffc7f2698f7ccda08a90eb039cc9ec1d5ec960175e943ae7ed98eb50195a229de615c7de6966bf2492b6bc289a530ed1bb2f62e74bfd

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ab9ee22c02fef9969dcb2e39692bb049
SHA1 0709374bbee0f96f43929b3b49ec944eb290258b
SHA256 f152ab8e1ec58902986ff50a2c381bec6750b351c2d2a2adf377ae15a8cdc839
SHA512 9c6ec1c02c687e49d134b58ed8f2e068220d973511bb97b9388698c4914ef8b924ee83c266ed3c2fd3a86b486016e557c0de8ed45b438f7fdc6f7b7f26a4ce3a

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6MCRSFJ\favicon[1].ico

MD5 0b6dcf9c1429088c7f079d7cc291bb66
SHA1 d23f9a17c55011a829c1365bcba999b27c4115f4
SHA256 4b0358b16230208179720a09d205b99a3e9764e63815b09e9f1716a02fccadcb
SHA512 50b3d19252cf4601c93108639c0c82cd578c1869aeedbb327a7f917c7c9142ebe893347c9a065ad8dbd61b0edcb160b5169b7272c2f3a3f807649b007461ab74

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 03d5b9455954d97de08e9cf5b1d1190f
SHA1 3d3e693f66d5bcff737cfab8913fd2c7e202afc7
SHA256 e074a6fbba0f05de137a43f40b5ecef9de7e631bd609e758e14fd1008f28d34c
SHA512 43ad79b3a6e074db7b98f72997b5d02208db6857e088655bf0da528b9ee0a442bc24e4dc9c7cce4d1952aa8d0bb6fbf2d97cf899be6bd0891e215378317a5583

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6MCRSFJ\youare[2].mp3

MD5 9901c48297a339c554e405b4fefe7407
SHA1 5182e80bd6d4bb6bb1b7f0752849fe09e4aa330e
SHA256 9a5974509d9692162d491cf45136f072c54ddc650b201336818c76a9f257d4d2
SHA512 b68ef68c4dcc31716ce25d486617f6ef929ddbb8f7030dd4838320e2803dd6dd1c83966b3484d2986b19f3bd866484c5a432f4f6533bb3e72f5c7457a9bb9742

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 95258cb023fa08d26877d805546b9eb5
SHA1 a1fcfb441b505a1bd322d7251db6bca167fd81be
SHA256 d505b23af6c0813fbb7b28b1d7113d889a448b836f9dbdc8132c586e4410d27e
SHA512 ecddf6b4c5c9f1265f84f2631152e40280f15327c393046e82532305f60183d209b7e269a401e6de4af397c0d603128eda4fe7406e15af2ad50619837371e92d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3f6122c047e37fe250bb4572b82bc638
SHA1 4ce7aa3471ef5dd3f2022e9ac9de67e5d5b88a95
SHA256 7bcf52bd3c414b40cd2b7b900be602e2cda8efdcba41ef33515440483115a9ca
SHA512 8258513ff1a1a6c8098195e0a3ea40e78ff762dbaf82df9ae88fbc21324ddd8ffb35d9f71379919279ea00c3f879176e92eeb830a48ae0f17d5a890dd4a4fb80

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ee28615bc06b73af1576b46c7a4d44cf
SHA1 149e914fa93e1c69513ce1196e0715cc74955cef
SHA256 f6bf48c6fcd9a117fb9dad026a5f5e96530296f785c9a3f1282996847b67a12a
SHA512 1ca88b1d40e29ba0e5d3ba4ff527c0c7fd979253bd2e38fbe1a72d69fdf4eefbe43052711977bc5775d81366a38ce980390199bba4a9e8bca0bbfa7df4ffc2a0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 aae3a8e7ccc4a8fbb9d42607b70597b2
SHA1 ec47b7fc6632989bf28ed856ad177c7c7be88809
SHA256 64d9e48861877097cff28ab46b8898591f74ac21109edb167d15a2d613b3ae10
SHA512 19b63998e37781c8dea74fc4ec69ef0a14592a303d1ec897526c2e35144a30131d757d9b944e0af970d51f3c49e5c7f47fc2b1da0ac1bb7cfbe112c4e6ad2e2d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8d469a5a98b96834ed1e09a7337ce9c3
SHA1 628e18904a3a5b059eaca6539bdd1274bb28fd88
SHA256 2381fc43d0ca0bf47977bf521e666780ec36a250278c55c2f652823c14c93efd
SHA512 9ae5485a55b301aa18b9760c1d6adcd0d0fecd433b3a4ddd91ced83d1f9413659c7e6249d860d888762fba337c78c5f7a88782691ed22c45a8a5c0a581edca1a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cbd069131d68c996b2b69a7f7d61522c
SHA1 ab658435fb4e078d43002ff88178b74becc014fe
SHA256 4f1f2f4b80efe23ddeae7b1cb5dd343e0cd369b86674cf34fcb9fac72e0f13ce
SHA512 54227c6105123302ae1c6c3f52eae77630ebbe261b9648b3b4b20dbe1d606dcfcdfc4470333976025fde39f4ca322784740a71393e3f65336eb8dc38b0f26814

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 e4a68ac854ac5242460afd72481b2a44
SHA1 df3c24f9bfd666761b268073fe06d1cc8d4f82a4
SHA256 cb3ccbb76031e5e0138f8dd39a23f9de47ffc35e43c1144cea27d46a5ab1cb5f
SHA512 5622207e1ba285f172756f6019af92ac808ed63286e24dfecc1e79873fb5d140f1ceb7133f2476e89a5f75f711f9813a9fbb8fd5287f64adfdcc53b864f9bdc5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 041c6a69e044374169eb86aedaf5aa2f
SHA1 bfc0e1da8b42110ac84d8c8e73f66bf69bca659b
SHA256 78ee73ba9d6610a4647eb94cae2b70c76eabb52ba592d43b9554c887c66dc95e
SHA512 687c548bd6a0a1f247308420646309f9ea683122e62df634af8866d1ff3326d97d82dd5e0968591ce9b03b082184270dc37bc2e5d2e63ddf79070c80934ddbdf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d02289d44932006a263c078465e8ba86
SHA1 9dc109992c663f407e9b043cc581af3419211ba7
SHA256 2ea441e9cc7a6b5de4af0f24605ad5587285675d1418d577a5de00872bdfbf48
SHA512 41d8710545c6f8059a81bb9fe863b3da8ae856576462778faf638c7bcb12b7e33cea568b2a69d1c2e9e06a7dd6355d0a8bba136012ab0d2d8a0ae9582c4463a0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8aeb89c572a7d907c1431e567a8adc96
SHA1 f6c7b415b4c84f679eb7308d02cce76fadc523a8
SHA256 397211ebb5af553277a1ec67febfa3831121c1fc2e20943a71d5f25e6e3486a2
SHA512 b1f2e7b79d632d8eeeeef49a7b6c691838e466ae0cb194f3bec8e85d69818daa286d7d6dd1657570388d1b9f357e67f51aff4da9868313721ee14fc8bb9838ee

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\3C428B1A3E5F57D887EC4B864FAC5DCC

MD5 aa25374597c1f0f2c0b5bacc6eb02f7f
SHA1 63900fbaaa6f99f889a29baad56bdf613514ea35
SHA256 04ed628251dabde89fec940fdc80c7386953e3f3a46ea70ed857d2d7cfdf55cb
SHA512 a548dd60c9d9d683fcdf228da488b401b79c0375468ab0cb7c5423842f390fc7d9bf2b3fac7577978373afaa6e38cf3163222748934df5f97d8b27b6dde47131

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b75befd73ed2ab439ab0c9a828b220a5
SHA1 4aa1407a71cb90f94df49b5d8cc326ad51dc9c4b
SHA256 db2d96ad9d3347065ec91f63d6352f933dbcb7602d4248ae4ee204c8311a5cce
SHA512 d27f1f7af17a45cd139730509748e5d54a319b0779d64330b1e5a8f069ad72bdb2913cc84c9d48dcdff1e228fa7df45899b843504532d7bdc3f5730a8c0711ab

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\QIMI340U.txt

MD5 7777e04c55afcad646cea166af16a368
SHA1 acaf085b3f1dba83e8b3a91123ca7fc3d6640b50
SHA256 9931c445c3c56b72e40744fdc126fa9214b37e6881a6f135196a2ddae937e925
SHA512 176bdc8296776c21b81572e4248fde4bc37258731d1311b6129e388b145eb062d2222f54c2473a99d7729b2fcb0f94545eb4670e843de7b9a9f48b2a64c81029

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTTGCPI6\WJ5Zr3KXGmLOfRuanmzz65HPIU8.gz[1].js

MD5 09964116a876dacdb4e4a92a44a1a2c6
SHA1 f411874372672002dccca49013012e92fafddb7b
SHA256 521063381dda828e51930bec523a2d9f442aed51ddf3292446acac94daae65d0
SHA512 c89e7aa94c1d8ad33c7ae62e6f3ea0e0cdf8bacf228b33e03b731e74d7f8e04a960d7e44bd430c26bbf6740a3ac5cb1feb622ad2059cac76d492e22d21f78a8f

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTTGCPI6\favicon-trans-bg-blue-mg-png[1].png

MD5 c7a1030c2b55d7d8a514b120dd855cc0
SHA1 d07abbcf44b932732e4c0b0bf31e4283ae0f4b5b
SHA256 7c5bb9ca2fa67fe7851d145305e17a8370c4aec9d09f54e0920d32f6148f12fa
SHA512 1b51972a1ae1be2e85b9b125d7e2443c1b47abbbba9492d4ad52bdf0f9cf82513eca3ce436f9beedb7463a6f7b39ddd87245daf790226255a2b0d478dc380b81

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTTGCPI6\DQQTu0f9ldw9QQHZ9i-TAYjSeD0.gz[1].js

MD5 30280c218d3caaf6b04ec8c6f906e190
SHA1 653d368efdd498caf65677e1d54f03dd18b026b5
SHA256 d313c6fff97701cc24db9d84c8b0643ca7a82a01c0868517e6e543779985c46e
SHA512 1f329898fa0e68f65095b813ca20351acfeaa5f74db886508fd4f1fa85811a8cc683c6fab9d9f094f596c8957219f8e29a6307ea0b2d470bdc809a4b9c9d34dc

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 0e0d57b51f6c11c5e68fb82b25e95f7a
SHA1 8c2b0aa066539eae0a5c4b140839c001bebfb9e3
SHA256 27488fa5a86045467eee9287e2b14b6c99d8af02fce567f409ec9eb673c0e1ff
SHA512 a08e7da55f1452efb1c698f8ed6dcee9a80ce9349840c60d63d01710cc51e2823c9c108edea65bbcdabcf0c96efd1b442af1aba79b27b81741c5ed6a8b7727d0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ff8c2b71165c02f29562d77c44cd7060
SHA1 2a2380c3bce4771b2fbf1a81e70f438c8c5368ac
SHA256 1882609a2404def4d363e41b1bd5ef090760897e00a90c4752f6ddc6f2167169
SHA512 21ad79aa161fca7764630748c6c840e37868ab0d29ba170690d2fa12f03669bab7e10b1945a7d954be383ee2dcc1ef3b5d016b6d09344884fd75f491c44d1b79

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e83e95ddae030fbb51dca3d3df054ca8
SHA1 700035426eca7ed314eaf32e39168f59de9c5d7a
SHA256 6e1aecad7107d491433fe38ccb86300ba45b99d72f064c0c7391241ccddd3b84
SHA512 58521e451f76e8ed9b22a7f623786516f79fddc7fd1aca9820a26f4ecc19e7dc62ec16c8048e0b93e1894a27e152f074fd0374e728855a10b14dcfb8c215a5bf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 265ddf11c0d91dee1bbb6c2b41a17d54
SHA1 e20a4f9f49ebfb0fefbc826ef458e48610b223b4
SHA256 b5e0aa8727c46945ed893776982105539e3b888529f25bf75b6af2f85b2531ed
SHA512 7b9d25a09594e54c7ba547f080bb15e61142ab320081d88fdc79da9b400537a0377a621826c648286a083547c94e3741b1cd8e1ce554a64558cdd6f329584a4f

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\3IC30Q2F.txt

MD5 c327f13824de018bbe7d57964a9cfc59
SHA1 ae4ba574b3b74dab7072f44fc6b91af42802b236
SHA256 e8616a8c71c5b20c284f5dd30424bb125901fc88cc41c577cb93b62c6134a0df
SHA512 cd5e7b5c794a0862647cab16d071680413cb755bc8762d0c15d6d4bb8a1ee8534ecf45909023532615f6f66a85392f3df56bd8c0cc7b52d298ad0585e2d026fa

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YVWL6AI\PgVOrYqTvqK49IEnVEVlZVYfA1U.gz[1].js

MD5 f5712e664873fde8ee9044f693cd2db7
SHA1 2a30817f3b99e3be735f4f85bb66dd5edf6a89f4
SHA256 1562669ad323019cda49a6cf3bddece1672282e7275f9d963031b30ea845ffb2
SHA512 ca0eb961e52d37caa75f0f22012c045876a8b1a69db583fe3232ea6a7787a85beabc282f104c9fd236da9a500ba15fdf7bd83c1639bfd73ef8eb6a910b75290d

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6MCRSFJ\kzHfYwAwahpHm-ZU7kDOHkFbADU.gz[1].js

MD5 fabb77c7ae3fd2271f5909155fb490e5
SHA1 cde0b1304b558b6de7503d559c92014644736f88
SHA256 e482bf4baaa167335f326b9b4f4b83e806cc21fb428b988a4932c806d918771c
SHA512 cabb38f7961ab11449a6e895657d39c947d422f0b3e1da976494c53203e0e91adfc514b6100e632939c4335c119165d2330512caa7d836a6c863087775edaa9f

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTTGCPI6\5g-N9K-X1ykUl3QHEadPjpOM0Tc.gz[1].js

MD5 f4da106e481b3e221792289864c2d02a
SHA1 d8ba5c1615a4a8ed8ee93c5c8e2ea0fb490a0994
SHA256 47cb84d180c1d6ba7578c379bdc396102043b31233544e25a5a6f738bb425ac9
SHA512 66518ee1b6c0df613074e500a393e973844529ca81437c4bafe6bf111cba4d697af4fe36b8d1b2aa9b25f3eb93cd76df63abfc3269ac7e9f87c5f28a3764008e

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\71Q8G3ZO.txt

MD5 5b6e6409c5ddad9bc92dc497af32ddfd
SHA1 0b74f3ddb3a4be1abeabd33ebdce14e2cacea5ea
SHA256 1bc10b3ce23533f6a3fbcc7b3375652eff385a6e2d2443165b6affd342177e91
SHA512 91583c5f56deaddc5f2e8303a8b2ecadedd863adb411b80ff896ed4f763f3be9ee8a313d6c14571fedabde2398f0c6df83ab15884574edefb53153f1cc3ca514

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6MCRSFJ\GK9SuRKiu0QbKYnVgoAlgmuWrNU.gz[1].js

MD5 17cdab99027114dbcbd9d573c5b7a8a9
SHA1 42d65caae34eba7a051342b24972665e61fa6ae2
SHA256 5ff6b0f0620aa14559d5d869dbeb96febc4014051fa7d5df20223b10b35312de
SHA512 1fe83b7ec455840a8ddb4eedbbcd017f4b6183772a9643d40117a96d5fff70e8083e424d64deba209e0ef2e54368acd58e16e47a6810d6595e1d89d90bca149a

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YVWL6AI\pXVzgohStRjQefcwyp3z6bhIArA.gz[1].js

MD5 47442e8d5838baaa640a856f98e40dc6
SHA1 54c60cad77926723975b92d09fe79d7beff58d99
SHA256 15ed1579bccf1571a7d8b888226e9fe455aca5628684419d1a18f7cda68af89e
SHA512 87c849283248baf779faab7bde1077a39274da88bea3a6f8e1513cb8dcd24a8c465bf431aee9d655b4e4802e62564d020f0bb1271fb331074d2ec62fc8d08f63

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YVWL6AI\BmRJAuTc8UgOeXgJh_NIObAa5HE.gz[1].js

MD5 55ec2297c0cf262c5fa9332f97c1b77a
SHA1 92640e3d0a7cbe5d47bc8f0f7cc9362e82489d23
SHA256 342c3dd52a8a456f53093671d8d91f7af5b3299d72d60edb28e4f506368c6467
SHA512 d070b9c415298a0f25234d1d7eafb8bae0d709590d3c806fceaec6631fda37dffca40f785c86c4655aa075522e804b79a7843c647f1e98d97cce599336dd9d59

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFHPCFFP\cJksCHwhB_Z32I0ytWPMUDsybak.gz[1].js

MD5 a5363c37b617d36dfd6d25bfb89ca56b
SHA1 31682afce628850b8cb31faa8e9c4c5ec9ebb957
SHA256 8b4d85985e62c264c03c88b31e68dbabdcc9bd42f40032a43800902261ff373f
SHA512 e70f996b09e9fa94ba32f83b7aa348dc3a912146f21f9f7a7b5deea0f68cf81723ab4fedf1ba12b46aa4591758339f752a4eba11539beb16e0e34ad7ec946763

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFHPCFFP\ihC7RhTVhw2ULO_1rMUWydIu_rA.gz[1].js

MD5 cb027ba6eb6dd3f033c02183b9423995
SHA1 368e7121931587d29d988e1b8cb0fda785e5d18b
SHA256 04a007926a68bb33e36202eb27f53882af7fd009c1ec3ad7177fba380a5fb96f
SHA512 6a575205c83b1fc3bfac164828fbdb3a25ead355a6071b7d443c0f8ab5796fe2601c48946c2e4c9915e08ad14106b4a01d2fcd534d50ea51c4bc88879d8bec8d

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTTGCPI6\yjXVFOxf6UdoTA2BOwEH6n4ClfI.gz[1].js

MD5 a969230a51dba5ab5adf5877bcc28cfa
SHA1 7c4cdc6b86ca3b8a51ba585594ea1ab7b78b8265
SHA256 8e572950cbda0558f7b9563ce4f5017e06bc9c262cf487e33927a948f8d78f7f
SHA512 f45b08818a54c5fd54712c28eb2ac3417eea971c653049108e8809d078f6dd0560c873ceb09c8816ecd08112a007c13d850e2791f62c01d68518b3c3d0accceb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 27875833bfca972737d73c49d06644ee
SHA1 f00038bd9e2993d365b708d548f925024035d231
SHA256 a5ea316f99ee912dade048bccd2fdd8bea08d2c2ed21a2236fbb59842ef5b483
SHA512 0c67671d57646178d2dc9a2663c874b3eb8ae95ff85ebce1532598f2b0673a9536cba98315c474cc3bab9b04e9f209ee4b21991f66f68dc1f7d63eef7d5d0f20

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 92c7ed408ea838867c25b25720d0a569
SHA1 c35aef8029410163f08aaa5f98d78ecb821dcdfb
SHA256 ddcc521c225f47c9f8feaa35271470a648d7253b5da5ec32d664d41e00abaf68
SHA512 5390b889fcf2fa7e6d771e33e08658bda1eff19d1a953ea8562c9db03b68f11a564685dc7813b12b49260277243148e3cda3bf5b380ecbd5a462564545dbea5e

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\4UDW6QOY.txt

MD5 057e119ad489d10c2ac611fe06affb37
SHA1 eebdc9ffa50a8b11470f1cde40ba6a5cd1d693a1
SHA256 89b3bc1826c86d2b994fa2764dbdd67850a661bb86d03b788cf555d48f6696b9
SHA512 b3510e320f699f357f53d9eff454754b9ae42ae011ccef0ed3ff30adeff1cf2147ff72a0458dd9828cc126153c6b2ff452db63da1f149640dd5df06976f94292

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8bb3bd7a9311185796d4c5f8d76ef510
SHA1 a01d3cc713999fa614940f57fc5cb89b82787360
SHA256 88508d83590e37b4e6b1f4f7dd063cf34acccd3a5ae665b89077062a2fd6e9a9
SHA512 90f3e7c07b7c5446a5a01d71c38bc370b6f3a6ecfe85d2974bd8c95de6260b2a6a35c7df936b0f423f5aec07b2937d7b5e1c24d31df3c97bd816fe431dfb3c7d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1b6e58bb89f7edd8393f6122384f010a
SHA1 eb1c5bdf582ec6e8dcf97d211f35833ad33ba23a
SHA256 c1f2150737f6e5d8060c47d3bfac8ad9b652e6a82cf6c1fd952340446748ac2c
SHA512 11b4897c9940971da30c69dcd7a396aa397439e075e49eb9ccf376df8559c3ed7b53bdf2027557bf34fe01bd6bd949d8b15ed84368645aa965ee101043553e3c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f979e45e08fa0352a024fd24fa9549ec
SHA1 4010d9981452e90937016e7a0595caefdaa87686
SHA256 e0a52d7219f47c597ba18a0f46b455790e49323d97da381e46466374236bfac8
SHA512 a72a84cd2a74463658319721ebcea1c1d239d9fe2ca59471c2b7dda23de044a3521e723ae58bd353ead133577e1315660ec92e75e3f9f2e4cb082bc05b438526

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c915266dc691d8b9d3635c6f4fb9a5a9
SHA1 e84ab21e4e777cf70a270e10aae676769e2b37c2
SHA256 ee2bd48f0c34e9367d7fbd20d830e83d80e24af1dceb6afc1e8c455b2eda3762
SHA512 da901237dfdf988a74c1411c4f5ca23a11d16cb25565198c82853907325b6a22a75015b4919c2937e50872f3790096ee2cf34be32852e94447d4bb57e6a5e4b8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2cedd2b0a72992df03a95a61ff4340c0
SHA1 8376f1680a9fcc3c89985e3df7a05bb44e677bf9
SHA256 c9d19990b1326ee431d0f95a19bef3771348cf422758c830a8e1064181f97ae1
SHA512 caecddb9c1ae4dc3ed8aa7132bb454a48155584972c3795ad7f83f2477cd49802c1bc1005b74e791b41ca78baaedd18c5f2930efbb9674a64fbb66d7540df9ca

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d1c64c74e0529eb33edafc756ad46a87
SHA1 83aba105cf0b2771d29a32db6ccf6591de5c9cf7
SHA256 c635adc61a74e14fab988ffa987afd3043366dda2e04b8f1a70143b07981258e
SHA512 623027aac33f568855760c47ba11d0833cfa395e0397882812f94750ea28bf4d1043480635d94c1c3c8de6561536ce7edf0a62071b66c2f47fbb4229a9424592

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c7ff56a2593ca2a76f7a75c4c567c1fd
SHA1 c09340c4ed1f01f371789a1dd4bca758109556a7
SHA256 b093f8de73c7d413e99698108284cb4eafd247e6607b418deb0e7ef6fadcf582
SHA512 93fc1f80fc34732e841812d905a90e547505e5bf3f477e418623e668e694bc1b093acf8104357e862fd7d9cf6aeeeca03da97ab56e596c19c3b1fa15dc225a57

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9ef6bb6b8c47b04cc6ab3d6f1dfe1dc5
SHA1 546f8831c94eccf9f28f6ee5aae493982021bbe1
SHA256 aa6f89ea595a487e092287f89be42093bf0875a4c3ae13eadba4769124ecc739
SHA512 4a258f9a8aa0a4536b14816403fa587b2debf51966da38c684146121986981ded1d6e6e573126a45fdd51ec3e15df215a4253a1216794c4b17fa40c726f61423

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\ETER062D.txt

MD5 65d4018456781c3023066b34e76f9d74
SHA1 1b79d1b38c6edfffb16c5671924268e82e86bd37
SHA256 dab998d2c63e2d1174f69bbc72dae7de11c04565eae73c91b08902bd06e85350
SHA512 38d41a689fd7b1af935eac93ee56326030a7294f5c8283110cd33bb69f6c36fd3aa8c13ec91507932e88db0d80bfc9dc816524dfbef971bb316afa50e8a4394d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ac58fe2ecec29e5173e532de310507b0
SHA1 1066c0d3a6214c1171e350832993a4bc5863497f
SHA256 bb1de7c5d7937d059f46237ea8795834cbc2288266265592aaf9bb48bab258c4
SHA512 e439bf8c90f4df71fe29bb489eb8e2cef4017a17cff1e6029712e6a76f2d3e8e8dfd39c65f4ca5f248ab080edc492dd12d30be31af86656cad8230e50f486456

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 42a6d9a1a332a68cf910e4514f4cc49c
SHA1 22aac75ee5b85e105225f5bceb0db6265471df2f
SHA256 0320a95d9543dc4cb1e261a8cb42d1ca916354ec13a68311636a0112785fb82f
SHA512 2898fd874fec6241bca5281ffa6cffdb660f240e807b1453b16593e94e1136af15f25f721ea5e47037f3a7ecb08be6db0376b934c485b71fa5847500e3e6ffc1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3f898b83cd066e045a72aa25b4c584f5
SHA1 1ae92f92744fb1dced30790549e3248689767bab
SHA256 f33b3fd1d913d0ac4533d04a7f4606e9bdc595e3d0956bde7c0e2cb682eac376
SHA512 be35c22262684acbca43409c73715e2891a059045d3179755f8717d3bfeef3027924ef3e668c3b08b69e34d5f194ee8af1ac859ce11e602706a05a12c590d3b3

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3a074c7024a7957a38b53ea0f0ea50b3
SHA1 862c8515ee2a6798303cbe0a303cb730c833c38a
SHA256 0b2c11a72254b26b3e49b2083febcb19a31bd5d15dc2057abed2abbf6c0dfcc1
SHA512 bafbd31ee2991692c586593b2f59be2b28a0723f94ee2acb4679cc1e1374909eef2d66bad09c8b036568a85aad478f1209d48fea09bd7aa63fd1653f1871e6d8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e55fa2058f4bf088b7e6c6da72a7af27
SHA1 88b4aecfdfb83b88bd9d6814e498fddc20340970
SHA256 bd684f75dd24175633051dae3f089e7784d78f3b49d3537d626715647cdd8eb4
SHA512 5da7a3c71277bf1b48599f2b1c0f8901b4d9024cbb15f34f22e2c1854de10a468d05bd0b61998211ea8b1514ab8a9175967697a5c520e137dbb12d5068a76ccf

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ffbffb3af0c56cbd031f95ebdabc22e1
SHA1 d1f9554460b5413a80dbddb2974c436829c527fe
SHA256 0027c61bf2ed8b690b17c80538dedb9c017c84fe64e72f05068d9f26d3a72010
SHA512 daf28789bc304c4643e5fcafe3e211c7ee837bc6a8a8e7b6ae9110e4329e041755dfe22e6e9e6df87bd09fd9f9345e7673e269ca68e8d3727bb1083059c51505

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 39cfe928134b481ca125040e003f9d92
SHA1 a691ead8ba63f02d3fbe7d0dd59bdd356cf03c12
SHA256 30ea99118b89745f98a762f51a533f4b41850024ecb61aba1e5b0f577d2dc669
SHA512 4785861d00fd95bcf19060c2325bf6bd5e35dbb0a52c76b1a7f2931381188ba004e04dc8dc08239910ce1d5beadf5d7db05b2fe0b7621d819f67eed0d022b3f1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fec22b0c5a1097e97419816b902387e2
SHA1 bb9d508527766a2e1cbd7ef9820cf3b3d166b824
SHA256 f0921e17b3faab0dd4f029fd22d17ff7c26b50bfe0a384a6035d04b09f260dca
SHA512 243f4a62833843956e84636e523749900e6b1254a6d7b3cc32f9722d274383c042f1ff87c6e5dc20256f91d0e8114d206c33c403766229b70643cf390d5d31e0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 3844392fff5e91209e82d4eaf98cdb60
SHA1 6ac3b5652514b25b2757692589dde3fbcd49d8fd
SHA256 4986272adadec97736e1388dfde2e49fa18f8317a44c7006c504c3d67e78bf09
SHA512 84398ee4de118ba0e9110c6de6e48eaf0561460033b05902e8367d60c17aa7441819fee1489cfa35df6cf12f3b00b5fa74ea6d16d3fd54f01b95cd446874de57

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 956deed833990bc71aec776bfb3e9a92
SHA1 1d95d9498882af65e1c8860a9623a51fcc4d7a75
SHA256 d976b57d61cff816edfc0912b69f9b3e868b3a3b48b10da8c4e08ccbe841cf85
SHA512 76c34d3f32c30a2e227c739010375ffa5965027a2e1631658dcc59c9a78a9664cda1eb82f3a52c5dbf07f8d63206f5ce9fec462478427553ca232b1ea088ad31

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 99179b616c0522e108aa498e038e64d9
SHA1 113be644a7cf00b46ac81c4d57d1ea8a2a6f9506
SHA256 1654484b4e50b3533c45e81e60fee4f76658b311610c3ab4760c30e6113c4bf3
SHA512 d0d8d29fdc5c2bb414da7f5877695b20760b007f5be599342eebf0247474b4ba605e3a8ee9f0ae0c3beb656027d1863e106216cf93ae31e43080566f8537cf59

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 898c5a4791c5a0b84862d1a5adb040a0
SHA1 61745d9416b56df6d216c109b1445ebf9341df84
SHA256 ac16d91e56a3d9f64da9ed2a95a991e7d759da52c7261548cccfc766b2b7e386
SHA512 f21a6a3911e193fc54fc14e3004d7c115541173f36a3cbc0888662c39102984bfa17f82d1e1c511f9f066f0326b03afda5420052f7a8f0834da2570809677dcb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2a3d185ed9791187b44970a208012887
SHA1 2541e1c831f28cad241e69af4fd815914d10a9cb
SHA256 acf950b91379d337a381d7e7030bd8492ff6ec52cc7ab08106549dc4e85309e0
SHA512 7295ac91a526cd697b51e76ba1f88f442cb573d93eaffc549d5dd8f73fa2ab255750c10139eb9add21356ba62266ccbee33e10c8f90e8e48acb058d5f6c6fb7d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 813f53005c22f66edf1a96ba18df8835
SHA1 87925ceae8f071a6111739a92e672243ca642533
SHA256 a994e822b1e8aac134bac9f8c3e1dc2c1c4467caa6fa3053b361d417eae77a00
SHA512 2f8efc244202a18d4ec8ce50f35a485d3d8f77fb6c71fc7889790c7441cc6add5623688fb3338e8b48caecab56e13a2b2fe14e2baf548deba1686bbd40c9eafb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2fd4efce75910fcc645af9b794e63414
SHA1 979afbbfd39bca4992c4616aa22300af06695978
SHA256 d796a6fff25cb07a3b5b636e795d83c2c5f003e478b1b73d6e28664938130477
SHA512 dc6ff781bf13a7a6520f9c6ea91f2c3188b56b28bd5c0886f0e5d2e0b2c1bf10a8c57c4dbe7b6252c898f7031324c632789983dc12fe4da47d4bcdb2ceaec239

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8caf8c5d4bf5f20dd94208271db028ca
SHA1 cbda554f30e5f4ea6df3d2d1c84ce41acd74d834
SHA256 6cd28778c91267575abadebe4ac80f6df507489a0b2350eb6bc07dd7a8159b0a
SHA512 518165f5f17bc40fb07bd0a18d7a55cc934abef7f9ce2b485ea5d90869174316a39c5401c90fa5011910bdf5db43d299fd3128bb5abd4a24d27a683dec1dd5e0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9ea1f57392f472349a2207e7ed12a28c
SHA1 4200a85bf46a65b760fae49e06f7e940468a1c66
SHA256 89860a265d089d7426f10a030662282f64fce9ee5e27298e49fcfb4df9793cbf
SHA512 280764924f2b094a80d904ad8d87484212df7e7fa6c3c36382d32e97b627bd0530dbc3c73318eb286ca1d8530bdd76b96641a5b3a6120bf2da832e6593517438

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 701b097717264fd0d90a4f195e8091a1
SHA1 58379087b508e81a24e7c61f7a57323dee495150
SHA256 34d50f4beccd18f853456e6e1d6513a3b7a7ee80a1064d892cc04c7543bf29c1
SHA512 348b9af9413fa6ae4c0de2d44f1adceba532d07c9e57834b5c59e28f5ccb0f85198faeb0a1f3a865012065240f0b78a0714d9843dd08b10c088b43067c9ae655

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\PARVXC1W.txt

MD5 d6e163926df76b3c7a294c1d84c5f72f
SHA1 28149cd1150b5ba6ff76ef26e0fd946b05828654
SHA256 f51065510799966d7b93263e7f4242efa450248a557fc27844d84306ec7b9dfc
SHA512 13fb088873c7c514f0a0c455ce4674f64d6092d3565761acb555ece89dddaabc593a6c50051b6ba98ce79ea694ea881b33d80c9a19b9e0902030a57e1d6e9654

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6MCRSFJ\b5XvfNix8_OHs4DhTF-ooplQTMs.gz[1].js

MD5 b3ca28114670633e5b171b5360bb1696
SHA1 683f2fb3d4b386753c1f1a96ede3ca08547f0e02
SHA256 a8b7da1f71211278c07582aef2f3f2335b7de5076e5708db6e868ee6cd850490
SHA512 bf71ac8f59653b8035c1fb8555b53371610ae96c1a31e7bee02b75deb8e46c68b46a29dae360c579bcf9ab051f5218edbd075567b99a9fb894e7c50251676677

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 59ae8ae950a161cf221ec93b31df8933
SHA1 e0966d399e977b01f9738797744bdb0d46d106e0
SHA256 0be27c585f1eaed3d273d38f1e64ca80f8f594f8c00f283dd4549c1812bf2ae6
SHA512 7fca4890d996a2f601ea66c2fdd57addc43d9675b7d4a3489418f2a50b44d39f52fdb36c4b9e6ced7155041168a46cc813748efc220a2dbac37c0b66dbd7bbd9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cdfb23a488cc260e106b4f12b2525c33
SHA1 4e624862438364dda5679bc2d8c2eadd1c7767e9
SHA256 4ec4091172a5bc4a739a4aa2a63a0759b067f427ad7eb1c43943e5331b2bed3f
SHA512 61ec4cbdbc121e11ea6255efd433615a4f93b9c2b0e53f89d4af920e215c96c8028e1bb3e5f8589949d9b3499c42b36ad06aae194c0483f470b3daad1d5e5f07

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 717850210a80844b64f6c098dbcda457
SHA1 41d64aa5418427de803b8029a4fdc539978639ed
SHA256 e87fbd5a5a037d5a3d8ad83965a964966b0f634905d26b450f87c6bd69011e85
SHA512 7390b4dadf75f63319211c7a45a8039129d42487d6dccd4ab873d2ef4bc4188d2041936a607ca190dea6ebdfe35106600cd7a548f03523154d2e05d48a6a4706

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 58e05da433ad20d4a6639bca9459a0c5
SHA1 33af5bacc81502d6caae2aa19605ff0f01ca9527
SHA256 594030e586e85fec61e1713c370f142ddaeeaf8ed2e5e835163679eb4bfd937f
SHA512 3b6ea0083cf82d6690d5b21ea837c5311f884bba4c36999362799b6375a889688fee54ccc269f74d04a80b09ad59df56f20f7faa4a0d660c86fc6ea8b6475dac

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e53d2ffbc85ec25e32e6a663d3e0394e
SHA1 948a5990bae8b94e2f8bec22ca7e8fabaa0178f4
SHA256 cc1522348f1dc67c86e2ad9d7a8388885abf3079b8af7b953a95976a73d4e5f6
SHA512 d50c62b7268ba800dff5480a93b6785421023eb13b3681a9c0786f2482e601c5a5caaf1dbe58734ef1c8ccb77baddddb3f09157843b6ec3e76fbb49eb9f7159f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 673cd9daa3147e2d18b2e6fbe581adfe
SHA1 df80794032a7e8fbde02d1d79640514689c1dbe6
SHA256 63134c0f39cfa2a6cb8f66a5c7e506506359b9a487c9a05f15a8538e0e442226
SHA512 3eefbf29c265e35a51abc7b4058439e57513f8e82619560f69b96ccae7294e6c02cdc94cd1c177dc43693ce5be25ab97fd4407226ed5417397456403e573535c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ceb43330f476381a99da696e18881c5d
SHA1 fe7489fc875b76390032f1a10f55a05b09862356
SHA256 e45c1cedc798b7e8c4e043951e5fbae227c7f46bd301d37065f69f5c488713ee
SHA512 96d877cd99b07ce93624b2a4d2b6bdfaaf14c34330aaa2a79a28a42a05611f455502aa8c524239be10e4ecc5cdb1a4384a28a643ae5e1fa552f2f9cee963d239

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d2ca70ea380f226405f5ddc6e6015359
SHA1 3883df4eec4da12783f32faad850379b5c85f071
SHA256 920c9252806b4fb9dc00c6d5ad38599d129010a29df61bc87c5fba72de50880e
SHA512 30b749ff11b54ed2becd6dc7c266f738fcab33fa26bef6ab205ff0bdf54990b451781e68c518f0227e5c3a70dd16433d8f8fa14fe5302fb63ef92593bf39d6b6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6ebf7f1b6e863d10bd5713f648874e69
SHA1 4c17979c4770b632965fcf7dffc1e4f1226c8c57
SHA256 29bd8cc11fe7b4c47562f3f16df5a35493756f4a4a5f4d18bd30c5204de362b2
SHA512 4e2ad7dd382eb9973615996713e6517588ffb4d51f363f6627d75678d3083abce154dcf7903efdbcf05199b1c53afcea620bdf16840d8bd435b30a422db9042b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a3baa5870ce82d3f16cb98208da44184
SHA1 12fc8a913672c42c7ecec4494da378b78ac639c3
SHA256 e266e1e30b2bb83b719c333765286d4afd5aadaec80908ed59c876cb6f72880a
SHA512 5df0be8b23fb8a2dedb249ca26bd8fe1daede58ce37e3f640add89b83b62bcd6485d94e3ee7bd64370e94028da4d0a354340d9a7faa647667222daaaf9793eb1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0fdc88381c8679678ed7ba21f9b4a71c
SHA1 7ba3eec518953c26fb2abf088ac9e9b06cb9a1cc
SHA256 0fa443122394b7f68ef0d0817724aa0a92380b224b7615d1e75649b7f05a205e
SHA512 6b137161d382c0f1d937734b3a2c3d2952d6fce2de966b6fc9f1ba971816ed7a8159feaba72f4085742cb11778f42a68ac62b7ce586e3260e15c37058010902f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 66c9021238214d39cb30b1a72e055de4
SHA1 e2b4ad09103d53683a789f71a9085ee0ba9477dd
SHA256 9e44508e5dcf400e8469d28a9cb7acea14f364a1805a9a86b19447aa1a075038
SHA512 34f181124331d4ced9f7dc8fd8aae26f6390dbf213f730d1d209221b7e8e34cf48b0f8b9effc71817f8e34546a33b4e9677f2779d0cd350e7a347a112ac61f3e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a9ded301f7bcfdcb2d7c40ad1e323a05
SHA1 23c0407b637f52bdb0f75c045abbb32577b193b8
SHA256 006c93d435a1308ea3a718c68516b6ed5f914f4f3c5e88e6f60ca62798044f80
SHA512 228764b368b2ebba9f46f382515602c84982e7f33967154b5f5b015b26595386e45893b64916a7fbe7682b9a3c3a6586961a0a5b92abadbf29fb58c96e4a1791

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 63a92be6c31284dde025464cfa6d6fdb
SHA1 f11f419970912d41d5adb143c68ae5a9263cbe6a
SHA256 1e21a1aec331247395129bbb1c2f007e9bf079b3dea7af5e741d513dca7de5f8
SHA512 7fc7ddbb227925df2429e91dfd929a2e38414a8d1575059a0400f1a523cad32055a798c7bab504e6de197dc532d35029d7f8fe5c6af246cc92fa6ab55100aa39

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b90855e643c5e9563ba8a28fc62f55d6
SHA1 53ccda352b8e98d36b30b0d690fa8854446e6592
SHA256 d50bec7795059460b6f08024b2204d45aeb0a10ad0d7e9200862b4dc9a0f6d0c
SHA512 31053b54420b0114e98335e8f8fff852f0840a6a74c693cfa720e08bf88100ece098b1dd051b4566dace051bfc72756053d9e63b15099612a8229d67ad15e0c8

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 cef6aea0ba85b419ef220cb4b7ff929e
SHA1 a3f21df9bf833ff5d16cc2cdcc2608362f8e06bd
SHA256 f5dd830ca04a3e8dfe8879d3acfddce9c0a48bdfde454ede5d654f765ff6311a
SHA512 d2e193983c13a30aa4240cdf7b025dc8d391eb4f3a26c8c38987b0a92c6eea1a97509edb501d4838654e5890d890a254e189d6d9405ca3fc6b0d77f03cc5c85d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 740890b91937da931a0c5457408d5094
SHA1 506907607407a68c9e070a10db16fd6448efabf5
SHA256 0375160e36c1609de102da6a2aa8dcc41189cd24f5e0d911584d328d48e7b7a4
SHA512 febff6b1fbafdbf4cad974c26d13b3bbaa6ad746b3e482a19893483b7a0541beef9c0e687fe4424d8e03e37256243cd08c44ec24f4d7b01e3a46ab0bea98d285

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6f70ac9a21c69fed7c113b6ed17ec3cc
SHA1 3526a831eb00fa0f46e70b196c16b9099403e5e8
SHA256 69a6cd172f730fb186cafaeaf3dbe2cf73773cde0f48da8c95b0e55a29e74fa4
SHA512 1a1519203e54dac542c15331fbfe699e4398e7e8a3cf3066c259d7e426035c07a8583ad99ba5c40cce5fffd749103e169795bf1056bce0b9a4022d25a2d1b3df

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 ac89a852c2aaa3d389b2d2dd312ad367
SHA1 8f421dd6493c61dbda6b839e2debb7b50a20c930
SHA256 0b720e19270c672f9b6e0ec40b468ac49376807de08a814573fe038779534f45
SHA512 c6a88f33688cc0c287f04005e07d5b5e4a8721d204aa429f93ade2a56aeb86e05d89a8f7a44c1e93359a185a4c5f418240c6cdbc5a21314226681c744cf37f36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_A7725538C46DE2D0088EE44974E2CEBA

MD5 a631c4977fa22a15f0f202d5e9c66da9
SHA1 26862c28c1c27f99b099643cdd14b1a9b62f701b
SHA256 c856191d6c71811d4583c2ce0306bc04f670a4b7844b2710de416c1ff923e351
SHA512 3a961e957ba978f9b88543d0ed66c47499f7d94c41bbf8c02a11122a1e0bec14eac9c526ee9ad10fdbf10a60441e6917874b67a0d2975d59fb21f71cc577af4e

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Cookies\VH0GM28T.txt

MD5 d238089dc8539b87f2dbc21de101396a
SHA1 afe2fc06cbb5e26dbc7e2a11c63177c539f246b4
SHA256 3e8f374ac63349f2ce60460252b5dc642d6cc1d5d97fb1c60ccafc6fdecf0776
SHA512 f0d965eaa0a2a1de74fa7bf4467eb0a121d52834ae80659899755439f190f59da9cf881a719da5c3eebad8ab4a93c98e41f6d0b6a5911863fdbb7b4b4b51381b

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\1YVWL6AI\favicon[1].ico

MD5 f2a495d85735b9a0ac65deb19c129985
SHA1 f2e22853e5da3e1017d5e1e319eeefe4f622e8c8
SHA256 8bb1d0fa43a17436d59dd546f6f74c76dc44735def7522c22d8031166db8911d
SHA512 6ca6a89de3fa98ca1efcf0b19b8a80420e023f38ed00f4496dc0f821cea23d24fb0992cee58c6d089f093fdefca42b60bb3a0a0b16c97b9862d75b269ae8463b

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 32ea4b1e84f90d9b8ca50bc09a2d52fa
SHA1 d6fda453040242076136ce9b510d865d5e3a3fce
SHA256 e7740a5b2110539e8d00994397c0c4dca31d8847e3b068baf066da02777a6051
SHA512 ea2172bdfefc876e2c2da27b321725af1f697021da48621e49617a46a1d7fe89d853568db5109358d912e1b1ecc64ca8060b83da05fa301855469c20d3791f20

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6MCRSFJ\favicon-16x16[1].png

MD5 7fc6324199de70f7cb355c77347f0e1a
SHA1 d94d173f3f5140c1754c16ac29361ac1968ba8e2
SHA256 97d4556f7e8364fb3e0f0ccf58ab6614af002dfca4fe241095cf645a71df0949
SHA512 09f44601fa449b1608eb3d338b68ea9fd5540f66ea4f3f21534e9a757355a6133ae8fb9b4544f943ca5c504e45a3431bf3f3d24de2302d0439d8a13a0f2d544f

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\imagestore\d151rer\imagestore.dat

MD5 ec30a3600ebf43b20d858425452c87b8
SHA1 978faf62bbe4205dee997f5755eb55eefb05a3be
SHA256 02c3dd4549dac453a44f36d6907e59ac752db7aa69a575694425fa7416e5a976
SHA512 584adcee427a667a4b3d2472dc55155afc40374f75653070e637de4fc074292e8ed047b80214e6c89a5e0acae092048b3ef5add1e44a7b08e9ef5b4a73120f25

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6MCRSFJ\main.min[1].css

MD5 6f99af3e77c4d402cebf019190ce6b37
SHA1 b8f483ffc82a10d8cab205439b8345b407a6ec59
SHA256 a07180517b0fc62d517cfabcaabf3d4a02fbebc31c378d2d3db8ff284a574063
SHA512 efdadd73845818474c8e663256393d6092cb60083e6fa2ffab785e4cca56a7ad5bd0b30603704aeb8accebeccca10b40b9e248658e5bbba2e811172e5bccd172

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFHPCFFP\css[1].css

MD5 174a4f980a382954c9b0aa319c342eca
SHA1 264daa21b679cb370b854f5829d6be567d24152e
SHA256 aeef1a74d5611e075847c2ded762af12a7300d1f607ef49725084f072122e698
SHA512 d6bf6665185ca7fb1e17becb3a57637c4665932058ba5327a080738b1d264eae0fdacbb4dfa6fe0de5ef648c0dbba37aa23cf21991c87024b21a9e5bf20005dd

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\L6MCRSFJ\css[1].css

MD5 1bb2a157e6de2f7e7078a5aaef8516a0
SHA1 877ce405de56783d9351b524cfcd0c7da02627a9
SHA256 20fad8097502c4e4256f6acaa5a88a4f71e48bef44a3412d7cbaa54af6d1aa94
SHA512 c8b65df2b6653a4681a5a1967b2e8bbb53b122abdb78c849451f0862f4c063517a4e9270939836a4f18d210d08c0b7cf97794f5b80d2ec1b42615ef97297c98e

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTTGCPI6\KFOmCnqEu92Fr1Mu4mxM[1].woff

MD5 d3907d0ccd03b1134c24d3bcaf05b698
SHA1 d9cfe6b477b49d47b6241b4281f4858d98eaca65
SHA256 f2abf7fbabe298e5823d257e48f5dc2138c6d5e0c210066f76b0067e8eda194f
SHA512 4c5df954bd79ed77ee12a49f0f3194e7dbf2720212b0989dad1bc12e2e3701c3ef045b10d4cd53dc5534f00e83a6a6891297c681a5cb3b33a42640ae4e01bbfd

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CTTGCPI6\KFOlCnqEu92Fr1MmEU9fBBc-[1].woff

MD5 40bcb2b8cc5ed94c4c21d06128e0e532
SHA1 02edc7784ea80afc258224f3cb8c86dd233aaf19
SHA256 9ce7f3ac47b91743893a2d29fe511a7ebec7aef52b2ea985fa127448d1f227c1
SHA512 9ad3ff9ed6a75f1a4c42ab2135f1f4a51a4d368d96e760e920d56d808a12b2adb4b524e0c135d3c1b3027ffecb2753293b9fdca6b81aa2c9bd6326743c669468

C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CFHPCFFP\Qw3hZQNGEDjaO2m6tqIqX5E-AVS5_rSejo46_PCTRspJ0OosolrBEJL3HMXfxQASluL2m_dANVawBpSF[1].woff

MD5 37392a82f2d94c9236b8de6b2f3e2a5e
SHA1 bb16b62b552b9e84edec4b5bc3a9ee08993885d9
SHA256 d146ff1237c2312060bc87450cbae69ab86184f7b382521394c6034743d4e1e2
SHA512 42b0f2c5b291c5e40a753a9810b22156d1d96c42c8725d4052e35dff91167cca6ae7fc9e9035be86476dadbdf9190574d1bf72dc9dd7cd14d0b3a98b1798cc99

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4ae636aa0f60863020744f01ae745e75
SHA1 89ff2a01989ec54280cdcb2fa80206ce0bf4f169
SHA256 acb26a3cd624aad3bb8cac6a1cdf1aad0f152241e1d63a7175d531fe775d5416
SHA512 40f373796d038321aa92ae62e417fc11731fbcb5034b73161ec34cb7aa444c72c95890e20420e59ae5a1b1f731a2b753690a478bc7557052b641958733f5db8f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4e7b288979ef2755591cdd3726c8a9f1
SHA1 61457844f37497945f1e4c6f0c572081ae85aed5
SHA256 130761719faf95e6dfd2088d4d83c5db39f60fff01473b5a9f0c2634a5dee17a
SHA512 d4a8d12b3e3b5600d7190f18bfb1fdbc9ef3de93c1ff4fa99fffeb82b52368b5400c7f083bbec6eb3b75ef4485bbd7983529d5bcaf8255a3bbf79c8c16b64033

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 09a3171379f3d20984122d680a82e39b
SHA1 47f4f99b19eba5e886649cadb268ac05cf5d004b
SHA256 29a34a867cc93dd7ac8781c9d58f9519840724dd8b3968cb3a8667d046ab8a57
SHA512 c63d6946b3fb05df67183d716ef2d537e03b5bc1a63769a5e1ccb6e1ab3be505fa0bf76eb682d9e05ec614e153c6db9a04c16883548910e1bd203b3d100c1ed5

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0cb1bb100d142f6e1b85cd19d6c23e4d
SHA1 5601445933141690d39e7318f8d286c396d1aa35
SHA256 6b9c6fd41abbfad2529da42bf21f179f7779fc6dc6ec98e71b9afaf5e05bd2eb
SHA512 477280acf6c0adbca21851a1ca99ee69736ee8c48af9e996d874830c0d6f47a245c63bb1b6b02c12c1ddc2e2cddf8370b262a5e5842d1cc5e93585a5a6f84460

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 21130bd146a5d01c63737644be30856f
SHA1 c455e4c835ac78c56de1a50b12eb197f8f385cf8
SHA256 178ab9c4ddcb4666d6c05679eceb7b437199178db039b2f2108d780d96e400d0
SHA512 0794b03cea189ed59d9259b7bb0fc911e7c169c23f6da5c68b2f1011b47c4d8796096c08eff433d470d20f2e8fdb268c5d53b33b5370a80d5d71e4593aa06fb4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c3609b1cbfcb0eeb10462aa5c9ba9825
SHA1 83dc6e580c5c25dc7792e9e94c3d54a044772c11
SHA256 87c964452b2e0b85a51e0a1e1187b10fbbec93d2dbc4cbde8ac5593f9960f9cc
SHA512 334cdac5a3b2016701f0dda4237e99c6a70cc2bec9cb370ee5e5047561a1b517bc7c7217d4faf4727f6d83437e5e385b7930074d882237612a0dda6c336dc09c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6b4b2831a6908f646673011d16c7f23d
SHA1 b482331ea803d911057bb7f516cad5dfa08351f6
SHA256 4fb7d26a836b31742d54927aa8847a7007b4f24a6e29f4a7066685e469f3303a
SHA512 50f21c2600946c27991a55d004bfcbdb2b7381cfdef587b1aebb9e7a97110c5643e194b53a22ede3733d3458e7df7b34eb3d7ff0c2dd125b6885d50a45684e61

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1b461f34d77c484bf61c1de9197c4d7f
SHA1 e715b727303578ba1063289df21c640f1d94bcf1
SHA256 1e5de678b60196c26d97a41b2c03cb04cf39638af610dadff911fe4204840e12
SHA512 8dcababfa0c319e32aeea49305ddce60778ffa6d05043b0ea822fe67aa7ab8b7e98f77a8691061e80c3b0911c95d78e28d72293194981139cbae5becc50baaf9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 adac2cc37c94f40c8fff8551556644e5
SHA1 b8e42bc0f22e4fd8575de3152f2013de85ba5b0f
SHA256 6ff49848dc49c940c72e6315843d4f3b434fb9b37548827e004550e1cd2c86cd
SHA512 6865f4700ea9786ea8a6c11cd923f413c170e97ab58c522f631d3db173bebcc35fc254abfd92f581fe7ff3a2defa4f58a424b10b333bbe3a9679f38570264f3d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f4ca88af9bea6f6060abdddffd2a5bef
SHA1 db55a5eca401cd7f2eb270badac534f092e460ec
SHA256 005e7c167c104be6a476a4a1701a9bc7104a47adf903c023ce7fb07e4e074643
SHA512 c238a5d30dfd7606983210043ce64a3848214632cfbd3a0e6bed3a63eb4c77995f490d0b376bb2ce40cbf9a5013df0dc31ee8e9cc0994001c5e7230a647fd96e

C:\Users\Admin\AppData\Local\Temp\~DFD21B46BACC5B4317.TMP

MD5 3fd00fbbda5d497d40e61cc9ff2dac64
SHA1 b4a5d7dec8406e418c62f8b0fa92e5fe86b0da3e
SHA256 db329a464cc5752bb8052dd1d731e101e63e37ef0337ff5d9032d3e3b7409d22
SHA512 e42d74fa3a89e9da0308deccb5e5eecdc36602bb480030f76ecde29759d34d3062f832dd07df62ec0e8653364e1589897e82f9061deaa104654e908e6899f933

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\SKWJ33HIG7QIE2HFPMS5.temp

MD5 0c8be897dd71eba4b13efc53341bac61
SHA1 2460d66691667f8da8fb50b48d4e15e92d925908
SHA256 ea73e3af8e82090708b73b7cd42e37504c31b3eb413f26d5c4d215e172eb4f0e
SHA512 bb546d63d1e6370bf7d3603e6b734a008524696ccc3c678fb519c61f660f6eb7e7ad07fb32bb8708125686877a8d7fecc2a4cc78a7201efe8c19f067fa7b2856

\??\pipe\crashpad_2816_HYSSUYWIULYVSRSV

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 dc9e1d38a3f72287f1503bd258986036
SHA1 88b7a68d960e4fd946af97ae5a3125adea93eeb5
SHA256 dc73698990acf909e07054c50a488572424ce37866c6106242f716225f1d5e29
SHA512 b1210f42a98216b9550ad7d8e967e253b9b1c3c5f834bac7e0e2533046f0ddb0c5700817fb33b8205730163c3c4d605e1fca6806b803d4d55237b6c63ad6de84

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_8CFD0F060456F65ABC9E95E41A1F781C

MD5 41eab36256dae1a1838300534cd384de
SHA1 9ed72929ab4101b03288c09b402c6e8119f3390c
SHA256 73e6a147f5c669a865486fb0a112bd725a96a66bc2754d71a9920865749650d1
SHA512 be8b17237d506263040b5fed5dc6276ba3ea1119649259d652ffeeacb7744c06ec180f9cbfb00975c3a5e2e75bd86f932e0a8c33dec95104cc594551855b1b0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\A16C6C16D94F76E0808C087DFC657D99_1C8038BAE9D4E52C4463A14FAB50BBA7

MD5 1767fb4bf4a586991e55818433de8d20
SHA1 e6d5c9dfeb100b35bedee6ec58849133f712d217
SHA256 6e454ed6e4d49d896e59d3712f5873ba950f95b4b2f58802bac434dfc4cdcdd1
SHA512 9c091f1fefdae83f188572800526d102892a07ecf7fdfc3261a62104a12ac4c6a695936be4ba4eecff0fd28c6380ade3a43501c5f775796a4cf946c587592e24

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\A16C6C16D94F76E0808C087DFC657D99_1C8038BAE9D4E52C4463A14FAB50BBA7

MD5 ec3fce897cc6ffe3c079dae23f6e2bf0
SHA1 0a6b3d9206a84eac0cefd6b46bd54905d0b4d86e
SHA256 9aa633578c5cbce21a2ede34b00dafce7d9c1ca876d33cc088ac91460eebfbc6
SHA512 7491655ff52ceddbd1d91298be82a73e45d6440046b0a38f2eb3d4bb2dde4f051f794432512135019d22ad025e65b710bd9740c0c83a4367e7ab35fa791a8a10

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 f2d0700bd7e9f92e1324ee651cb075b3
SHA1 6c44af9682dd9432fc80aa528997e529b73d2e4d
SHA256 7b79e17d313fce604f772855084ff5106fe267533984e8bd523fd5c5575353d3
SHA512 0584191262ada47d821ed6f0f70bad8b6f86f3ba85352d192bd7e4980c134c9d70cdb9fbbe54df324d48ad15dd95e969907d5c44f7adf9f33f5f9bf9c1844919

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\265C0DEB29181DD1891051371C5F863A_DDCF8A1BB8132E191B1D87188F0E5FF4

MD5 0ec8c4625a96fce92d08ed99eebdb5c1
SHA1 1776374eccf9834d1682c598fec0ee903c378446
SHA256 ac4c19e0464294ed9401c31cb151dfdec116da8e9d8fd92ed96041e55164b477
SHA512 01aa62bf4325ec69eac9df3a48b3e2699646e8e519f203d67007c252072c527329ee8634fd9d3b4baf2668f3b77a8d400d02f747bf985820f738238d8b0c0905

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 6ad0d5b98a37996640aea15e2a81b9fc
SHA1 403938b2a1a91a9115b17430f39d205838f8973f
SHA256 5fb2f17200cbb771afb846aeb6dd6a5af66147b29a3bf3f2a9cd063400305736
SHA512 713b474d15ed8d9b584f17669974223efa79b33e6b9031f8bf2a9b46d27e689b9c309c0d2d1bf24800e675f3f3b9d900858349a3fc6b204ac727b4d36e495867

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E87CE99F124623F95572A696C80EFCAF_D50E9269859FFB5A738F673D82E63752

MD5 bf098c223b71ac93b114a14be1555032
SHA1 5c9f61ba32868295cff0f5383495bc4271a27b8f
SHA256 e1e82d0a02f9424a3abc7b5ee173429bcdf35202026556bddaffe9a6c2c3ed3b
SHA512 c399f92bcc415751c2ee507d53b0476937438630abb629e80e4a69873d586e93412fe1d009bb7cba8445ce5995520f95312b124f7bbf97e7de1c513e3cbf4c65

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0594f35cc7ca968c6669de0144936eb3
SHA1 6cdaa43c594976eba0134dd4718e20a1bd5487f9
SHA256 b64dc45c736c433d01272f8d46d6a1581e2067655170470075d9c197de491bbb
SHA512 c55f72b5ebe220e8bf1ee28bedfd8b0aef308288f581a9446650090018e72c9e3566a85bb9959a504f9366c56b2338b6b435633c9feeb01c3285bae6e3e7d28c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d645f9c08786d103dbf8efdb7b624319
SHA1 df231168959470380274e9f18c91731581188356
SHA256 3d2f451b4f60011450ce4d5b3a862860fb4f2f8b02cee691720d39462d16d9fe
SHA512 450c5cfdb29a05a8fa973dca8a75f4435ba464ea073cf124cd6212e5a51101215bdaebf3627eda5d9af054f0cf301bc40a558f35aa3dbb72bcb8de20fa0c1061

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 135718c43286d756d536a6f74f727f8b
SHA1 b95f105aef864e16d42b7e95bf3fe35b3688fb2c
SHA256 cdf58529f9ec5ed5e070d70e400a09d3776bb29f9af34266da405fd24b6386df
SHA512 e0bc204ea55329025efc79efa3050486d54697dd4b88e8e22c2aaecaccc73f7b052a169554d30495e4a505d969919940929efde263c99658b6072748571245b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6e7132db0169b99bc3d88c38a91a7623
SHA1 bcc8d8180da391c9ce2ce1b69f9bd079bae543bb
SHA256 b5edbf10f2339faaf66a3829d88359487c773d8df2f127d90016c50fc2c21d79
SHA512 8ffa99933762805fdaef0086afc34f068cc0a8dd62f7c6f463381ebeaaacd6a90f09c30ffdb58ec147d06a7603afe672936a5f60924daccfd32951b73d602ec7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_archive.org_0.indexeddb.leveldb\CURRENT~RFf78f132.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f9b8b89dd1c159a942c358fe5f800f9a
SHA1 c8867bc6602ced55259c27aad89e714e6b6fb84f
SHA256 02f13c26066cde01db03f50038e41ef91b00dcedaf1232cbd83025e13e2a16c2
SHA512 9cafc7693fcbec8253e9d3d39965486c1cd85325d105384d16a6b83f0714ccab0f6d1f1fa5d2a3712f4cc96e966ce452dc115d449adef8d3ad4cd11790b72907

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 72b503c289eafcc248d807ce5d16fa70
SHA1 9493c3819224d8d6c40b871633ad7b5809bf7ac6
SHA256 d59fcae13b4524aef82f70c755aaec182695e6b769efdc57403414249c40fa2a
SHA512 20796dcb85f1a766da4f61fad515d76ead52a885ef3b0e3e687d2dc4e629f44099dbaf8d27d92341243d4e8ac208c0ef83e04c51500c2f4ddbf6ece15121bba9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 745ef42f2d2bb6e760e2f1338b5c8326
SHA1 db0dee428f65940082cd0f506dea994e2dd44a9e
SHA256 ccb25af3f64c074b556dfd184af7876aeb53db3e6c6ff8441766761bf11733d4
SHA512 713cdb83014fc6628c62d1ec96b46a943cdf78167379c5df5fba0db09448b05ccf3b952364bf67a654b6aac78648d6260a341f50fcc203a1b4b938de37b80c1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 1128652e9d55dcfc30d11ce65dbfc490
SHA1 c3dc05f00453708162853a9e6083a1362cc0fc26
SHA256 b189ff1f576a3672b67406791468936b4b5070778957ba3060a7141200231e4e
SHA512 75e611ba64a983b85b314b145a6d776ed8c786f62126539f6da3c1638bf7e566c11daf18d1811b07656de47ff8b50637520cf719a2cacc77a9d27393fc08453b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5872c22f8e52dc07401f730b41b788fe
SHA1 0a7bddc3cf3b8f281822388984d3af0d2373636f
SHA256 e49de5ef1968d98ccda2ac2917eeb7a88429ee8997fe63d5c2408876118154e5
SHA512 0feeb1b891d77d8c70d4292d9f0701f5a4f279a242bbf3f1abb034e38449b641950f9bf7d06f6e57eaa68dd36b02ffb08ef8e2a1647129014d61e9ba47c44a5f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 947e99341658af3f55b7043e9fe86d9b
SHA1 50c97fdd8d34bf21248bad757d499bb9bf4a9b0b
SHA256 ec5e912ec0f5085fda33c5122179e73d1117d7802147a4de8fd4a3d8218a9675
SHA512 47073d6924ad5f514526e185259834a5b0ba99ee9bdd7bff8fe49a691475f5eaf1faa62ca44079d553ceef0def347b154885becf86cc357e2b1e259aaf94d068

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 bca7e975070cdd8851c85221d0249ab6
SHA1 25e21085d3b5690d0bba228bfef726f552327002
SHA256 d61e5b376ce2e7b4e9b28b248a34a248f7f3294d025476eb0bed472b7705cbf1
SHA512 b4ad7270e60cc011f3f3afe9c443ce47495195cd728367839dfdc16ca39082d8356c2c37a29ad6aa053c2a46d13a9bf4fb188e65753e494311413b65e330ca8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 748c010385156b4a4cde3f6557c69646
SHA1 004b83f60d63873fe3a25a1b2f72bea182d7e446
SHA256 5b9799824b1190d08cfe2e067896c75b36ed583701abe163c5ed6bfe69900bd9
SHA512 90b58498b6750bfc90ad3d54c9fc264289f89231408f25dfac5f125bd3527ed6e335b24f4dbb5aac5604c3d56bde586294bb93cbd9f8ba51e0689566cd32ebb6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d45a8d4fb59e77cf663c7ac4eef3ef27
SHA1 2a8a3b38f790bb2982184e143e4cbf2113c69b02
SHA256 ac90315016934932c652e35c01a7d955a0fa186a11cb7004519a393f8706b3fb
SHA512 d18a3586d34d1d78aa9151393b70e051de6d8233cd6f9473e134d0e94826be37a732c2a7bb06d1168abc0a0c40294f9a6f60cb14c2a140705c9f14d052c6de64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f26f29d634f8b4657f45e110e815ee28
SHA1 cc0e0796bbd9c9daed885154ee13291842a58875
SHA256 26717781e8e896aadb8fc643a787b3de2b380501f2193f0efecdb9b21b2d237e
SHA512 7ebaef67dfef8bc696c20594b4eb5ced4aae12fd44c6a81344ee639ca77d40929022a38cda1b8c3c52e6f4ce7b7a7adb0a26b4d41f3636ad56b1c70c5164dec1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

MD5 3ba7e6919bc260bb6ab523197f2be3e1
SHA1 ce2d7fe3aa42d99d733266d023f6aef3766e7785
SHA256 1032fd6f298c16aaae3f1ae2059591f2f5d40e839de4f22a5bb6d41c38a39818
SHA512 2806c96ff57678813e20abc51ffbcb8ebe8986b3775df5d42812be6b50c905840503486d1b963d1fcc6c3de572da4bf9ee175b802032753785d3de69fb0768fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a9ae791f-a00c-4778-95f1-3ef7408ef58a\index-dir\the-real-index

MD5 3e2086b90cbc9b0b94f62393b8b08765
SHA1 9201fedc3cba2e7ac4895b83d9f052835cf31d7a
SHA256 a7817cf3deb647ed73563a9e15dd9c19f096d3118e44e14cda8dda5083c4132c
SHA512 2630b89396bfc627cf0c3b798cc7f9b7b44b1e4787e9ee7714f24a10181c3f5206e0e3eabcf9a143ea30f70fc6c27c07f9539c237f68fc4a100299269d3d9c8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000004.dbtmp

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 d0f77d966a3434be22760c11888077da
SHA1 e4cb9743eda2c7aefc5b170cebfa9709d9c99f31
SHA256 5db70266d07f1e963e61c0f26f20c2b422ca65c850c729be9bd0ad784afacec8
SHA512 5aab2252cce52f2842d4777fa1c4c05053568b9dcd91fb368ecb4ee01a4816368343058c10e36c86ac0718693f3fdb52315a97c0371d7d1dcd6dbd252f86268a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\dc600966-07b0-446f-b052-9eabedc69892\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 7db3ffc131d4db2e3d30f3def8458bc3
SHA1 66d6d89b63c14f556a40c8947146a8ceb59cf7d3
SHA256 7c3ac17a7612bcbb5c4303dd34664bb98776fd8a9362297c7e551e8cb69da0f8
SHA512 5c6c8c65bb62e22841385136086a64dab5a9104aa55468e217e2039a9d0b93e94c5c36ea9c1fbcc742feaa3b15c9a25740cdabf8b51fe960cd9acdb1a9adc825

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fa938081aa104e61b11b0011f447a685
SHA1 69a00e4398f11e65576649160db43f988ca6d771
SHA256 f2c09860ce8b1d112cd4ba69579f24fa8e32675e8610b5e5fb758f266c20c041
SHA512 16df391e06e5efaaa4f04131a38923bd5da80f5002950d0fdafe8195bcef52840acdff41f445c70b8ff3b258d43423936441f72db09af1536455d9a9635db227

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 74bd527c4146e1d166bfba903acdafb3
SHA1 f82db073826607b1db8fa7fe4be2971fa8c8fea1
SHA256 122a150ed463f16267e66b62022ac6b3902ac3a3ea0e8dd22de539e8d7f0ba38
SHA512 210c860fd948a4281c0135abc03f11f39a7d5a11e9fcc22cd965eae50b2d1c3b55fc18e25b56997dfefd8f88777f7f4aaa717dd287b05744f615100596023137

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 4cab04c940f2154070dd849731a94238
SHA1 39fc3c770d87847f2f6556a00fd0d80e77176cf4
SHA256 acf4ab234220d1c69499805cfa10923b98f5e6e74e8e7457355f17d3c7858b01
SHA512 6ad0a4c3d6b8eeb86cd2314356d058167d0c89ea40072f06bf7e368a20ef19217d3ec751beeb7beb3baa67ab1e168f8793fbf17bbf69b8e24c20eae8b2ae1594

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

MD5 c9e9e7c575c62582432f0a182dbc3a59
SHA1 759f00b176a11b59af4a4618a0cd992e760e6e9f
SHA256 22806fbcc9e20d0a5fa377b2915e2adaf86e8ed3ab66220f1ad27e00b3107b25
SHA512 e5188285b531bbf830026c776ea115d360c78ac0936b313adeac62d6534094b2ccc5df60f0c98b3f1ef40cabe5f2de87d7a3f626f72be95a813a1aee15837f43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

MD5 6e9d4518a73cbefbf31f0331e7da9ff6
SHA1 602e6b45a9bdff8abca0cf0f40eeae5946d64826
SHA256 af92df01c9e8e1dbe018edfe3ce3e4b15a6b667c7e938c1f7c45fbd9808aa0dc
SHA512 2b06c6cd7c487da9f7da980eb4ae30ef662fe02cc70c0c2ec0f5c099195d771542f8fa1f9345c22767fc107123a051553c1fc2eed1379ea2b8fbf44c2fd0e63a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 aaba5e872ba07d60f556b78df854279e
SHA1 93d1494959f4027195f527db143e5aa89d60925b
SHA256 0d950d310c06f5df42df4c095f087e9e04f1df621baed053ad73b6c526cdb75c
SHA512 fb9f3fe53d97caf3624a5cfc952daa6fc486e153f9fb33a3456c7f86c655214b520432d150286dbe383bb30fee251f1f63e89e6bb5b45618a541ec03f8a94346

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 bbac7bb99faedea9a0cb17dfcad195af
SHA1 409312e9c3a5eaa03f2c8227a3693e8a6dc850ff
SHA256 b286f84ee8d1ad423d6c6d681d44ec338a542abff016773fd133db9eecbcb3a3
SHA512 727cc47adb0225730fa4dc9b2a791fc9b88660082bc9ab4e2bb65633a666772a75bac12cede3feab5609fcbb3c4807fad4a3b499d5633ab273e625b3650e2e5e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464

MD5 8202a1cd02e7d69597995cabbe881a12
SHA1 8858d9d934b7aa9330ee73de6c476acf19929ff6
SHA256 58f381c3a0a0ace6321da22e40bd44a597bd98b9c9390ab9258426b5cf75a7a5
SHA512 97ba9fceab995d4bef706f8deef99e06862999734ebe6a05832c710104479c6337cbf0a76e1c1e0f91566a61334dc100d837dfd049e20da765fe49def684f9c9

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\CAF4703619713E3F18D8A9D5D88D6288_F2DAF19C1F776537105D08FC8D978464

MD5 fcda08b4a1e296713a7d220a620f00e1
SHA1 97f18821f886263c86a504851505d3987974ffb7
SHA256 6fb3c3fdbab0ac6842360e2406254154a5dd032b772bc3345081701617086806
SHA512 3b1141be469d53bf3cfed00ff773a8e7356c50a8b90f52cacd8c022a55e0840c9e294b65146d12151483f82e84fbe2be30f06ff780bdf1da6b728f8956523577

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 42d77476ee2afa8294a8cbedd8fa9458
SHA1 7aac17904d0affb6772facd6a72be3d229b61840
SHA256 3c5c2858e5b72863e5f3477eb6d80d7ad3ee00690a823f4371e496b1f75d1a95
SHA512 04e673496e2e03e2c23999fcbcb13536de4adbc832abfd7f731281f2ad0ae2ba44d5056e387819f3fd314c742793c4689553865b8cd027fbe4b6aeb6207bb1e6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

MD5 7bde92ff965b73dc76190e608c2fbb93
SHA1 95547789d183bbf9ea20ef6ba4c6b2f0249fb30d
SHA256 821420f187b512f853c8b73d9439e940e6e04c499532561343a739717a9a76ee
SHA512 21406b04613e8be9f2036f5057d6d3de568ec1aa4eb6471cd457e70e6ddadfc3b988d5f4c2d316e548b21b2850944a78d75a44ec3bf929e71fe61fb6b0de4ec6

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\7423F88C7F265F0DEFC08EA88C3BDE45_AA1E8580D4EBC816148CE81268683776

MD5 3cf08df9e3eb9b5c27863bc9c4af87db
SHA1 5e023d214f1770aa6981b698dab024b825030e76
SHA256 bdf107484dbd80e1998a81ed4ed21cb6bf507623d1007cbb8b684052dc4f8f6d
SHA512 10504317a3b351cec202a7de636f8877149fd4df03dfbfc94c0022faa7c97d73b64f30980c5b44f3cd05c5fb0d842e50fd6e6390727bfca49a845db8e7658738

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ef48cb974932cc9e6b431384b86501cf
SHA1 2d7da05d928d188510bf77e393d95ef744fc1b12
SHA256 ab36a039e9e9d6ada91876bc7889fcf3108a4bfac7dbf68b7ebe02f765f71cd3
SHA512 de9c4b88d2477a0b27b7f67222ab82f507d3193a776b03286530aceedb42b659a9faee0d5d144a6d0fb4560d5dceb3aa2352d1cbf32173c010d8723193ded309

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\E0F5C59F9FA661F6F4C50B87FEF3A15A

MD5 d4ae187b4574036c2d76b6df8a8c1a30
SHA1 b06f409fa14bab33cbaf4a37811b8740b624d9e5
SHA256 a2ce3a0fa7d2a833d1801e01ec48e35b70d84f3467cc9f8fab370386e13879c7
SHA512 1f44a360e8bb8ada22bc5bfe001f1babb4e72005a46bc2a94c33c4bd149ff256cce6f35d65ca4f7fc2a5b9e15494155449830d2809c8cf218d0b9196ec646b0c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a2dabdb88ad49788736d33eee5e60186
SHA1 ae6a63c513ac44a9ba0478d2c03ad6b73c624caa
SHA256 a7ca99675efcaf2e41988906d3a75f11c91055988822207277a30846255fda57
SHA512 6bae903415deb4dc184e5c5835c4ca82aff3347d563135accb9c129f7d9662d43959c4fec1883f0eeb2b61a1d5293bfa41127f7f58e5397ec0a5b8c52a993efe

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 17074472cd974c5811e8c777d69ef7c4
SHA1 56e5187bebba3bc9bd381970a0d16589e8a5b2e0
SHA256 942ac22c022377fd4bb8836e2a337f7991bce7970e2eda8c8123abca52fa5c65
SHA512 dbaee8f51c7ce9a3e508053c9c40b9e51533e581655e13b9fd607092a46b4d38e36b6a451de3cc4317dd5da8bd64c6813fc0af9694b07fe16180695844786162

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 948f88b6cec4884ff947510c3cf4e8a6
SHA1 5742542ea82032a8ca07261f5aee8b1f4fb63e8a
SHA256 6674aeffa0032543038dc4cbb08632a77b2aaebbc37fa201056526e70267cf03
SHA512 f6f1c93b786e94456840f00bbaa5173775c2adeaca41b5a5b9485895d14d63554595530794b9848989abcbf11a965b77fd309546eaa25fec44022998512b40c0

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fecec938bb7b91dde809d9eb14f09952
SHA1 fd7a7a6755c526dc387c1c8733b038f122c7e58e
SHA256 9defece3ba7e5bd660c438116e687098bc27dda1d3f6e794aa75c95865a9c438
SHA512 50ba52d7bedf4d85f97d7cfc95b1bb6ebfe9019cc3ca7e9b965bf914df7f76656085053ab4e73b85ff5846df035211adf43b9f95b9e33e1ebc3aa1f7ae3c9e11

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 1e3b759b2ba7bee4d5e03659ea48bdb8
SHA1 801bd4d64bcf15f0693e24aeee706705947bd70f
SHA256 8b887bd57f87334f84c5dc54d177898e28bb19b3afbe3b4d60df3dd867d0bbb6
SHA512 cd26a2a0aaf0e63504de6bb5673a8fe3dcd0c7690dc157a75061d6410c5b53ff8052576607c2efcb6e443f532ede876be91ef8ad51b30cfb2bb3ec60f21db543

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8a77a3be537cc75391f501a8ea5f909b
SHA1 e87c487efaaebf2acf818d81437860bb6f605ec6
SHA256 9b02397e75c0add1d12f58af25be8b98b2bcf140caf30fee29c81aa1488b7c2a
SHA512 7a9d7c0b4341c7ce4f3cc07c55c936f91d17ca994a5265a9a76942479a9775d45ecbe5d627bc9399517a4b9786b1d6adcd3f2f73682675746ee6aa785976a38a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 4a7c76e4d7ae510e4618751700d78ad9
SHA1 8e0ee6ee69a069e19f2d282ef8987c0092585fb8
SHA256 dcd8ddab416d61219571c3b0f1f06650e391707d7eb432d39eb314513043ba58
SHA512 b26f6e014daf5d738e6a7d2bceafef854022e27e3d0e9ca13485e514e5ab35e9eeccc89c0f5ef322eac63eed30d59eabd1a4eed7eb2b59cb30cc988224ac5b20

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 491d4de29dd9a3acb1fda8a08000ce38
SHA1 1412d2558c0ce30c4bde8086b7bb9fb81fd6f1f4
SHA256 6ce8f481e04b9e1311d30c6e9357f4590543b9198242c6fdd8a2ec49e1137509
SHA512 715b27fcdf4ca3e389fa40d2efdb0daf03dd54fcd89b3d38aa1ce0bd00b27564a425c1dfbd582b9d7d7897994c21820a0ca68bfe076c4bbf0c38f33cf558a310

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 eb765f31365ab1a9b4e1d4b72121d6af
SHA1 1ebc9467683dd335cbf9cca2d227aa20fc46d6e8
SHA256 2a94b27d37d4624def1471933ebd52d6bf2e0517a37ff6fc312ff0d77148d0d1
SHA512 8763e754c00ab5126849eb7e1aba8ccdc6c1805d236f753deb1e130934b4f3dc3d72c00154e7ff7ab79915e60d3c8b351555466b09c65a8b535ef54233c7635b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d4b31a090aa5703f227be3d5e543ee9b
SHA1 3327fdf900bcba828628e6282fc094754afa8668
SHA256 1c73b213eb6d1560ffae390aa21787ebd89ef74d73cdec9af25fb92e42421e83
SHA512 73cd7c73cdce3c7e8765f63da4921e6c4c2ddd0d1b954e91ad12f3639274b98616ccc62c48962df4d343e207e7ed44880fb9143cf4106fc92ff236e4762db904

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8266f5fd54efa08181bf931f7526115b
SHA1 7cd433dbc5d52fe2dba54cc35995b172f26809fb
SHA256 1d19b58ecd1c19bc489788f96d49fcf736e51fa7050800a5197611079f49de82
SHA512 d49ed1e7db93f4e5f6155570d52c5a1f74cb83c7b55e94756b1331a0ad8067ab58ace60e670723d8ff640fde046c85fa5070399198a3b795e37a2d9d70b69402

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bc7c82ffdd53122e0d655b973a0a8d9f
SHA1 d6bcc02e5aa5edcc61464e0741b1a264cef76ad4
SHA256 5f2372d0aabfbfe4f7ddfe22b6775b7edef2a30e8a546f7ab64632e535d24776
SHA512 46c276886a0346d704198c2913052f4955525ef4ca367566b75775718c02cf834052e5b71fcbdf6c21fe492a491d731db03f7228464d898a925ea05bf35d6674

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fb6ffc537a6742078d236c742a506b3c
SHA1 7afd89b64c7352eea3abb9d564d70ca14437f574
SHA256 54c72fd1cf86159b7c273c36eaba13dadca64540529fd3a592d246971882f2d8
SHA512 438e27b88301fcb9b021488dc50259f76fa966110072a51abc74e5f2a2d2c719ec031dd5e3b37c689a990b1a858d122376128268b0b1e1f88dad41c1e8e79009

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 091fe2ba2585e2d85ad2b09ee5b4afa5
SHA1 e0ceccc560cb9f114b46f39dd3bb14f92a3138f4
SHA256 920f52e0729ec5bb8f395b0ba91f04baa9eaccc7985fff5036b73df86fd79b43
SHA512 8a9fc08dcb41d02a08c279a9ee193af84a5b9813ee130e2c6abf6775f39eb94b58578b217f7918f021671864bb142a207f0956c8dff257c7dbd42d3ffecf3e3c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7f8b32449c0854e0205788ecdc69b7c7
SHA1 6592235d9253188846aaab37b76b8cb08a41347f
SHA256 4ed37f43827f42ec39883caf8e57ba7e5d3e84aec7471fd4c5af63e93ebdcb3a
SHA512 b0870dd252425611dd5f420c8cb734556de379ecc26045325d08daf7eeb7f7ddf6fae2375a9543e70e6b1b47f4476296a142c5edbc71293ba07b1c0bf4f49758

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 656a84b9a59cc072f52ff190e3d89ad9
SHA1 1c40b8731486eeaa263e7171a30c95da598bad37
SHA256 5399da6c983cf8651442d183c6ee536f49ad5770d43f5c1dd4e7a06502657253
SHA512 e9bead542868d46f453607ff07777aaa9d4f17baad2d289f2552ae58d518d9d38cb43b283ddbec3838fbdd2ef4049d2eef3d0b4e049e9a7241102c861da4c553

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 14a8eca81ada56dbcf302f5af977350c
SHA1 08d860b5abb3426ed7868eb244a31e344938e4ad
SHA256 7522f4963428a15ccee9423802e2e1062faeebb638c3c206502f30308183e2ef
SHA512 661be8a031c5a044ab0480d41a4a33bf50f75b24599f5067faff7d63649cce7ab31b887760e7aa0dceeb69ad4292ab7444ee1fe227f845c973992f81761510fe

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5b50fc75b91f5475e7310b0fb7af85c0
SHA1 06ab55a11ae44f0ef5329d57831bd6ad47336d08
SHA256 3a8266b5e2c31743a11d32a8d3b13b80da6e38501a0da490ecfcfa424764fbeb
SHA512 0ba1ea07abd32fed0e18dfe8a5d514d1f0b0d7a41360ddd96158cd7aa41018464b2f12cf212c4efa6b91c4bba497f635aadb14ba42321f9ed675f587670d6c27

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 99a1ff63c146bff1429b2ab47a0e63c4
SHA1 fbaf0a20d08174778effcdb4d38f7f8e56ae93f2
SHA256 079f1c3939347609c484822f826d0f926b241b5862933674d07840b740c324f5
SHA512 a6252a91eb2ee97f504d7d15eadbe2cb6a69126ab5ff11a4535dc8d061f345123ef29a368590452dd5906cb45dc7e69911cd9018742aace16225779a9a5078c1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9d4d6fbec58dd9e8d34f1938c5ba7ee0
SHA1 0ff9fb55496cec41e342e8a66e7485cac7e4af41
SHA256 a16161fe27565600174639a4d6bc465af370a70b3ab389305c21f4991645fded
SHA512 31e4bff48a07600806ee9abddb66d8116d6d6bd722333e9a795d3f39bbdef29d0c348b569d802601fb80ac6485758d9b8d0473c7fce5695bfff564336f634512

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c88ac534b54856a228fc9cd914a7375a
SHA1 a3cdc4502ea854c87ca520b26d817b8a47dc5f08
SHA256 1f91e6a72fa3b9b25c1015673615744d32a9fe8c431f466692b9bbcfaa847ce7
SHA512 514ae30c7667f1165d2eb48608aa3211399697a10dabed7a762cf1cc1891588ddcedaa401fc0d112ce607beb82562f002e802cec25c2c345132476c98432076d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 eb45266e9b27ea112a549c0116b58554
SHA1 55e293ec1108e7a7c09bd9e7d26d89ea7225f098
SHA256 fbc7fff22b87f6a50e64868f2af9b6a415f2e49b21c12548384dcf93541a1b4d
SHA512 f811382f905bb8bbdfab4cc9925aeafd9291aa6536eb76cc97463292690e43f1a3e94975daec677ca266048a059e9eae7cab76753276922b1b1551aef24ad52b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bfdff89a8ffe0fb635fdf2a14a2c0cf7
SHA1 531ea54d735f917fb1248ee3728dfd2afc7ec0c3
SHA256 5aafa774f780aeda6f1a3d2664478fabf3dff64f32d1716fcc932ceb37593510
SHA512 cbb11883ba8e695bbbb58ee6f2d1a2881ef75bebfbffbbf08989a997881bca8028b3de37e1dd13314b5ac44f943a3b700c04e14b71930e52be5fb3480a1c0853

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a3000c158b2cd446bc0c6fa702271fcc
SHA1 ae465c7db93a36144f7dbfb9e7bb897dc448430b
SHA256 0cb08d25324bf7eadf45a047306bae6e2346641bcdbcc720d49160b02b5bb155
SHA512 99f134717d8617d98fead813ece43c24bd68c01915707128a2bed8686acf59be30a7a0962bdab73ce1cf5f222bb39199766194f696e483740944684e768cffbb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5b89232b2ebd8ec2ca8a17a54f480c2b
SHA1 d69b11bee2291d35b8fa8aa5f13caab4284e1dfa
SHA256 2cec0fc9887c8edb793030e5eaf25d53b39d6204bc3264692d55bc32dee43473
SHA512 c43600188337d2e6b1507a200db8197b8bab7bdeb276d146d2de0d7f9d6ce69d4f49bb64d172368ebad093194dacbf24ea348c27770fa07c4c6e3fbf7f97d677

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1bffcce13ea1bcfa96b6bc812df0d6af
SHA1 afb9e468111086f181dba40f8eff9bdafba20473
SHA256 8ef5c2c4bc2e9aa8372b4a2ed7fc1fc92b993499cfd73dfa85182e7dee19f245
SHA512 e6b44ef8c18416dbb3e8b9181db2db8d7e383b7b69d9ab526d97319eba6e7da396aca90206ab32384096a05eed7311df2bc4f3cee4d7c8c4f17025be718d491e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 257414b4dd458b44ea7f9a1969a96397
SHA1 5d6f723f5c2c5dbcbf8e71c2335a6fabcb5bbd9d
SHA256 f9ec665921fc9040c9800c23913910be2bc015cf70747726b7c9551f7c3326cf
SHA512 9b07b8152c98f71a859fb4f738d8a1cc7549fa2cacbf2b59ac4a80259b62dbcd14beef3d7a244e214f35ff7febacd99239d622795cdc32e144c959a20174f9fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 5c5884ca0d0e69b4e4eedf0bb2f9d52a
SHA1 b6a522b2713d2825da79739d99c6cab6c4fc996b
SHA256 d2cf1bb4cd9e8a2fa8f82528a838e4b75910790cf79d9d9c01c7b0910616f7ba
SHA512 19136345637f7e1b73507cfb2726eddb4b2925e762d38c5ab24ec3ad70bfb2b2e673642783dc9d45e41b8db92d547c348bf1291e9a497265732c0376504a1089

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 887c56326b100d4075423b6e05f30bda
SHA1 a8788df9574f594502b6634b868f195a821f889f
SHA256 97a187175932008f1d11f4ba824d6b7ee236eb20ab2c88c23e884f02cdb9d8d8
SHA512 5f271d23c0d81696bcf6778f0523677000f55561925915805179c026f85cddac99cedba71ea0ec883211e3547d4b73949afa160b4851bb28b0d6e5022a24871d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 aba27a799cc20d3a83eb7ff4be7ee5d1
SHA1 991236ce3314435432506694afc7f4ce87459f95
SHA256 fc30ad33d5f61c6fd89b1a77fdd9e65798e9d2b8c9e21f36bd29be13165a5de7
SHA512 527f520fa932981c984d541ea3448c5226a604797872c69384c2bf2ff8098bdc9e0502c44d2f8285166b88eec838b3aa205bb9e9df8c89052a87f44ac71705ea

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b0d351d6e9ef904f0cbdaa3f1768e9b9
SHA1 9190fc37d3dad8a00c70fff2be4978e30c30b5cb
SHA256 450aa794e4d209627e8e7872e896ed30a32c94977334969ca8983dab061e0cb9
SHA512 6329c8f5dabf477d8adf0a076250d5c95db7f8fbd72a22ccc8f462efb29b5037317a89c9d3eda779e3b46e1bdbc86e3cbcab94a6a0ca197febe411aad5f9bd38

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fb435976fbe68b8a0448ce4822a0747e
SHA1 427521810efeb890cb0df9716d742021051791db
SHA256 28e46187dc48e589a2317d0157fe1d4cde503e40d541a6a09660b5791769e1a1
SHA512 98b6fde16c0f1e02a4106cdae65d42bc78bc2c6d81146640407722cd996ee3687e8bdee6ac565cf2a804435d0246288b4db1ee10b0b5252a50b945c9acbe8c1e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bf049180df341498b8a40afccb4b4a92
SHA1 51cfbd37d49136b7f811bc25765ae32fa77c2ae0
SHA256 3007ccf9dc01219eae1ad7acd3cd8ec62570b9d0361023a19b49bc46ce5885e2
SHA512 daeef245637104de6027d3609e108d3c0d855d6eb479eb23e0378d8a1349ba494af5892f1626f0db51c421ec623e17559ac2d720292b292281615fbc639426c1

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6eb499cfce6eba37cb6b4cc32aa2a9bf
SHA1 5f149beef683028e9e583848038483b928705d6f
SHA256 4faf5885036cd65561a957d29dd19e24ebc242f4908f2251f0ef314cba263247
SHA512 9923ea25eca7a76c3b373a0ef98548a50819de2fa3b9d6ed6075cbcc40eaaa7e4f9b23b971c76081cbf32fa00cc535058687e60bbdb4c961545710c4767644d4

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 728ef3e9925168f0f600cd33c0d2748f
SHA1 a062299b1838f2805e63f263b224bcdd4085876a
SHA256 e71e05b2b230a4bb6aaf49e6f3b0433f824b137113b00706cc53b63bea2afcd6
SHA512 ad270f12e13f264d8a29e1899cc0294519152ae1074049d98b71d9e1ae8d54ce801e403a0fb4e9a7b331a73e5415ab439e694c9d652adae054c68c3f42c6f367

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 58b71161ef180cf469ad1e35dd8759b8
SHA1 8566c9e19716818be8192d9935f86548fe123bb9
SHA256 be0b6504e29b9e72d423926a241efd701414159346ab4b56b1a5239aec4eb79e
SHA512 f69b9695ea648f74580a9af3594bab14b2a4c987678a61e39f61f745adfb86ff04300b14aa09b1bd4bec69a389e6e944490dd857fef55e60a6c7d4007961b575

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c47bfda01fe84e76deb1a955f2422d6c
SHA1 6de247fa881e5795dcd21059e483c3d6a487ee2b
SHA256 95498e4ee63ed73d4278b591caaaf3c54fb47bddad7cffad5ef893f437eb5a3c
SHA512 3a022589a824e34f6acea62320e6ce1d77b777ec7170d118504cbe60a375f6cbb31ba60a42777059b8dbed62c3a24c2f158cffd416b7850d4f29afba613965ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a4856cc092e2d4dbe636449159971004
SHA1 137692e826399a9304106bebe05d1da3a3e2175f
SHA256 efa8053aae7f98e30aee8d5a9f9894141363dabd6cbcbe26d2f92dc3c60db0e5
SHA512 eaa78b7c455c13cc298e5dbfb3c5391371c6f2806bbd1a824bd91730ebb1f6088b2e844c970861f4a6b697df4ed9ea75bfa722521df6ecebea2e7c6a1f4a1311

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4cd65b1abf40b17d7df64f8b6a2642cf
SHA1 67ef928dc551765827db765828231892be204442
SHA256 7aaa42e46c4cb982848a15cf1570a15002f233801ad1fa05804ce58ba944ae5a
SHA512 4ea402ba6f0abce8f1ce3688af1e2e6fda3a21ff8fbe46c9389e53afe115dd3524d98c19251a51bd4651280b1b3ba4fba005777868eb1e96b487287fb54f2166

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 6e89dd1558dc72fd504ac4688c22caac
SHA1 1779dabae5ca284fb7542f8de06f09931745a090
SHA256 1beac94fdbfb65d1b6b46a0bad9e303c52ce28c3b8ffae8e68845a75cb9e03b4
SHA512 114f42afbb4398cd6b2688b98ae3a5a491bc64ebe0e9e10f9e266d966df115ea4f2989cadf45c2e9bc789d6406302983d1fa197f246ab2c080f387f646c13bf2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e5c25adbfc2c4f2755045a340a2ce6e
SHA1 19d56da07b9ef2d30be77a8d87564f5bc4ae2c7f
SHA256 d76ae9ce5c7c7e3e52b5c0b3890683770865c3eeb72e11bac70a9663d6a798d6
SHA512 af080a13e51fee0996589e2eaa17dedd921910025d19e8e2b21ac19f23d184d0bc5340f93f32d726a4150911ebbc0af08ff32bc29e42f792df69554613d9faba

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c932cd237abffe0a62a3af679dac98c6
SHA1 ea5d3ef4f6bbe64d96b588b989488c16e302e44f
SHA256 81a559abfc951c6e083672e41cc782a13a853b9e9a535d12c1ff306aab944ed9
SHA512 3d4ac44a0c1fb090f3e2f110ad2c983cb889ef621e301310768197d52254be77b127187fdd54cbde874a24f7af483d019c26592ec3db173c9a0bfe0f3cce3320

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 afacf598a0fb19d921c9f33a0dd32186
SHA1 200b0c46f3ccde4a1c3df86f4e3a727dfb4002c2
SHA256 30a8f210761f6ba6ad098eac18871d367684b5333b9e255c98235d913e036002
SHA512 68f067dc0358f17be7ac0f06af83e8b8bbd371f92c2c7caa87b177f36de4a82338f6b0114be9c58e293eab4da6a65a669c62ad4cf7ed0142b05613e89a59dc33

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9183e2dc12e4f3565b0d539d49a61a20
SHA1 4e9aeca4055fd77aab465172008a3be639ee34ef
SHA256 d0e5012c7f4469233ea29c6e1279e95f00c346d27732dcfc6fe889be8769c872
SHA512 ab78bdd10b09e433fdce45292d16a95593bf3e3d4cef9b6ac499296f922e73937460e52c8efefed531c8910e42f7c3ff37c1c3dab8cb3a76bfaf3c0c5a8d6e66

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 2504e68b2a6f1a9af76858e4602be82d
SHA1 f076472312983c806bed4f9f6ff7d0cd0f8f738e
SHA256 d91e4c3df3dfe9dd5a4953df4eb5252bf02b51adaa74de15711e54be6fbc7e7a
SHA512 c5776b6f56204ac0244ee33c290c803cf79b6396b051fdcb37215e7a620620734021289be0aa02472f117561a86256a64142d11a1b5582149037e89e2c3ef872

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0f660c8be1990629efca30ed20208b58
SHA1 247676d184729351167752241e45a54b6347a225
SHA256 f97159067c41eb35944919c1d98a12a0a3f177a2854cae724fdc7eb3430e854f
SHA512 59866289d9b44037a99425832f592d96e88d59ddcdd4bb2b19261e0d836cb45626f197f385af6c038d4ee2db4f1a44a364b70d45f98ab53b8733d00c2a85471e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f6e288e7efe33ea13f203ea48195a667
SHA1 402cd0146e779659782ae460d7cc940528f6d502
SHA256 ae38e3c045af1137074d71797ce1aa34b0e034b4fd187c2b523e86699bd41021
SHA512 8a4400dcbad0b5f8b5d1d4d9badb5786df04f03b448a115e650a6d000b853bd4762c191cea1e85f4e7e40f984598b79bfa220183fc1a1d04415a6c6de4c6a665

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ecd01702ed3a663c93a7c6bdaef7f3b1
SHA1 db9945fa14c1f9c87318b3ad23a2fe25d2121a42
SHA256 95825c0f3b07105689ac60c8d5a960dd66236b6144646d0f24cf21bd9ec591ce
SHA512 adcf492a34e4182e38f8a25616a159907a52e669c7ae43afd63b7a5ecace9135278327cca0265a7784d990fc2dfe0a36cb5da35f7b69e73370cc5660f4ff5b72

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 ba688968d4736d6e8c7ade0930d2c4a2
SHA1 18f18218b57b5b938e0a1d53a79501169f137a89
SHA256 427c43e653d4e20e0e9869290dea8390dde41ead98230c55a72471f65845a4d3
SHA512 c0b605b03e70a45e9e4bf0e7f00a7058c30523d3da464c58f46301aa1c7f2367a1d57627f5906a6cb0c4d7a21844552b678717e65112e13e734d16e6533dc755

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e31f1ad7debf8dfc2f494aa87a0f6623
SHA1 bd7bc73a45f6266d3a1efe12cfa4963ec3045198
SHA256 c5fa374f1621e6e69b670ab3f98c9940d8a11df94acefb6250ae08a7811303a7
SHA512 c0e1e8198f4dc765bc984747b163d89f84adeacd197f91caf16ad1c07d9e30d770c538ea6734e74a63498130625c342ed85c2e4b534311f270e6ba112a770a62

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 7e250f80e01bf5deec06040f231702ed
SHA1 2f857e0adb4d0aca18d36a25c0c6973b812c3581
SHA256 437090a66f0ed78d991c9948b58de7569b473a42deb71937ca94ef1a3b3bb938
SHA512 20b0864872608a4326c12bbae3561e8c589ecbb6e35ec805dabee4619b54b4bb7ec69c50af59c360232b0bfb8ba6056abe40cc4b615c3ceafadcdcd0aa36ad10

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dc240f187d35ed63cf7eca7c5e739000
SHA1 fccaf5341d45f4a5a7ca82d1946143f3d9e8e4a0
SHA256 2f682d33766f26655f2d17fcb55c303219874b63b787163dfc32d0d9db767f0c
SHA512 da7a59de4c43e96d4de8a76a194632d70409990b03ad0276adbf6eae3c269e39b304b23ae5359f9094cca6103cbf1751eb677d0af7377ea4c998e325baa712da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9fca25b9abaf6eb2c3f5af84648381b8
SHA1 9ad9a091ce72ac602e6f10eccbf5605a39fcca50
SHA256 328c28d3764a95815c6d617706a271d02e9d4bbf21daa19896eff8dc78afd682
SHA512 86657466907518ce8a1e9b2bccde5e324a191b2a3c52840799c7b58b5b27997c615a481abe273b23ac2fcbaec72e47c494cbb360546b992d7d9ac1f4fbf3bc8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\d6e86150-b714-47cf-834a-84e148c5a4cf.tmp

MD5 2b8bd54c3cf1db2c36093d8c6b044b1c
SHA1 60284878d30b45a9c38f1bf0019f910d9387eea0
SHA256 0474060c03e51ca51bbe27142e05ddd0ffe2c82fbbdd44dfc15b50e40e12d2f4
SHA512 3050bfab1dedc62eb2a1b30502a71e0ed5770b1e378111a148133826d0eb63d0deb0beab4fe6e6c1dcf135ebdce9026c863f5a879105403d14bddd4107cacbc3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5698c30dba1ae25aff75de30ddb2b8eb
SHA1 ee2ad285db06be31e763eb34a70222ddfecebef7
SHA256 c352534f32303d583dcdb590a8b62c41506e8c476c3f139a6cfd3f6264c8dfb6
SHA512 dc71b78e05ce6347824d2a7beea092faf37781fdd547da2cb8be67c6e70353b0f99008dffc8b2e01fcaf16dae444e465f7c955004a9e56beaef85cc576dbc235

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 656fbe47f6f6242798b0329f65c590d7
SHA1 2fbf3474358b415cb10c58fdbf4bb88217b57e73
SHA256 e3d7e1b0aa33d414226a835d1f0131f25c2d91bfaec49a48819063181b8b41d4
SHA512 e37561fabbc85729eed26f68cee76413d7dca3f0d8da3dd0f31d3d528a93872c260214952ef257f30816f8aad556eff02f6ee1fea5cc0cbdd238e9d5bfa2cdbe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 49302196ff3dd6c80e02719ecd18855e
SHA1 1376385080f0c83c347622a0f69147f89e5c21fc
SHA256 97bd82613b4f2e1bdd442a9f95f5ec9a942f81556950e664a73db13c0fdd3e37
SHA512 fc9acf32cfe914886ff580019448a4d7429ff45cb8f846a366ed1bd8b1710dc2774d67d4420927f220905da142191082417014f68885befb791134d1b54c1da8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b48ebc723e0898660b0bde14063c2db5
SHA1 154ac1a1312e23addddd5d3ec489c7f8463301ed
SHA256 8c4e25f5ac980320e2fa883a654fe252cded573d52d01df383e14fde3b7b6789
SHA512 87938e3f9142be8eb86cf0211ab22c01c52f96612aafecb51b56b8ec08e8ca8dd22570315b635a29b336d6d76486739c68fc505e9784f8682fafd61bfc2bf9e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 8ec8cdc5a0b732ac8ab41829cf6117ce
SHA1 8b90c74620226138ba4b7b7d3c6f38156e9d7269
SHA256 6516a53dfc411caf15bba69072d958b5c439a794529133ba1c2923f3d619ca32
SHA512 0b33a77fe6e380045884450b14f4f1cb8e7d8cc826adeb57cc1b916d3e6886dab178b09bcb12f5779f6ef74e7ae5433f8c751c1f04df21112e39a002e4daacab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c7da0727039e57fd4154cc6ffa4b00ae
SHA1 63d1d65ed442625fd5a54d29cb18ef65cc89b365
SHA256 ae2ed4cc9ebb10ce00261d482bf363790e825e14c67a03b1cd17bee811fcbf0e
SHA512 ed18b28c30ae4e026f373e0266637147f92597d1c52502571890819fb0a57bc6bc36f905a0aa4c2b8dcf7672a7763d83469486945be8080c7ea9c109b9d30d66

C:\Users\Admin\Downloads\Idiot.zip

MD5 d65cd3364f1054d810315c51eedd837d
SHA1 bae2aaa5d0a5a34f7d58bacc4e0eb9add69dcef1
SHA256 ac2aef094f56ac3356cfdc41f722a055255c16f5908fbfc38f5b8f8a3b091812
SHA512 696c52452e4099c2259d7bc4acee39335fcf386f6acbf17fe638cd3caa7a12231ed1fe907c97ec9570917ed729a85d381c6a936cfd71d86bafd290482f5e97c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9c01c66a907dda7f2597aa39e355bafb
SHA1 b9c72eb8c35a35f082380358ec03c457cc66c1d2
SHA256 8caea18a342e885c5b0a5a08007e1e48e5a0b346b79f7278e33e9b66beeb965b
SHA512 efcbefed3b1ba21845349900078d97d38ae5805a6233b99ca8cd3b990d9defce2ca38a060c36cf6c3268be97dece86bdaae432883d9ec769543435983fbddaf2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f55aeb36f938c95ffaebc3255202bfb0
SHA1 ec823aa0142f2c62333021b28e6d55f386446e44
SHA256 a49631d906f44a7536a5f0bd864a146f80e5242ce18fbe6fab8ed805a85ab778
SHA512 d7a7a8ea756e16a2d6d7e508726540810bc73faeb3cb01af662c934f0be638ca19e45152e55fbefa9cd0a5ee1e5b32f7377438ee4b6a4041fdcd28d5a0b74293

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3430e10b322435cfbbc9b300eed1c92f
SHA1 4adadba0cb9aa2e6a9534d88fc2a39ebbdbdbf80
SHA256 054c0e96e5f504e52aab955b0360f717ee37c9df75f4be04f9f5572a36ea8860
SHA512 122fb086cf75ffd89b9efa78995112938b97ae66311a74a0a7fee4a7a78ae08ffb6a416d44f9aa5b40f362bd94accb4aea0e2865bb56ee34e5e1a137d8f35159

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 e45f74632d18f5a4d1b9c2d4c895f9ee
SHA1 47d5d2d9594070439ddec248e7d7c2ea15effed1
SHA256 aad07c6f7d7d1add617b214467017b5410c3ac3591ac4e5cc20df695b022d19b
SHA512 e2c58bf076ab79882ebd48948ac01ee8d922065282eecd240e3d6789375ff43e7e9b03a2683052c3a51b99bc1a4ae98a45178d53f3e160f24c6c992baa7f17ed

memory/3516-9941-0x00000000011B0000-0x0000000001222000-memory.dmp

memory/3516-9942-0x0000000074410000-0x0000000074AFE000-memory.dmp

memory/3516-9943-0x0000000004910000-0x0000000004950000-memory.dmp

memory/3516-9944-0x0000000074410000-0x0000000074AFE000-memory.dmp

memory/3260-9946-0x00000000743D0000-0x0000000074ABE000-memory.dmp

memory/3260-9945-0x0000000000B50000-0x0000000000BC2000-memory.dmp

memory/3260-9947-0x0000000000520000-0x0000000000560000-memory.dmp

memory/3260-9948-0x00000000743D0000-0x0000000074ABE000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\e5a587f9-dbfb-42df-a246-00c3c1182dda.tmp

MD5 dcdd799af01d5c9f210eb6808a84faf3
SHA1 681a759adcc66b4ea5001a89c44eca1a148d2791
SHA256 e5c3ea5b91f506076ac05b1fedff6a9c8bf9f0850dd78d387bee6c9fc3e6eefe
SHA512 fe0470b044c5ff9b9fdfc9d6177de2ac537297b0bb6b74be2e7f66875a9a9fb5f47fcff212e3b38ac78934ac99c047b1469a853c996a6ec6fcdf32950568b805

memory/4020-9957-0x00000000012C0000-0x0000000001332000-memory.dmp

memory/4020-9956-0x0000000074410000-0x0000000074AFE000-memory.dmp

memory/4020-9959-0x0000000000550000-0x0000000000590000-memory.dmp

memory/4020-9958-0x0000000000540000-0x000000000054A000-memory.dmp

memory/4020-9960-0x0000000000550000-0x0000000000590000-memory.dmp

memory/4020-9961-0x0000000074410000-0x0000000074AFE000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9a7c17051bc01cce5b3e9b111c778984
SHA1 23bf77b5b0fe5f8128eee6c54fbd313f41339dfc
SHA256 6601d232908e6d666a0bb19c47503da9f6530e07278740e863f56619d91bfcc6
SHA512 c113c8ad454a49b363772d7350ea4ae62e67c164297036d33d8e52caa3ea967b21145009b40db4b950fc5cfcca8bf10737d926d000b94435a73bdd3e6ec0310e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\0efabd12-0437-454f-bf12-3f2b6d2b7f9b.tmp

MD5 82faedfe798a1e8b603ebe8710c39e5e
SHA1 7e1de82a46c189aa49e5cacb80c661ed2ebb71dd
SHA256 78abda3d176fa2ac10a9cff0d624fbc857881d095cf33cb4e437b0f7aeea2a14
SHA512 72bfd1502d4f3bcbcc8b676b7bdfe06fcce63fa9a8a1b7cd58a198262f3a9ddaaa42da1de7213c18c457b5a49f2c6aa8108ff061d9f167c5ef80227cf25e90c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7cf301c3749aafa470ac76b9b3b26ba6
SHA1 762a0572865d00fecd44b3f93929d30c7536bf00
SHA256 429f7706b53e96becae35063d8b9e9118ed19e8621ebda3528e2a3e0c48aa344
SHA512 95305dc4d21ea4ea4e26c2bbb5989dc1b7fffc4d49a2efa5c30d11ace2135c9f2515a474c98f4fdbdeba7a9da5b6d8837e09acefad1bb0d0fefb0088b281d3b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 abfcb7f8e050a8b4ccdc8dc1551f0a9b
SHA1 8da7871a46555ed1e5b1fd736aca6d6281fd179e
SHA256 c9af17d6f31eb2dc212fd96557575c9dad96bdb52f689c5b66d5b39814ad15a0
SHA512 654a36fa14fed8e766107a533fdc449fc3a4fe2a1530e930e04f621c3208089a0515a462382e31fac2d0992fa53ecf5bc5b32bcc14c8c166672663b64f6fdbe1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1f99b70864931b4c1966caf660f77301
SHA1 33fde7c1553982522134cb3f39ae29c3734d5a2d
SHA256 6e728d91309db0de9f90c693a8bc9bcb6a196742bcbbb2523e1d2c48956d7209
SHA512 cbe59d59104070e7ceb5fbe01ad3519031f482fa45184b760fbf1eb5306f38af6fdb49ece3149910ddcfdae6e1470fec70439d985c90404731f601a6b7828a37

memory/1780-10215-0x00000000743D0000-0x0000000074ABE000-memory.dmp

memory/1780-10216-0x0000000000C70000-0x0000000000CE2000-memory.dmp

memory/1780-10217-0x0000000000B50000-0x0000000000B90000-memory.dmp

memory/1780-10218-0x00000000002A0000-0x00000000002AA000-memory.dmp

memory/1780-10219-0x0000000000B50000-0x0000000000B90000-memory.dmp

memory/1780-10227-0x00000000743D0000-0x0000000074ABE000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5ce2df6ee61d4b889fdb9710b326fc5a
SHA1 96b48ddda6d3c10620aa218da4e63192338b25f3
SHA256 b68f85e2bf7b5421d1bd7638b240e3dddea95108031f07e3af82ccce796fc367
SHA512 4aac73fc53108a0032922448b3ef2048c10245553b13360a38fe1db46a01d81717fc0699d3e6db5aa8512c6b7a3ea581ec8a8749a0b3a0e89fabf248c61bd6d4

C:\Program Files\Google\Chrome\Application\Dictionaries\en-US-10-1.bdic

MD5 d83f5de2a44690b838848a23ac690d11
SHA1 e6714015b471d187ef9bbaff5e2bcae73279f072
SHA256 2daf82f3f9aaf6fe15dd35b7bc4409107b9a6bd6a961574f2e9a65698cbc902b
SHA512 d4766862dceb599816754374dbd37584f986d34adaa49cb7fd85907dd9d118a4caff22c4e6300100d86a785f169d03229b7cf013745bbcbcf076f479a33c582b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\001b1e5f-078b-46d5-ae23-35d42937d5e2.tmp

MD5 598ea11772dd3f5a3931b7c0ad84b0a1
SHA1 4ee140a8697c191fb22e9260293ab21f7e136598
SHA256 0e4f9f010116f401966d95913d2f4dd4ffa873d486d6aaf129551662d7f08a83
SHA512 8022bbba330cc5a60e868e82f863b721c0f7cae70d9a6c300c022ad6364a0ed7f48998e26d031b695e62c5932d60f1d621abcbde0b12e44cedd63e2ec8381b97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2b8ff11d96d9304f912aa76f40d182de
SHA1 728b17ca5d6965546b0fe6617066b8757a9d1bd8
SHA256 dfa59f8c6c18d3a1b7457820b306cd6b46fad08fb97f3f6ef04bfa5978ce6e2c
SHA512 f97e5ede9038bc187fce28f88801e5932daa984ca692bbac176ff886e15c4485fa376f961f0e1164f6b52c7412835173507f82cb4a597e0a3f8d876590d8e6b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\c24c710d-34ee-4af7-9070-0c9d4771e13d.tmp

MD5 91fc09b973f9a041baee102b734f6287
SHA1 66f11ac3a076eb9a99b6a902eac0aff7baca0e0c
SHA256 a56738e6840432269446dc5673b1d8cd360ca4ceae93d40cf976803ba03f41ac
SHA512 5c306e05f25f2bb2e2429977a4f2cf5feccc05104d8fd3a6967291f055e29e5c737f840620117fa4c9e16a80fb1c860604084fea424bac9e1708856fdd1f3894

memory/3724-10364-0x00000000036B0000-0x00000000036B1000-memory.dmp

memory/3724-10365-0x00000000036C0000-0x00000000036D0000-memory.dmp

memory/3724-10366-0x00000000036B0000-0x00000000036B1000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 6992aa2d747756123be1c5b182f9ddec
SHA1 ca793310391afb6484938a731839ef59a13ded93
SHA256 89563071fb7bb4205206469f561504c6b36e764dd658eaaf8d02c0901d7dee26
SHA512 022312f898dbc857d3d9bcfec3b8661e61e46bce311ea4b885b30527c05b739fdc1b3c0a0bab6f6fc0b0d972f1dc03a7ed1027b7bf649bc6b46d7a73ccd4e864

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000009.dbtmp

MD5 979c29c2917bed63ccf520ece1d18cda
SHA1 65cd81cdce0be04c74222b54d0881d3fdfe4736c
SHA256 b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53
SHA512 e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000010.dbtmp

MD5 60e3f691077715586b918375dd23c6b0
SHA1 476d3eab15649c40c6aebfb6ac2366db50283d1b
SHA256 e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee
SHA512 d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4ce9183f0ff13fe3431c0258b06782d0
SHA1 4e9e8d98ec4a1106bb6724051304a3616cc94388
SHA256 af40fca0203db9ce726e5f34b02d304102555d9e8e3c4c5b209acddd6393ca68
SHA512 bc1c74360611f299c414a6b53eb4a02c43b3722f7fa130d7ab359f9cbe045916d1593b473d97846bf7fbad2f2c0d6e800878289c46ab9c77aada8965fc9ad9cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b03409651c10ffc6ea5a65bf68217e7c
SHA1 b74866cbf8689eadb3d738d338738ff1041b6eba
SHA256 2c3cd40261c2b8d9151a3d62e729e5fccdef5b87fe7f1edf8dcd89f811dfd050
SHA512 d118a01d36a727433da3b257a50566b7e8bbced588314faf9ddb7691f4ec828ca98c9b2b5279921e20e3d3216193d779c8e5d0bf049c50a73ac5c2e87c4c4cd4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ef57ef4d-124a-4889-adf8-00495758bb59.tmp

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b5015ed12a23dd243cee524b1e829c16
SHA1 f33c68e2c096c2b156757ff6581f9c4445ce91f3
SHA256 30efa4d709e3e6238ca966e8d29649900e58aaec1a0f716fefef27063ec7c69c
SHA512 a6b59ec2bf842191347d47b9db52aabee2cc533d98ae6f20a166354b2952939b1bcda5145d547f85adc79e1b6d06673888cf2d188aa0039d5e114ada55e1c8a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0810846ed92a5a67bc1699f331c72a47
SHA1 0f8bdc27c55dd09e3a065f78bcead118424f3836
SHA256 48cf9b45ae2fa99df8d272c0f9a5d26eaf4e6841b88e720c713afb0894801548
SHA512 4d37f1e6c835cc9846d1f93d157b771c4a4e0ad2442f13399e3350885cab0060f7fd2b64ed77d3e6d9c7fbacdb531622729d3c3f56d2080c45e5dfd05c47b52e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 60ac17a540395ba9fcfbb0dd5d21b22e
SHA1 a95da44be2630de0b080c96f07c8209a01e851f2
SHA256 7468bc177fe2ec8f511c92200c3ffa575c6da403dfd1929be11ed80bdf73d1f8
SHA512 221d00b1f48bc4cbd69cac692ef2ac975a96cd8abbd93c5e16a28d66e3f51c117f9d985eb2c8b0fe59b71980a21a25aac48f8155abeeaac759ff270e40cb5236

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\56cf70b4-89a6-41f5-b758-164d8a5200be.tmp

MD5 92fbbd09e397b1393a17a13217ce4c26
SHA1 211f16f655d4f2da8c0ddd705b98d59ce6bfbdc2
SHA256 d272973a4c24547ef103544c9ccda60c3660142b6370c24f7c428dacc92d81dc
SHA512 02802bd932193d3c2d67d26b6bdaf4807b2f4ba5a0f074ab933e6b76402ea0157b4d1ddb1cbc049fc317779c31314c9d75efc3a73e86679290bdda11f643c07c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b1fc90e90eacaae1d40f8c8fecb53eec
SHA1 da1e4cf7fb89d3455e3eb037de1827db16e0955f
SHA256 b5bb96b9a8ac7e4c0f81d1470f6a64396584129083641566e8da137694220f28
SHA512 402c955dc25199087cd4fd08fcf1cf78a9e99ea4c36d0b17f9b94b76e04a36595c8e010a379f3f780efdabb5ce38a6c3e157ed53adfa91d401488e12e98d3738

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3dd701f65114b534c461e767f5568940
SHA1 8b4bff58203278726dbc50971a1c67eba511ab1e
SHA256 f6902a2a30137729789db9cced4f827c70b48b07d3ef4c49e8cadb9755df6b66
SHA512 75cd0ab11054f18693984bee8b5e0c4ac1e64ad48b3a10c35fcc829f0e0b1a19a4f80d8c382747e2b544959d80236ff5420466169e8c921ea81d430851270225

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000073

MD5 90e56c21a2da9f16108cadbde3863017
SHA1 2c7ab5d03515d1f68c5b55cd48ad04a8813fbea1
SHA256 d06133a83c0a851f450bb982f74fecd12247b67146e21dc0bedae9ff95838e9b
SHA512 c54cb3ef171dd620599373ae111ef21d4cd05e1c259acf7204cf6ec300b0da825d4ebaa76c581cfeff729e280a16e71b9648c08822c29c7bf711395778efea84

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b335e2973b75d6edaa70c423bf3f136d
SHA1 af1b185e5b6083de1f056f62162834bb64c2ddb6
SHA256 40d571439f0af96476330853480ac41d2e40b7785841d6bad652e1fbb9767efa
SHA512 e66eb86c5ae345a51aef64e2df9e8dc43bb4a3b4184156c49a6ce4aea8fc1b0222e7b111c7b1e08bec94cd01a69b6bd7e0aba1f65368c01c4f4cfb673ceedf66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e5a35138f68d5452f0c27ec0c3479d5f
SHA1 dba1d733efc8971ed08eee3a37c972c51547209f
SHA256 c3bd9862df218b2e54b919be93e38e6a2d8e84b683d01799409a738a71bc7f4e
SHA512 ca163baeb76cdadbc2417d2dc345eec5f759e0f72bf709688ec9241b82da1fe4ad0c0731d6e6cef161b9654d1a7d662efd4868d6c6e293e2adc0fb750fa3aab9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 06949355309d736ab97977dd48d33838
SHA1 86d3530db010c5302a60c0388085359fb25efdf0
SHA256 09a7ebcebc6aceaca44960a6f5bb50d7fa9306c90453da51137b49429539439e
SHA512 2ffb61623b0f6619a26d7778ce6674c4152467bc53dfe01822a0ac290ee2872c8a58fb8e4ae1d982e0ab347cbe5b3d24df6d755afd885e07e2bf803228ecbfaf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\5545d8e1-ef8b-4740-b974-fbfa0f51847f.tmp

MD5 c7b8ddea95dd9cdf6af69744adc57e9c
SHA1 51ec659551a0a115a21fd7d2d0480b0576348a7a
SHA256 273568440ee4accb013079c99b4587ab75e155d07ff690d3f020a7d8befe0ec0
SHA512 0598e56470af8094c2b789dd8db4598df10fc1109e8c956d33856317d209ae9bae551a99bb447c575c406c7f79839b26279032ba6b8f5830e16e702a2736c6b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0a8aa7ab0be84ee3209b509e64c63c9a
SHA1 36cb4889d9801b35fe59035b25221694f4162b7d
SHA256 3cd0f561cc60b7b55bdb881e4a230d4d38abb88b6b95eb464ed128eaa8a1fc70
SHA512 20e6e490baa9061147327674302016d82ebc1019d25398614b3fa3187bca0946798abb4b64d0a0c3839cf1860dd9206e46cdcf28749455cbf165722d7fafc19e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00008b

MD5 7fe2c36271aa8065b034ce9efdbd2a07
SHA1 e22ee654cb122d0d62393dd8d6753d2bcad148a3
SHA256 02cf672988303d8fbdbc7625f54596ece6d83c78152ca6e1aa332fc8c75d5c34
SHA512 45d53a09ced29138e2f99e0e8a293322050f8032e006df06315ac9af2f1ab64d1c767ea5db53289bb5881a4866061299e5a60cd83753fe6ba88e8de7562706ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 73572b5293173bf10e7d42ac5cac020c
SHA1 530588709ea6541f20eaa9372f2651a7d60c6694
SHA256 2da145c704cdd5172452d5474d620624d8bf2c2f452d210f4dafb21e435acf35
SHA512 9e4ac5e3e6ff73855ce368daecd3f9bc46525b1c024f5ee9238ab1d255a13c877eff73e1a8345b3b98e5e70dbf4d3b42365f5d43c39a9ccf965d25588eb5aea9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4331290173beac4111d7395cbd5ddbd1
SHA1 b3601b70f1344d41f6794a9cb80b5bee552b8095
SHA256 04c5bbc6ce8594df0ae24404f682a3ecd31e9a6ad5c8970af5e8a7c1daf3537c
SHA512 cc9435821b72e332d82ac88d856a746e5f19f05e6e46c8d0e0c27ea260d88b37dc1afe66cbf71a16499e326ae6aedc0ce2fe7191964826dec4f6ddb55e5b8e73

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 753ef2ddfdc426c3b41014bcf33b19d5
SHA1 05f86e531d21aaef6bbf6d3acb2123bd4fbe78bc
SHA256 a9b3090ba91aeebe3cf12445b5600a7940d466b61a081c3a8df54b0596816501
SHA512 d706a854658fb055471fd52d710bc965a8445824ef07b689e34977ea40d4e9382efb4dfb3261128e8be8e2e691602fed3db26259cfd3f44595a1f9c5223e0a06

Analysis: behavioral2

Detonation Overview

Submitted

2024-02-04 17:47

Reported

2024-02-04 18:18

Platform

win10v2004-20231222-en

Max time kernel

1680s

Max time network

1684s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://youareanidiot.org

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1432 wrote to memory of 3076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 3076 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 4336 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 1432 wrote to memory of 1144 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://youareanidiot.org

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcfb5946f8,0x7ffcfb594708,0x7ffcfb594718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2144,1765182990320732175,1046555395649480531,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2144,1765182990320732175,1046555395649480531,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2792 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,1765182990320732175,1046555395649480531,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2156 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1765182990320732175,1046555395649480531,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1765182990320732175,1046555395649480531,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1765182990320732175,1046555395649480531,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5028 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,1765182990320732175,1046555395649480531,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2144,1765182990320732175,1046555395649480531,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1765182990320732175,1046555395649480531,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4752 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1765182990320732175,1046555395649480531,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5216 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1765182990320732175,1046555395649480531,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5872 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2144,1765182990320732175,1046555395649480531,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5876 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2144,1765182990320732175,1046555395649480531,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2728 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 youareanidiot.org udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 50.28.56.190:80 youareanidiot.org tcp
US 50.28.56.190:80 youareanidiot.org tcp
US 50.28.56.190:80 youareanidiot.org tcp
US 8.8.8.8:53 22.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 193.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 190.56.28.50.in-addr.arpa udp
US 8.8.8.8:53 ww7.youareanidiot.org udp
US 199.59.243.225:80 ww7.youareanidiot.org tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 parking.bodiscdn.com udp
US 8.8.8.8:53 225.243.59.199.in-addr.arpa udp
US 104.22.41.120:443 parking.bodiscdn.com tcp
US 8.8.8.8:53 www.adsensecustomsearchads.com udp
GB 172.217.16.238:443 www.adsensecustomsearchads.com tcp
US 8.8.8.8:53 partner.googleadservices.com udp
US 8.8.8.8:53 api.privacypillar.com udp
GB 142.250.178.2:443 partner.googleadservices.com tcp
US 8.8.8.8:53 www.ads.com udp
US 8.8.8.8:53 cdn.primeconsent.com udp
US 159.203.145.149:443 api.privacypillar.com tcp
US 104.18.13.192:443 cdn.primeconsent.com tcp
US 8.8.8.8:53 apps.identrust.com udp
GB 96.17.179.205:80 apps.identrust.com tcp
GB 172.217.16.238:443 www.adsensecustomsearchads.com udp
US 8.8.8.8:53 120.41.22.104.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 192.13.18.104.in-addr.arpa udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 149.145.203.159.in-addr.arpa udp
US 8.8.8.8:53 205.179.17.96.in-addr.arpa udp
US 8.8.8.8:53 parking.parklogic.com udp
US 8.8.8.8:53 afs.googleusercontent.com udp
US 67.225.218.50:80 parking.parklogic.com tcp
GB 216.58.201.97:443 afs.googleusercontent.com tcp
GB 216.58.201.97:443 afs.googleusercontent.com tcp
US 67.225.218.50:80 parking.parklogic.com tcp
US 8.8.8.8:53 97.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 50.218.225.67.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 13.86.106.20.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 18.134.221.88.in-addr.arpa udp
US 138.91.171.81:80 tcp
US 8.8.8.8:53 11.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 211.143.182.52.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
US 8.8.8.8:53 41.110.16.96.in-addr.arpa udp
US 8.8.8.8:53 185.13.222.173.in-addr.arpa udp
US 8.8.8.8:53 119.110.54.20.in-addr.arpa udp
US 8.8.8.8:53 140.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 210.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 48.179.17.96.in-addr.arpa udp
GB 96.17.178.193:80 tcp
GB 96.17.178.193:80 tcp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 68.179.17.96.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 3e71d66ce903fcba6050e4b99b624fa7
SHA1 139d274762405b422eab698da8cc85f405922de5
SHA256 53b34e24e3fbb6a7f473192fc4dec2ae668974494f5636f0359b6ca27d7c65e3
SHA512 17e2f1400000dd6c54c8dc067b31bcb0a3111e44a9d2c5c779f484a51ada92d88f5b6e6847270faae8ff881117b7ceaaf8dfe9df427cbb8d9449ceacd0480388

\??\pipe\LOCAL\crashpad_1432_CNZCNWYRZWBOBVNI

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 faa479f40e48deac61809a315ebd0b2a
SHA1 ba2784b3abd9360cf37cba2016cc8686f844a964
SHA256 231f07e673fee9ef9337c47b14c8f0753d848769124d6a0d726e2eb50ef252ad
SHA512 b1a4e20b0cd60a60312f253cadc78234d84f1571c09fc1ac5f85cb54a7abb74a963048f1d669684b07e43509ac07ace1fd9a31ab0c4beeb50c49d7063398ccc6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6f2cb76239694589e39e3c7d421c0f0e
SHA1 c9c0cdb7cfb53b559773db6be5cadf01b2d0d2be
SHA256 8bc4bc9cb2efdab15ef4b4eb8719851033a769cecee3bf5cf71759f7ddcfa4d5
SHA512 05c0535c1fe3349107a4d2476d393b0a46e0d604b5deb2f2fac801d90b18116e66533e7004c6df5fe267bc1572ce9e57dd8f71a68a446cb55b11870a55f47cff

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 36bfb31c9be07b50790feabdf094fa13
SHA1 e1ee3f7bdd4bb5d3d0f21506cf8424062a5bf5b2
SHA256 bf9542584788c419e47bdc50d2c688baa09859f22368736fd1d6b9b903c74a86
SHA512 1d9c9639808dd6a7aceafe81b4c15bc3139aae89402796687958a965025bf3a4041c1ee2ab29d6f600e71865c5734473e3910b404c8c91932f8c6b746192b319

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 1b1b142e24215f033793d1311e24f6e6
SHA1 74e23cffbf03f3f0c430e6f4481e740c55a48587
SHA256 3dca3ec65d1f4109c6b66a1a47b2477afaf8d15306a523f297283da0eccbe8b1
SHA512 a569385710e3a0dc0d6366476c457927a847a2b2298c839e423c485f7dcce2468a58d20133f6dc81913056fb579957e67f63cf1e20b910d61816210447cd1f1f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 54aeefd5da27453d6f83b37a4ea8379e
SHA1 a5d4c93a2b9d9cb5c495caa6ca61a36ba796beb9
SHA256 98863a0d8a8f8c82135646bed5acc0cb297e69b4f08b1920c311bebc5958dc18
SHA512 36c4dedbcec9f6d7524384cd94320f599909469f14c414934c55197c66722f8e4c62bb67bbfa7504575a9551e150be8ea645efdb53a8453fa39642256eceec9b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 9791312f24f400f0c27db6c57447cd56
SHA1 fb8acc52468221f9096142cc71c941e7332ace71
SHA256 02523b0f045636fe526119bbd8be4ed82ac561ca69ada810bb92fd090196e25e
SHA512 03f7563a206316cc066f9197a62d14e9a2a72c453dc79e527837ac02adca8affb0d8319b958808f3592d4ebd65f77ddee517665dfa7bd1bba5d54969ac36ad89