Malware Analysis Report

2025-06-15 19:48

Sample ID 240210-pk96zsdh79
Target https://github.com
Tags
redline rhadamanthys discovery infostealer spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://github.com was found to be: Known bad.

Malicious Activity Summary

redline rhadamanthys discovery infostealer spyware stealer

Rhadamanthys

Suspicious use of NtCreateUserProcessOtherParentProcess

RedLine payload

RedLine

Blocklisted process makes network request

Executes dropped EXE

Checks computer location settings

Loads dropped DLL

Reads user/profile data of web browsers

Accesses cryptocurrency files/wallets, possible credential harvesting

Checks installed software on the system

Suspicious use of NtSetInformationThreadHideFromDebugger

Suspicious use of SetThreadContext

Program crash

Enumerates physical storage devices

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies data under HKEY_USERS

Opens file in notepad (likely ransom note)

Suspicious use of SendNotifyMessage

Checks SCSI registry key(s)

Enumerates system info in registry

Modifies registry class

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Enumerates processes with tasklist

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-02-10 12:24

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-02-10 12:24

Reported

2024-02-10 12:41

Platform

win10v2004-20231215-en

Max time kernel

998s

Max time network

998s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9a7d546f8,0x7ff9a7d54708,0x7ff9a7d54718

Signatures

RedLine

infostealer redline

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A

Rhadamanthys

stealer rhadamanthys

Suspicious use of NtCreateUserProcessOtherParentProcess

Description Indicator Process Target
PID 1568 created 2760 N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe C:\Windows\system32\sihost.exe
PID 1040 created 2760 N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe C:\Windows\system32\sihost.exe

Blocklisted process makes network request

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Temp\Installer-Install-Pro_v0.5e.0\Installer-Install-Pro_v0.5e.0.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000\Control Panel\International\Geo\Nation C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Desktop\immortal spoofer.exe N/A
N/A N/A C:\Users\Admin\Desktop\immortal spoofer.exe N/A
N/A N/A C:\Users\Admin\Desktop\immortal spoofer.exe N/A
N/A N/A C:\Users\Admin\Desktop\immortal spoofer.exe N/A
N/A N/A C:\Users\Admin\Desktop\immortal spoofer.exe N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A

Reads user/profile data of web browsers

spyware stealer

Accesses cryptocurrency files/wallets, possible credential harvesting

spyware

Checks installed software on the system

discovery

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A
N/A N/A C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\CompatibleIDs C:\Windows\system32\msinfo32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 C:\Windows\system32\msinfo32.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\CompatibleIDs C:\Windows\system32\msinfo32.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_DADY&PROD_DADY_DVD-ROM\4&215468A5&0&010000 C:\Windows\system32\msinfo32.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_DADY&Prod_DADY_DVD-ROM\4&215468a5&0&010000\HardwareID C:\Windows\system32\msinfo32.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\HardwareID C:\Windows\system32\msinfo32.exe N/A

Enumerates processes with tasklist

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\tasklist.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Windows\system32\msinfo32.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\ECFirmwareMajorRelease C:\Windows\system32\msinfo32.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\ECFirmwareMinorRelease C:\Windows\system32\msinfo32.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Windows\system32\msinfo32.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133520414984266474" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\0 C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 020000000100000000000000ffffffff C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}" C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202020202 C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings C:\Windows\system32\taskmgr.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\0\NodeSlot = "6" C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6 C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell\SniffedFolderType = "Downloads" C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3073191680-435865314-2862784915-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4348 wrote to memory of 1232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 1232 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 552 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3376 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3376 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4348 wrote to memory of 3068 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff9a7d546f8,0x7ff9a7d54708,0x7ff9a7d54718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com

C:\Windows\system32\sihost.exe

sihost.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,8978023124659345266,10928827886723364365,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,8978023124659345266,10928827886723364365,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2164,8978023124659345266,10928827886723364365,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,8978023124659345266,10928827886723364365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2164,8978023124659345266,10928827886723364365,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3300 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9a70f9758,0x7ff9a70f9768,0x7ff9a70f9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1812 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2284 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3080 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3360 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4548 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5224 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5416 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5576 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5516 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=6088 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5792 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6064 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:8

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\Setup(App).rar"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3528 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k SDRSVC

C:\Users\Admin\Desktop\FullSetup.exe

"C:\Users\Admin\Desktop\FullSetup.exe"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1020 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:2

C:\Users\Admin\AppData\Local\Temp\Installer-Install-Pro_v0.5e.0\Installer-Install-Pro_v0.5e.0.exe

"C:\Users\Admin\AppData\Local\Temp\Installer-Install-Pro_v0.5e.0\Installer-Install-Pro_v0.5e.0.exe" -pbv7GRWoTgqGD2h

C:\Users\Admin\AppData\Local\Temp\RarSFX0\Installer-Installergenius_v9.9.exe

"C:\Users\Admin\AppData\Local\Temp\RarSFX0\Installer-Installergenius_v9.9.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=1888 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3704 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:1

C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe

"C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4984 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5616 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6260 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:8

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\AppLaunch.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=6456 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=6180 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:1

C:\Windows\system32\msinfo32.exe

"C:\Windows\system32\msinfo32.exe" "C:\Users\Admin\Desktop\RepairRestart.nfo"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6540 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5144 --field-trial-handle=1932,i,5874040371299489806,14104060269096699545,131072 /prefetch:8

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Desktop\KEY.txt

C:\Users\Admin\Desktop\immortal spoofer.exe

"C:\Users\Admin\Desktop\immortal spoofer.exe"

C:\Windows\SysWOW64\cmd.exe

cmd /c tasklist /FI "USERNAME eq %USERNAME%" /FI "IMAGENAME eq Launcher.exe" | %SYSTEMROOT%\System32\find.exe "Launcher.exe"

C:\Windows\SysWOW64\tasklist.exe

tasklist /FI "USERNAME eq Admin" /FI "IMAGENAME eq Launcher.exe"

C:\Windows\SysWOW64\find.exe

C:\Windows\System32\find.exe "Launcher.exe"

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe"

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Launcher" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1660 --field-trial-handle=1836,i,5120796689804824627,1909744318694160121,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Launcher" --app-path="C:\Users\Admin\AppData\Local\Programs\Launcher\resources\app.asar" --no-sandbox --no-zygote --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2452 --field-trial-handle=1836,i,5120796689804824627,1909744318694160121,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Launcher" --mojo-platform-channel-handle=2004 --field-trial-handle=1836,i,5120796689804824627,1909744318694160121,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\Launcher" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1352 --field-trial-handle=1836,i,5120796689804824627,1909744318694160121,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "Launcher0.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "C:\Users\Admin\AppData\Local\Temp\Launcher110.exe"

C:\Users\Admin\AppData\Local\Temp\Launcher110.exe

C:\Users\Admin\AppData\Local\Temp\Launcher110.exe

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher0.exe

Launcher0.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\SysWOW64\dialer.exe

"C:\Windows\system32\dialer.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1568 -ip 1568

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 1568 -s 608

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 464 -p 1568 -ip 1568

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 1568 -s 604

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe"

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\Launcher" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1616 --field-trial-handle=1520,i,3979572667660332166,10097880760645042668,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\Launcher" --mojo-platform-channel-handle=2080 --field-trial-handle=1520,i,3979572667660332166,10097880760645042668,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\Launcher" --app-path="C:\Users\Admin\AppData\Local\Programs\Launcher\resources\app.asar" --no-sandbox --no-zygote --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2428 --field-trial-handle=1520,i,3979572667660332166,10097880760645042668,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "Launcher2.exe"

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher2.exe

Launcher2.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /d /s /c "C:\Users\Admin\AppData\Local\Temp\Launcher14.exe"

C:\Users\Admin\AppData\Local\Temp\Launcher14.exe

C:\Users\Admin\AppData\Local\Temp\Launcher14.exe

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Windows\SysWOW64\dialer.exe

"C:\Windows\system32\dialer.exe"

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1040 -ip 1040

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 1040 -s 604

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 1040 -ip 1040

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 1040 -s 600

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

"C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --user-data-dir="C:\Users\Admin\AppData\Roaming\Launcher" --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1576 --field-trial-handle=1520,i,3979572667660332166,10097880760645042668,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

Network

Country Destination Domain Proto
US 138.91.171.81:80 tcp
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
DE 140.82.121.4:443 github.com tcp
US 8.8.8.8:53 23.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 4.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 154.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 228.16.217.172.in-addr.arpa udp
DE 140.82.121.4:443 github.com tcp
DE 140.82.121.4:443 github.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.108.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.169.42:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 42.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.112.21:443 collector.github.com tcp
US 8.8.8.8:53 21.112.82.140.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
DE 140.82.121.6:443 api.github.com tcp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 6.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 217.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 private-user-images.githubusercontent.com udp
GB 172.217.169.42:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 www.dropbox.com udp
GB 162.125.64.18:443 www.dropbox.com tcp
GB 162.125.64.18:443 www.dropbox.com tcp
US 8.8.8.8:53 uce2d173a079f1f6856de3fa636a.dl.dropboxusercontent.com udp
GB 162.125.64.15:443 uce2d173a079f1f6856de3fa636a.dl.dropboxusercontent.com tcp
US 8.8.8.8:53 18.64.125.162.in-addr.arpa udp
US 8.8.8.8:53 15.64.125.162.in-addr.arpa udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
DE 172.217.16.131:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 131.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 crl.usertrust.com udp
US 172.64.149.23:80 crl.usertrust.com tcp
US 8.8.8.8:53 crl.comodoca.com udp
US 172.64.149.23:80 crl.comodoca.com tcp
US 8.8.8.8:53 23.149.64.172.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
DE 140.82.121.6:443 api.github.com tcp
US 8.8.8.8:53 9.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
DE 172.217.16.131:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 api.github.com udp
DE 140.82.121.5:443 api.github.com tcp
US 8.8.8.8:53 5.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
DE 140.82.121.4:443 github.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.microsoft.com udp
US 8.8.8.8:53 jsonplaceholder.typicode.com udp
US 104.21.59.19:443 jsonplaceholder.typicode.com tcp
US 8.8.8.8:53 www.ft.com udp
US 151.101.2.209:443 www.ft.com tcp
US 8.8.8.8:53 www.forbes.com udp
US 151.101.1.55:443 www.forbes.com tcp
US 8.8.8.8:53 19.59.21.104.in-addr.arpa udp
US 8.8.8.8:53 209.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 swapi.dev udp
DE 52.58.110.120:443 swapi.dev tcp
US 8.8.8.8:53 www.scientificamerican.com udp
US 151.101.2.49:443 www.scientificamerican.com tcp
US 8.8.8.8:53 55.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 120.110.58.52.in-addr.arpa udp
US 8.8.8.8:53 49.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 slothytech.com udp
US 194.1.147.17:443 slothytech.com tcp
US 194.1.147.17:443 slothytech.com tcp
US 194.1.147.17:443 slothytech.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
GB 216.58.212.202:443 ajax.googleapis.com tcp
US 8.8.8.8:53 17.147.1.194.in-addr.arpa udp
US 8.8.8.8:53 202.212.58.216.in-addr.arpa udp
GB 172.217.169.42:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 87ec507e.sibforms.com udp
US 104.16.141.119:443 87ec507e.sibforms.com tcp
US 8.8.8.8:53 cdn.convertbox.com udp
US 8.8.8.8:53 sibforms.com udp
GB 143.244.38.136:443 cdn.convertbox.com tcp
US 8.8.8.8:53 232.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 119.141.16.104.in-addr.arpa udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.187.194:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 assets.brevo.com udp
US 8.8.8.8:53 app.convertbox.com udp
US 104.18.38.216:443 assets.brevo.com tcp
US 52.21.86.126:443 app.convertbox.com tcp
US 8.8.8.8:53 136.38.244.143.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 216.38.18.104.in-addr.arpa udp
US 8.8.8.8:53 126.86.21.52.in-addr.arpa udp
US 8.8.8.8:53 596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io udp
IE 108.129.63.17:443 596808a16dec4fc39413bf34b0a70240.apm.eu-west-1.aws.cloud.es.io tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.co.uk udp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 88.140.162.3.in-addr.arpa udp
US 8.8.8.8:53 17.63.129.108.in-addr.arpa udp
US 8.8.8.8:53 polyfill.io udp
US 151.101.65.26:443 polyfill.io tcp
US 8.8.8.8:53 certificates.starfieldtech.com udp
US 192.124.249.31:80 certificates.starfieldtech.com tcp
US 8.8.8.8:53 26.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 31.249.124.192.in-addr.arpa udp
US 8.8.8.8:53 fonts.bunny.net udp
GB 143.244.38.136:443 fonts.bunny.net tcp
US 8.8.8.8:53 images.convertbox.com udp
GB 143.244.38.136:443 images.convertbox.com tcp
GB 143.244.38.136:443 images.convertbox.com tcp
GB 143.244.38.136:443 images.convertbox.com tcp
US 216.239.34.36:443 region1.google-analytics.com udp
RU 176.113.115.226:1712 176.113.115.226 tcp
US 8.8.8.8:53 226.115.113.176.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
DE 140.82.121.4:443 github.com tcp
FR 23.162.152.167:80 tcp
US 8.8.8.8:53 167.152.162.23.in-addr.arpa udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 8.8.8.8:53 swapinclick.com udp
FR 195.35.49.154:443 swapinclick.com tcp
US 8.8.8.8:53 154.49.35.195.in-addr.arpa udp
US 8.8.8.8:53 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.4.4:443 dns.google udp
US 35.173.69.207:443 tcp
US 35.173.69.207:443 tcp
US 8.8.8.8:53 207.69.173.35.in-addr.arpa udp
US 35.173.69.207:443 tcp
US 8.8.4.4:443 dns.google udp
FR 195.35.49.154:443 swapinclick.com udp
FR 195.35.49.154:443 swapinclick.com udp
US 129.146.237.85:4876 tcp
US 8.8.8.8:53 85.237.146.129.in-addr.arpa udp
FR 195.35.49.154:443 swapinclick.com udp
FR 195.35.49.154:443 swapinclick.com udp
FR 195.35.49.154:443 swapinclick.com tcp
US 8.8.4.4:443 dns.google tcp
US 8.8.4.4:443 dns.google udp
US 8.8.4.4:443 dns.google tcp
US 35.173.69.207:443 tcp
US 129.146.237.85:4876 tcp
US 35.173.69.207:443 tcp
US 8.8.4.4:443 dns.google udp
FR 195.35.49.154:443 swapinclick.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 efc9c7501d0a6db520763baad1e05ce8
SHA1 60b5e190124b54ff7234bb2e36071d9c8db8545f
SHA256 7af7b56e2f0a84ae008785726f3404eb9001baa4b5531d0d618c6bdcb05a3a7a
SHA512 bda611ddba56513a30295ea5ca8bc59e552154f860d13fed97201cdb81814dd6d1bca7deca6f8f58c9ae585d91e450f4383a365f80560f4b8e59a4c8b53c327d

\??\pipe\LOCAL\crashpad_4348_HSMCWLGRNLWYZZFX

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3a5357161303f942c38e625f686416d9
SHA1 b1796c2cfd2ffbb0880d124ec23e0c886df1a80e
SHA256 f198cc90643b73f86407c708e165d721a16a0ea0d4043db52d51e912114678ad
SHA512 ea46d75d8ee699c2d3b01c9feffec7dac4e28ba144dccd84a8936f429e5ed09a29501e13225be02d307ccb037f38922edb32fae9fdaec3f799fddc7746688171

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5c0d665694140124ec221b664c4c9dfd
SHA1 087b96cf1e9a01004be1db224d5b74793d03fc02
SHA256 053c215e57d31fb8c2b8e2cf1bbc327b23579d8756e90416a6beae068893ae79
SHA512 b9db8a30ae015ddd28017404f3a8908de29da9f771dab0855086ba7dfda7d0fb085df4eb45a6b7b2cca7f9e4c461945f9abedbc2e5b6a581beefa0e1ef8966f1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Secure Preferences

MD5 e029efe70912cf57d40d04c01776d41d
SHA1 94eba5604a8e4523d23565ac3ebcdcda4005e4eb
SHA256 57cd696aea3594a27f18b3636da302823ca687c6a326ff9ed2b578a23a96ac37
SHA512 3c380b2c1530a103030562135f9b71eb36a15c49ea96082f64f717e7045ea578ecbec2d1f53cd569d720f7e37a3c091f9bc6ff3dfecde6775658c1c51a03f01b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 82df17c0b52c292f6b7176da28dc1796
SHA1 a57fbbebc5c0069a83fcf0fb7bbf725034d2909d
SHA256 d4a85ecf7a0ea522d71d1a49afdb52c84c5534a6fff887f04869fc0f250e1dd2
SHA512 a20dae0273c019302c90e0f644cf393e32282673aea8b45bd37f2fcdde4cd7c8bbdfcb2f9112873c84eee65e7142d304c00c2bf04917feda0b5cc13fedded293

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 af86988b996ba24ae556e40eadf76b7e
SHA1 f5443969f93cec47e14958057c0446382cb3b4ea
SHA256 fa21e40693dc091f97284cd74cc205f0099fdf3aa8df96e5f3f226129dbd6818
SHA512 1ef3e3dec3dac46c59be7132041a3d9d59159c16bed17e1b297954e220bb4da93d9b77671a5f19b77fed05f5aba1cab1317d4fb1c4950126b1beb638a62f29fe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3f67c59631186edcf7142d8608300abe
SHA1 e340d0a575656ebf7a15f026253f38879a1eaf6d
SHA256 f4f7e2a558ef2fd5f4dab2708fe9b3f950f35086445217b182d3adde6a8c2d99
SHA512 683a4a3b51b29c1b3dc867529c5afbf712c2631bb9e2c80898caa2a3b74fba117907b42c072d0bd1c03b0a3d9959840cd344170ed143c0422fa0126785dd750b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6720139d99bf336089b20e3371afe7d3
SHA1 d68b79b47510a9117b4ef16d774930ed9a35626d
SHA256 7d6759832aaf7cb9ab8d876a8ee11df2636a5b2e171c45f43462e3f73abee448
SHA512 25412c2e1f2afd0ab0119294e3a2d62fe16465b4e39ff50038f48796e4ec3136c4c922ce140c1c3d1d27aa7270ce4cd91ce36ed41d62dffaa18b8236f8a08aca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6dd54a16b715e81ca1553fcbabd569d0
SHA1 5b010bbd16c1a702bdb7dbea1b82371888fcac2d
SHA256 b824fa936bad3a276e8380d1c73f50aea5393403da34fbcd79da51cb0bc36666
SHA512 65db3f4be4f59374b04062dad14ff0c0c702e81563fa05e294a9b666f58608a40e958f4b9be93819596134adc88d9f703f875c163ed878a5c866136d18c8f63d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9757113e1b7219ed9d24ec88c8629702
SHA1 60c78661c30085be6a90018fb4bd2b9f616cb6e5
SHA256 9ade5068819628dc5cf66ae79d1be595eac735c9b3ae64e4f2d57df84428307d
SHA512 d9a0a2fe5fb758bc063171f1c68be7be186912c6f0c6864907092261b9fff997afcc46d80ebfc7050317f803c77389dbdc9a5a3dfe3e3bdeb16c94b8e79d1c97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 8a3cfdb39284f26c5f0ee80a7d5cf713
SHA1 9140f39332a8760ad6f48331d6909d479bb48258
SHA256 f3e29e5d5f77d11693a83c8b82bb05249169720508f8a0e04c66493ed86fb1d3
SHA512 021c181962013f8dd5ea8c938a485a1906304bfddcb7706c005ec8827f9735130ad0102f63888edcc5054b99413c8c2905f6ae5781f51447540fb778f4c047ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 657ed1b9ac0c74717ea560e6c23eae3e
SHA1 6d20c145f3aff13693c61aaac2efbc93066476ef
SHA256 ff95275ab9f5eadda334244325d601245c05592144758c1015d67554af125570
SHA512 60b6682071ade61ae76eed2fe8fa702963c04261bd179c29eed391184d40dc376136d3346b3809b05c44fb59f31b0e9ab95f1e6b19e735234d1f0613720e532f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 4b4947c20d0989be322a003596b94bdc
SHA1 f24db7a83eb52ecbd99c35c2af513e85a5a06dda
SHA256 96f697d16fbe496e4575cd5f655c0edb07b3f737c2f03de8c9dda54e635b3180
SHA512 2a3443e18051b7c830517143482bf6bffd54725935e37ee58d6464fac52d3ce29c6a85fc842b306feaa49e424ba6086942fc3f0fea8bb28e7495070a38ce2e59

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bf770ef43a483648c72dbf82ecf1f7f6
SHA1 981713796efdef344d6add1807e1c8bef059d363
SHA256 f1a0b04056b229ea906bce648c230b7bb9f955e0f8a49f2d23aa35de32742b9c
SHA512 65b8da338833301753fbaee1f668577693c98583c5ccb16a3508b0ffd6ce8e5106b81da815bbc9773bcf9fc14fb6b3c95c388807f09129d2f3f877d0138620af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9c8d920888770dbeedaaafef31ac80bf
SHA1 109dabc43f96ecb98610a8fdb236037bdd2f73d1
SHA256 637c2bb7fd83ac774f8809c24734cd4670885b708abb93fac89e02636e153931
SHA512 6106005da36e96c86187ee132cabd36af3d36a4dfa13fc9bc0ddbe94bcff81ed949ae536baf5c09189acab17deff282deb17be1c0a80ea1e47d6089c8c4ba5f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 8b2813296f6e3577e9ac2eb518ac437e
SHA1 6c8066353b4d463018aa1e4e9bb9bf2e9a7d9a86
SHA256 befb3b0471067ac66b93fcdba75c11d743f70a02bb9f5eef7501fa874686319d
SHA512 a1ed4d23dfbe981bf749c2008ab55a3d76e8f41801a09475e7e0109600f288aa20036273940e8ba70a172dec57eec56fe7c567cb941ba71edae080f2fdcc1e0c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 063fe934b18300c766e7279114db4b67
SHA1 d7e71855cf6e8d1e7fbaa763223857f50cd1d4bd
SHA256 8745914e0214bcd9d2e6a841f0679a81084ef3fc3d99125876bee26653f4253e
SHA512 9d0dfc21306b3a56c2ecdf1265392271969e3765e161e117c8765125b34793e24458217cf6514b364f351f47e65baaaf5856be0d13406a789f844d6ba8c7075f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 2f3c7b5f9221520efbdb40dc21658819
SHA1 df12f010d51fe1214d9aca86b0b95fa5832af5fd
SHA256 3ba36c441b5843537507d844eca311044121e3bb7a5a60492a71828c183b9e99
SHA512 d9ed3dccd44e05a7fde2b48c8428057345022a3bcea32b5bdd42b1595e7d6d55f2018a2d444e82380b887726377ab68fa119027c24ac1dadc50d7918cc123d7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 5c848f21375fca8bdd155347516b2d79
SHA1 f7cbbcbfe3deb43160b60a6a381724d1ad3cce00
SHA256 02f4d8333d1f16ef029c4aa3de40e24972100cfdab823db61a2439378da4804d
SHA512 4c6e175c5a24c12a15337bcb702db15a87aac19f2d3f2cc96be855a756c00b904651ad1472aabf6c669f56c6afa8dada3762febe2c82baaf46782e62b0f042a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 5d04a5aed02ac5a2f8a4269a6c2570b5
SHA1 727f0be60a1bd0abfe72a018e5741204006d5f03
SHA256 7d8edeba0329989214034e43d9b5c089bb187c2082dd29a811cc766ad998c258
SHA512 88bcd58efd108cacc3818994606e9fd58f0fdf59e4a0beec4be6081f49d0c236c08168ae9a8b975e7a8955068d4fa2765d68506e5a042bf2a962393aedcf1961

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7aaafc4235e36dd651bc1be0922dc295
SHA1 d5cb0f43be333196b29eedf2e57b148ca0167609
SHA256 b1e81011938e3c00d701fceb3bfe1e782aaaf0267169ca37be4697984bbdfeff
SHA512 4d9c44aa9706aad3a8e2663871a73d961bf3f06fc213fd2608431f270ed7fdb838ed180286c73f9846786e1d4f835732ec301a7540964934cba6c2557e44fa73

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 969efdd1b6b7d5c6249c929b74b94b7b
SHA1 f4303acf060cc0c1b1af81a8a7768a87b447cd82
SHA256 875c6ef1dff062e48e95fbd5d8b0c3597d0d7578b8c606697626769a8d42f393
SHA512 4963045dc22362c8600fc2ede2a3c463a8ce579c0214fd790bf3b636e4d8be3abf49fa41a556fb5b2c8adfa760dacba1720f4c18b94d45707cc1c36eaae7585b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\2ce964da-22f7-4916-9332-f33aeb3e8fb2.tmp

MD5 220c878191e69e5a5c06b6f648ee8ba1
SHA1 1075de8142eb7611bf0051fc7791d942896938ab
SHA256 dcba7a997cac70dc25b4bc8e2b490d1c9f8e2cc729a7a12a24d5b44e26dee333
SHA512 8029e2726c14fee5a8bab17ac9e71d7cb83b8a18c279c9eaebb160a569414919b5ca53fcce71fcf7819117d687bca22d4e1adf41abca35a5dd0f11e02141a6c2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 64bad2fb79fb070e8f54e7ad174dba17
SHA1 b34156bdb8718668fc8d060adfac55dfbde6bd51
SHA256 a90097d59b29cfd19dadd44e0617112f82e9a21bc7f7185f1300b12abb25acca
SHA512 1145139a04421ed6d4f0f1694dd77ca80cd108cb7defdb339f6d86d0df48adcbe620b5a502965c3201f485a6a24a04db45a0ff3a7550801ca1a448fcd1bbbac4

C:\Users\Admin\Downloads\Setup(App).rar

MD5 64ceb9e6c2f5514edaaa0fb6b6856e71
SHA1 9cfabe3448f85de3ebf130eb8fe5375503fc5bc7
SHA256 4e3988d8c91c59bfe0b749004bf9559ccff63b523665974dcac6b87d13cead7f
SHA512 db5281bcc52be6b31b233549d4fae77f6cd15b7695446f6a1da4d999e7bd392a79dea228046a695183e239c865c665a16b3e78ab9f570f1a46dc98b2c8fcc32d

C:\Users\Admin\Downloads\Setup(App).rar

MD5 a9481522f86b55047e4e0e734fe89adc
SHA1 0bb43ad1b92434b0e1f1b6fe884cabaf0f1dcf07
SHA256 db6adb85f1ba6e05f9c01953d7332661c740909824e808a1a2e95d8372ad0339
SHA512 19c4fb2d88455543f403b58119f840ed5d2e941415b709e08b063d38c625af087845dee620306983706b1c95d2aae14991f94b696383e063cf487e4ca21aa6ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 05d02c32f417bf33732d023bb20b7b25
SHA1 d1bf50d51e8155f8e43a4127c28ec71bfffbc63a
SHA256 5e223050f194c5b5846a703999cddc7d44c389bbcf16ff2123afc59400954835
SHA512 8ca243ed4a05794b9c6829ad6c31bdae69fb51d53201c6c55d1d9a4dc617711e859ffb7d20db228429e55b7488ece57a039319535e7cb8314ffd2ece88b0c78d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e74379915fb7aedae24b657c7f26474e
SHA1 581784bf5680f257d0a0f6ff3b829774fd018407
SHA256 e34c96c395a0adc5fe7506fe5965235170518725757ad7e170a78bb999888bed
SHA512 1de6806f771f06986d7cca944f7143fffecd5113a586ffd9e0be54b5fb1d2ca9670a6b53891924381eb0df986b4cce5aaa232c3a3a16c6c4745729e767106bdb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 aa483d1cd1edb6ea26836877f25dd32d
SHA1 f29ae015679b9dc56135ab54d09f59a3078aa3d9
SHA256 147793a8eb927c74af5eb50cdecc2e56946a0a5f92762914d870c04b5be395e6
SHA512 b395a388d12620797d7cda67750af53aff6502aba0a9edfbb3741c1f074a25832d48b869f9d7a5d9e2ca7bc5b4e009150f30588be3772cf01394f3c51d73a548

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e0605d57c2f2bce88e31f42ecc89b94e
SHA1 7ddff740ddedf3f5ceb7451581a1265914d903b9
SHA256 f4bf01fb34a26ff3ca60a20b53d01fca254c20bd8a5da7a19b6a4852e479bdcb
SHA512 63103a6698b3c81e3891145ccf2a2912e34244b78357eefb2c0f04b94f74bd5fda7d7c4ffa3e7c9e1d919e8e5e5788c20aacffed7ecb5a339dab33b148b55fc2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe591c58.TMP

MD5 3fa5953f1f232117ad2e80f5c7c95d5c
SHA1 8fa70142e06f7b516de483e8ee2559d402d48d65
SHA256 3d7b7fb8de60b8c970f9ef7c82327b38d854759441a06e5d2838f20bd493f471
SHA512 c172447de6017405c8e7bd69892a05dafa412cae9c22cd2392c7ead14a697a1e02ee2b59f024769711601be01e24d7a1a5c50a0447055918e5b4ecb8b5ee4b8e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 aaf05d83214325653d2929d637d0ceb3
SHA1 b48ad848fcdf98f9612c6b7d72feed792f584926
SHA256 01ced3cf4d806b65a95efe29d6c1c85e77b62b3296fd679b18e5ab284664b291
SHA512 c5e251e53729c9a503a493dd560a35bb2a468a060774dc33c46f18d93d35ddea74ddeb682f9412a0b4363a3106d6a48f9b3296a7271a7628761fa7fe1d071902

C:\Users\Admin\Desktop\FullSetup.exe

MD5 c67dccf63f74afdff161f9835a5238d6
SHA1 931ed9c20a9f347d5ef1da1dd7b7b1b614a71447
SHA256 2cea090248f6d27515966cde741aefec4d3c25d27fe3500c211c5a93c5521291
SHA512 c6f09de3df2df08ce1f548c100a4a4449421e2d007ce252091008d6bfefa757a3f049c07a3376b5c2b696aca846107703b6cc656342afd53f40fb8c46287839e

C:\Users\Admin\Desktop\FullSetup.exe

MD5 508de67aabab8e4d87057c66011efb80
SHA1 63ab6992da00bc885b74ecfadacae45542b70fe4
SHA256 b33e50fb72cdb00381638a455d2e1e886ebde89e725e8b1ef805023f0b260199
SHA512 d4da12f5d48d5bd6cfb8e507ce81d7b903c889611e603461a75377e87f03014ade97035f8fbe821b3a258f56aa73bc5b9b0a0a54cf837e8233b19bbd3e1f57d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 822e3fe7ff991d837388c06034779cff
SHA1 682e0f05b8937e9aec22cc24f655290db60e6327
SHA256 a36ca2d79fd7b5f0e8daf3e071db9e76ab60b22fa15ec2a86ff36df5f89b268c
SHA512 104790b5d3ec23d69954263397f6a6f07931f168f034af26c5b1016d889d03fec861cb67512408e3678dbc4127fdd818b6fba9e1cb21be42c2fe5e077c4c6b89

memory/4316-2134-0x000001EFE4F70000-0x000001EFE4F71000-memory.dmp

memory/4316-2136-0x000001EFE4F70000-0x000001EFE4F71000-memory.dmp

memory/4316-2135-0x000001EFE4F70000-0x000001EFE4F71000-memory.dmp

memory/4316-2140-0x000001EFE4F70000-0x000001EFE4F71000-memory.dmp

memory/4316-2141-0x000001EFE4F70000-0x000001EFE4F71000-memory.dmp

memory/4316-2142-0x000001EFE4F70000-0x000001EFE4F71000-memory.dmp

memory/4316-2143-0x000001EFE4F70000-0x000001EFE4F71000-memory.dmp

memory/4316-2144-0x000001EFE4F70000-0x000001EFE4F71000-memory.dmp

memory/4316-2145-0x000001EFE4F70000-0x000001EFE4F71000-memory.dmp

memory/4316-2146-0x000001EFE4F70000-0x000001EFE4F71000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5e916077d2042c3f605ff051b8b68634
SHA1 13f1367d058b588b3dcf7397f5998a779aaaf9aa
SHA256 10b209f8fe4d17319847d79ab1c96bea195b12ad27bfe963237a45532966d5ca
SHA512 303e46564fb277e65509c0733ba284138c8e9859adc6c50f2dce9392dbabf01328561b988a05d972699676c77f22f3fb5e2fdce7e5ae1c71cad6d3b2936b028a

C:\Users\Admin\AppData\Local\Temp\Installer-Install-Pro_v0.5e.0\Installer-Install-Pro_v0.5e.0.exe

MD5 378e5680cb37e219bf038981a0cf1cd3
SHA1 fd6513634441fe43293630e87af952adf8c84d01
SHA256 523beee2e5cafaf69ec5c5a183c2973617f3d4499d201602656fda7aa70624b8
SHA512 49dddf519272fe70af829822f8693f83e4895db6bbd227b891c10886750b7645104ca0abeb315a3334a4ad0e450a303671a8dc2ec7af34e417c78f54ed4e8564

C:\Users\Admin\AppData\Local\Temp\Installer-Install-Pro_v0.5e.0\Installer-Install-Pro_v0.5e.0.exe

MD5 aa49b4de2067e0e71d4ce856810e4cd8
SHA1 5dc4a99b700d74bdd2a6e75a546c3e29a9503153
SHA256 fb8a4af2c70d0207bf98e98b2e7510eb4c1f5dd3f8aad6b18215bea5ccda4d01
SHA512 378c77b56f1287cc240518f8d917a8cd0427f699bc46affde917a3d43bd1c813bd77f81cf2186f1777feea1b44c20da0698e5d8c1c9b0839974d2df38e6291a4

C:\Users\Admin\AppData\Local\Temp\Installer-Install-Pro_v0.5e.0\Installer-Install-Pro_v0.5e.0.exe

MD5 9c6ad195a4cf3470d1af393aa3b70196
SHA1 3159e463ece9cec2dc8bce02c28251248b4a6ce6
SHA256 723d772d8e2f5a1edc50039f542e47c14f7fe2b329afccf6c59ac6c9daa73151
SHA512 d5b987d2ff9b4410c859e48a1d305f70b4dfca2b8b6a9ff511e870b439235676ebe884345c543a1070488395be2d574d8342c7e6dc82a53ea1061274b9290834

C:\Users\Admin\AppData\Local\Temp\RarSFX0\Installer-Installergenius_v9.9.exe

MD5 e05dbe925ff93382d100395cf4dafeb7
SHA1 a938c6ce03a26a19406ded2d290f0ddb05b08d67
SHA256 c5eded4ad747fe4b39f677838be78e3a8e2386288f948d29d87fcf184b01d3ff
SHA512 6b139c4df8deb512de52394c0468194d971830ad40c2c036f91e31bb95c67cc5208196d77cc63148bad3fc7217bff91d1f1014d7e93b55d843433dea7f47e6c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4c6607fda6cce50366d747541a3c213e
SHA1 0b0c7e3d43a533b602f02eb74c1658a2a4af3234
SHA256 1184cb84e883d5b0cb80236acf7f872786f3b7709b6b53a4c33f8daf8780087f
SHA512 05d4bf93d070935e477276c3bb728e62a5850a37822d7cc563295329a01599b624265ff6cd4ded7cf5057a93b66ae37fd8e81e4aa8b2607e03be70735b498d42

C:\Users\Admin\AppData\Local\Temp\RarSFX0\Installer-Installergenius_v9.9.exe

MD5 4bba717effc5598a0cb06e568a0a3cc3
SHA1 6eb079aacdafbfafa58267c521a988e7cbd91a43
SHA256 1762ac1f3cdc43cd37a8e6ffddcf38882f0d3da0476102db86feaaaef78007fb
SHA512 6c0e59e0f72722ea49fde1af74fa233580627d8feb5289b8050222a45bd9c3c3f5d5afe57d676ec2c95bc0e24c097a2b9dc799df42e88c0a21e776cc066ca969

C:\Users\Admin\AppData\Local\Temp\RarSFX0\Installer-Installergenius_v9.9.exe

MD5 0b6e52578443845cf35b0921732b0f32
SHA1 803d9c0cda3eea0f6be4e410e5985be22cf60e26
SHA256 ed07c7f772a1a272b83ae4045c384acf551b5ae8047b4524ce8e8da84cee2e8d
SHA512 6ffe336b62403443a44c678d5ab325c65a8397e23f2826c15565a8b7451bc7410986a17e09ef664346dbf1d29b94ca775be7d6f1d3c3041bfec0d5d78e614089

memory/3748-2191-0x00000000730D0000-0x0000000073880000-memory.dmp

memory/3748-2192-0x0000000000B10000-0x0000000001B10000-memory.dmp

memory/3748-2193-0x000000002FE20000-0x000000002FE30000-memory.dmp

memory/3748-2194-0x0000000030470000-0x0000000030A14000-memory.dmp

memory/3748-2195-0x000000002FEC0000-0x000000002FF52000-memory.dmp

memory/3748-2196-0x000000002FDE0000-0x000000002FDEC000-memory.dmp

memory/3748-2197-0x000000002FF60000-0x000000002FF6A000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2154a3515d014ecfe1de917962386c49
SHA1 686f10d3ebd2496920932a5c0cb840317f40dedf
SHA256 92ef626143cc7e595fc7d69e2629f91b89af3d1678402878bdda83bb4e78809c
SHA512 8042be141a8396dd1e96c274c8594c46bdbd8446c9a25d6b733b27b2d62afa3914a127fcf1935826082933ef9c8c95cf173d58646cd000af7574503fc848bd09

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 625674af69ddde767c6796eb26a514e7
SHA1 916a63877eb72175fa5fb9f72794b75503a9dbe5
SHA256 e63a9f551661c50d5ab7800f6a0d2e74a58c0d5b35418179568781a9d3bcb4de
SHA512 b7eacb9b5f220e256aab4fa61e619f4a6f546e7819a1a640e595258f8bb83dca13618c466d0e67bc33a2ff7dbe9e0787cd2724a4646fcbf87ac485989c214f9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c5020879e1984256b388e7c0cd81a133
SHA1 d6a83ba9ead27a7acc1b97b4e35741c0dfa6af86
SHA256 ec6c62b63d9c9bc5f8f346618747734ace6cf54a7f8c1f66d260a2e414d5b1d9
SHA512 fd73fab14007ca678b31be12d2098efcac445be682370d700e231e7c0acda869c0144cff5283f3239570cb96ae910524fb4eaab721e82f15457e7c5950229c1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 308ece807a3260cf5c1f0cb850db61d4
SHA1 9ac3a87e79e0892cd86fd3c91d0f1998607b295d
SHA256 cf1950fd4dd6674280e12eea69514aeb5e08aaf72ca7a38b64ad7f965e351356
SHA512 c2e5d333cad4735763aea952c771281b3cd04e8ddddf2021e7aaebedec6f8b270031fa2bda6ea76aff971309cc344233bfec64a7ac770d8b1253c16db68dcafd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4bd798f254553494327f75291f1dcd75
SHA1 b29853eebfa2f86e45b244df3861a77804bacd21
SHA256 df491112113d84eab124663e7154c8f065f2d08f492d7dddf83d42d3c5ac9b8e
SHA512 0796a2d894e2f2b22f4e593716d0ceedf3006a59d2b86306eca8c5f879f9947dcdc5ac3f8c067f16da57c94f2566175197cd34593ab5cc3f8b61470e5065c801

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 6b5fd90cad7ff08253ddb3f88d314b9a
SHA1 af1039a8bb84ebccfb1bea7cf1286185cc336ebf
SHA256 8a7db6ebb5b2b6a1bc0bb73015e77c1293518419934b9bacfe6a43aaa06e4865
SHA512 bd0342bc02fa52fe285098d91306de8466bf509e60bdf93f46c35dba1b5e4a12d4f7b4f512414a5dc85c668e40e20cf1ef7ad59c5b2927c6f82d5557d5cd1038

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 3ad87fa1647ca15382c4b0defabd01f8
SHA1 5cd12b0fb37fd09565607c69f8277c8b4bb9884f
SHA256 a75a0450cd2375c50d9e0dc186e8cbb31821fd5fa313b5f8a8876a1b0ef0defb
SHA512 3a5462ef3c19e25b0fec53cb743a268dbfd14efead86cc2f2a6adca910bc5a97e2d692db6e3d05dacb2800c79d4383ebaf6359c9cd6e04242a36f390e676ef44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 dcd7a228de90bd542cc1f7239e210114
SHA1 91717b4f9cc112ec1c3de36327b9ca34bd25e5db
SHA256 627cad5306c97d882489bade9e48bf749ba7c3fe07b9a6d93d1fd5f2cf3cc569
SHA512 01a6dd8181c48aa876ad26b47768f7f18c8d6c72d3fa011491dd2e95701551ba5d0ebca8d5bcdb86aef7f34189edcb22660caeb789239e7b3d6620cce71ff829

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7a2a8dc2142ff08a6016a2ff0b1756aa
SHA1 c3e1762cc111e423c97cac0513b32fa963db8891
SHA256 622200fd9364ce8e8d9eef61138694bcd6a64e32ff2367ad3625522fa9c472e3
SHA512 1f93896371e40a391781d644cf1fc0410e1eac0b8928a64138dfad3bb19759b7ed0d013cef35b1dd13d5026067b877012af7fa1d65cadfaf3d63c10e5d639322

memory/3748-2511-0x0000000040A50000-0x0000000040AB6000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f7827d2530617737cb6ec1bf2ebd98e0
SHA1 6f2ccd970aa38f675afb358b33b52a413efe1c74
SHA256 4656207a1bc43e85c679f68e463a296a21d1de120a5e2f7763eb42ce7b594bd9
SHA512 db6048a89a3878740361490206b5899ce12f49856487f34f98b666b85913ea406284ef724a99bf7e7ed184e5e0bc09abce1bc674087795369c69934ec7c92fc5

memory/3748-2521-0x0000000040F60000-0x0000000040FFC000-memory.dmp

memory/3748-2522-0x0000000041650000-0x00000000417F6000-memory.dmp

memory/3748-2523-0x00000000730D0000-0x0000000073880000-memory.dmp

memory/1568-2524-0x0000000003070000-0x00000000030A6000-memory.dmp

memory/1568-2525-0x0000000005AE0000-0x0000000006108000-memory.dmp

memory/1568-2526-0x00000000730D0000-0x0000000073880000-memory.dmp

memory/1568-2527-0x0000000003150000-0x0000000003160000-memory.dmp

memory/3748-2528-0x000000002FE20000-0x000000002FE30000-memory.dmp

memory/1568-2529-0x00000000059F0000-0x0000000005A12000-memory.dmp

memory/1568-2530-0x0000000006180000-0x00000000061E6000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\__PSScriptPolicyTest_vjgzlysd.x1j.ps1

MD5 d17fe0a3f47be24a6453e9ef58c94641
SHA1 6ab83620379fc69f80c0242105ddffd7d98d5d9d
SHA256 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7
SHA512 5b592e58f26c264604f98f6aa12860758ce606d1c63220736cf0c779e4e18e3cec8706930a16c38b20161754d1017d1657d35258e58ca22b18f5b232880dec82

memory/1568-2536-0x00000000063D0000-0x0000000006724000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8ad11726cb0a1e594fd1e52efe868201
SHA1 834f4a3e7c85af15522aae429c5d07cbe603b1db
SHA256 098641114bd53ecae5ff2a2c15ed6d04763140556ea043bc73eb66076c471674
SHA512 4661c4eee4290da1530496fc5d1e8ef91fadb018757922a6df3ed3895b71078d7c1d9dd0059174ef62bb83b294f1a8385b5fcc473620c9c09d4bc443b0b67c33

memory/1568-2567-0x0000000006980000-0x000000000699E000-memory.dmp

memory/1568-2568-0x0000000006A30000-0x0000000006A7C000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f7c12079e1ee2ff684da3b6af6eb596b
SHA1 6da60a365abe3f56cd6c65780379deefdb3e4532
SHA256 190d628ab04b8eab70bd055cbd335900524425b4a80363cbe4108557b5b891d2
SHA512 d84860d951ffb75b77586d403ad55ef3c4444912f95aa363336887ceb2bdbec8ba54dc1887e14ef6f9ee7ee5a794f35d7ab8fd42a00bd8689b62af0ad06701b7

memory/1568-2603-0x0000000006F60000-0x0000000006FA4000-memory.dmp

memory/1568-2617-0x0000000003150000-0x0000000003160000-memory.dmp

memory/1568-2618-0x0000000007D00000-0x0000000007D76000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 168acdb31232817a0ae12f37644689d7
SHA1 5755c6b6994f602e0e3f7fc80ec47b66c6f7b3a5
SHA256 47fbaae85b24eead453adae8d28a4068cd027d7d7c2256b5b261f05d80f749fb
SHA512 95c575929dff051d4d1baae2e2fa32a6171ceac4e6ddd0dc58c6930abdbc08713ee17a9ec8ddf9c6b8ee506125e0d2addad58ec263def94bd4266356c972bacc

memory/1568-2633-0x0000000008400000-0x0000000008A7A000-memory.dmp

memory/1568-2634-0x0000000007CE0000-0x0000000007CFA000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b69d984b9134f3b513069934247a74bd
SHA1 d512e06a47300efaa69463c88873b7c31bc1b756
SHA256 5ce264026710e77b6ec4b75f75475a3ac8072548ed304f1c23ba096f8ed2b94d
SHA512 8587a505fd01c9e30a51ab17c1198170076a8916a4f722ca57c60454c34c5d8ad029271c7d3a4c7f44396d4874e48ebba9aea1c718789db0906422c7137ba22c

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 2709dc82969dee5c4a9af54cb23b37d2
SHA1 708858600f9cd39154789d82fa729d02dddc22a7
SHA256 a280fddc48503d28a26b90f86490175cbcc64103303063f50154d7b840f08d0f
SHA512 82474bfde0830ecce58d8da778f21be00b946b0acd25e1c66b4ce32fc4301f186fcf5d7a2e225954b88ab46ec3f04d08703e1e3e7ddf1ecf6c51ca61b157f57b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 4ed79d3f1ce46f245bca0707a9e97c14
SHA1 6544c3f2d5892bb1fd9fac00abb596f0b7204542
SHA256 95de795e75b30b39fcae0cc102afa9daa7cd29d44b25c495a7d8c3990f22dce0
SHA512 5f7084019de58375ef2c7224b6194244add85af03096ff4b9e26fcf37796e1877c22941886a59ccaf3dae7f44262f3c103452356b67e14d94e222441c690f229

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\ac4d79bc-b799-4b5d-96f0-c094c8e5b1bc.tmp

MD5 3fb63d1f63ee877e3402040180dac728
SHA1 52632a9e517bc1c9d656be04ed56c778a57fa0ca
SHA256 fd29fa00a46783aa231c724eadc9d59fed9e1c64a8b80391bd7f0571a802f684
SHA512 f79dcccbd81aef3ae4d7307e6630da2e46d8db4c868f958b02021f5f103fbe395b156fb3276f9ab158b37a0c3417ec7fa8dd9e9616cce784257c1dbbbcf54603

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 abc955d6557e145a83a053354c314804
SHA1 bef977fa84a8e6e75edf0c57d4be033e4416df67
SHA256 16edfd6729101315d83e101a251f494d869c08029acff02ee11d5d427099d398
SHA512 d29bd9729548f86e541eec917c4b16075653f4c85d68aebb359eb5cf2d3afcf2fbed5cde97f2389f6bf899089ca18be7e1e643b3554fe382b0ebf6e6d4f95870

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6ec05e943dae3b695a225223274c66c4
SHA1 7dc47f85cc0f13cf7ab14c3aa91cae56c56b00a2
SHA256 33bf6ebd6580dd709425dccb50495a45c8bd7670a725e72b76992470136651f0
SHA512 023bc7ba84cad60a14fd1439ff3458ce1ed885093708994e2e18e6fcc72ed9b716601014b77ad7a6d0e301ca8e00fe6e23e59587b1d6c052e67e27c625443cab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 958f87a8cb9f840f9c9d3d7856d2376b
SHA1 c9352aaf8bd902ae72fe43f231659a13cef8b531
SHA256 d0523ad131d48dbaa3076356948277471cc56e52d282225d0c5af8ed713430a8
SHA512 0156bb935531bfc81611db59ddd1a71157ed04d3c2521b892dee6f79a04ac13a44564755748a7b44c7672cc70a7ce745095f635b4e26f76b121901bca13edaa4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 951dae57af8383040d5298b17489f0c4
SHA1 6b92fbe5e6385ffb4df9362699715430fbe4cf7d
SHA256 e9daba3f0f7c6ea2c0d1800419224ee96cbd9d53c5aacf4d3c1e402cbc629fc2
SHA512 6b162e28c5aafd713eab0dd46280245e64f8b0d891d33934e410cf920ebf68e38565f83a94a2e8b354b7d003d5cbb02e24dab5b6f61fb26546e8fd39d87974b1

memory/1568-2735-0x0000000001550000-0x00000000015A2000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bf3204afd03ee938df3e5579175a39a2
SHA1 3fcd32ef36fbc4ccb9356099756103aefc653f37
SHA256 376be4fef6d3db81d3d71801dcde95be97eab07c6ef88e872223f9615e24185b
SHA512 34d32a92e0ad300232169a49228bff640feeb954c0a9b76fe0511b2c34459200f89f0ec63757505bf9073c46edd8e16e5dc157228e7bcac13b83f1e73f8da434

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 70871ff0be2e46a84e43f3aaa492c376
SHA1 6028e82c502d7c54b25ae85cab712199dc40d5fe
SHA256 1c4abfcc0e9d7d7122f6a9c86f0c061119cc78761f8464486b8981ff82cf7477
SHA512 9ba2d0149fb4b87725e6abdac2a746209c5652d2a1afbfbd5910c19897845c26c1cedec6fa5cfa7da4ddecde214ce4667f4dac9f9c23f3e195fcd3c50680e03d

memory/1568-2757-0x0000000016B60000-0x0000000016B82000-memory.dmp

memory/460-2760-0x0000000000950000-0x0000000000959000-memory.dmp

memory/460-2761-0x0000000012900000-0x000000001290A000-memory.dmp

memory/460-2762-0x00000000730D0000-0x0000000073880000-memory.dmp

memory/460-2763-0x0000000014EC0000-0x0000000014ED0000-memory.dmp

memory/460-2764-0x0000000014EC0000-0x0000000014ED0000-memory.dmp

memory/460-2765-0x0000000014EC0000-0x0000000014ED0000-memory.dmp

memory/460-2767-0x00000000730D0000-0x0000000073880000-memory.dmp

memory/1568-2768-0x00000000730D0000-0x0000000073880000-memory.dmp

memory/3748-2770-0x00000000730D0000-0x0000000073880000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bc398867bfa50359_0

MD5 898cb88beab096560972bfd21d01ae14
SHA1 fde4ece8a0d101f9444a8bf1ede88120a0931a99
SHA256 9171ae292f0dfb573deb609b5e5f18847689416a3d5ace8cddff18e857165ec0
SHA512 a65e5af79d4dbc17e77d7c8747df33308fd0063b2245baf09b4fe6442d670c8bcc40679ca0a2f10aec5ea351f3a0fc4624bc4d3cdf29988597751f5de619b107

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f745783c17440c03_0

MD5 608713c216adff121a2e9a338fbe9b34
SHA1 4aa07190747fc62aa4a0ebefb9275f83a0da31db
SHA256 c55ab6163217c34854d0d71d95fad44885b12661444df7e7e5c35496c4a273ee
SHA512 e50cae38d1eaf58a42e863c5ce3b1e9f1a8f424316fc696b45cae5d83778f9cff2b37f69b6bfa8ef07c215ada835ebdfcc64a88ad9cbc58028254e6729d5a254

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\af7decb566cb762e_0

MD5 6f2999f7e1edb2bf4b91e639debb48b2
SHA1 889656ab2869721743ea46d63e616d85478cf7fa
SHA256 e1af04f38cbcbc7deb1655c7c83a2cffc827b166a25a9237058a4f437c83a66f
SHA512 932adea3eda3ef60a747d3bbb4e54a6f5fc9603356e299626fff43fc8a6b09406fd9a53039bc18023d51887eec8dca6301fcad4608af013bc19044b4ba1ab661

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\931ff3ee2cba732f_0

MD5 d2f9016f43642342ef12d77e4288beaa
SHA1 3c589b4d868f4780c3e333a321456274d9fb7101
SHA256 d2add724416aba91301bb47a4ec7facfbf6b3fe3158e75178cd9e0f32e2db1fd
SHA512 4803a7daf08ecd19bae67ea35702b5d820ae7f8bac54308bbceb45882b0376122d4410557ec027aa3985c9f9b3d81c0385b109391e2dbf4a2a66e94d9d1a801f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\40cdaaf8bd9d351a_0

MD5 7af1d7810f3761d0fffbeb40cab0d48d
SHA1 10999987d6357105082888cd29923c5d4cd85c51
SHA256 1698e060214d4ff1a02bf96dd5f7ef8f8b25ffa1eb91fa8158e131d304383942
SHA512 6cd3826342f664f1978941d8ac23f2ade838362c80c7d814c234c3621e543f687fc5db1bbd2c1dd0305f105f2047ab0439659f68eb9d27f43646cd6ad9c85b70

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ab40357e55172498_0

MD5 db6d167c19633e684dfa0a7ff36d1942
SHA1 0273c5984dafb4799bc6b984dfb29f73f40042ea
SHA256 f57150bbcc0ac001c1a2304f2f0fb41ad20ad4113a2e65bb68942c540c2967ac
SHA512 21ba687aa02a58c8ea5e80527c32ec3452ca241433d4b565ca8311a5792290fa5b9c3c0e4bbf026c585efcffdddbfb0c40ef14a3cfcfe9c36496bfbc6e854a19

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\05b9778fc61b0670_0

MD5 326fc3c69bfa44f5ac51d52ed4389385
SHA1 7eaa9a75704247bea177bf7a85bec5023598ac0f
SHA256 41b64bf4005193fce8945a8e23e5bc17e7ed489dfcb94e2d0a6453483e15c141
SHA512 025ee9719db01cb0d4271bf1926e2deb61dca119d94ad8f9b9aef9aa98da3f644b3cac90b760d23ac52c7dd871345c1b0c82644c61c26984efb9ff463a3a3362

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8735944b39d7ec30_0

MD5 4139c3ebb768421538b6a45de7b7ceb2
SHA1 f33a03f5783dab15c9e90cf1c2e0e18dcf7f40fd
SHA256 2aad895ff45955a80315aeb12cdda30ea6c6205472363e05e6a4408a0570234b
SHA512 76d15d5c9f4d5d7e78d6cab757da981b563fd0ad116ab5563f50ac7e3b0c4d5c97cacb601f7186429ae170e371033c4c9f90e334ff7790e58669d5ba51f08b06

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d6f96a3c94a636bc_0

MD5 ccbf902f645293d8581d22662f1d5297
SHA1 598d9be04c6d8dfd8d470d8a0c1acbac1a4a08f6
SHA256 59c1d1482100a6c5789df0a94b26853fc41d065e5108517a58d91a3d03eacf0b
SHA512 97b87eab4ad9d8ffbdb3d4a51745f869d0baff4ea36c59811fe2ef9cf06bdfb09507d1ef96e49cd47a05ac9c354247747557fe6e025c3c318281e23853c9cbf9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f535f9453fd2381a_0

MD5 e8c4843bed52c406faac6a659d0a068c
SHA1 184597e9cd9fd712093345369315b68f1aecaa81
SHA256 7699ce96e900718e50555a1b762d8d383b7d5c7650bcc255192cb8856881cf13
SHA512 d4aa896962c67b9bd9f74df8dc5e1f367c5a6f2ab094e724ca82787299b2fe705bd72720efe9fd3dcb22c05e541714ade415317b39e6f995bb23c198c96f0e67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b0642d7a2f57be83_0

MD5 263eec3a8a329d645c4b42609b6ee206
SHA1 67cf3c6c30f69ec6f38c317c5cb0042cd9b1b73c
SHA256 094c2196bb02fed6ba93ae2c6e1f994e91ea82cacddd10b4b788d071178e25c2
SHA512 619d04d7aeba988c526db412c244d42946e206a5eec0befb82f94509510f4f6e162e946e942c3316a24759ab95921a3c857544b10350401cf63395a1cc3389aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cdd5371e0bdd1fd0_0

MD5 78efe0bdfb53028d16d49e0159745e00
SHA1 6e9d94d9c6811c17200e3e179e59c264120b7bce
SHA256 b557b56af28d73b4c4f2cdea888df884993f2392435ae4a46b86bd5b339a1b4d
SHA512 c4775d309d6267c8dc5d842333b494625a21506ae15437e4b592a83cc38166f3439cbf0aa8053ce0eb0b9ef926e94cc7b1467133aaac1015ec7992fe40325f17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dec52b9656038e24_0

MD5 1a3e933785b4e9832cbbf593111bccad
SHA1 f0b6c632e5cb283f003c02e08463bf80861b9b65
SHA256 a2eed0bbb4bc9962428aef7cc248503e95ca6857457aa48497b97f05723b94b9
SHA512 57dfe2d79583c2f229cfa54d084f19be6da87563906a496f42691d10ecedcce82c22af2d4ee4e5a62c739c254ca9a048d32b5e4cb545377f9313c8251abc9f6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\609135d168ea7dc1_0

MD5 c7d25b4d6de2344d89c62ff236337c41
SHA1 2d3ac22d6dab861fa1d21b77bac35427f58b8226
SHA256 c1049d801ee91ffef39712c14fcad560b265428b47d0e8bfbe656f935504a16d
SHA512 948f5b631ec46cc55c329594f84126e93e4abc614ff891af52766839d7fd8a685931941ea9ef7180be3ea77f5f1b7fa7e99bcb2f6c56d372170da5efc7cbc402

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\01803f204bfa63e0_0

MD5 fe1f9afc721f81c046779290bc5b7d0b
SHA1 4bf267528f99756a29561bb1c7bf866bf9918643
SHA256 a9763889178951a895592b0beb0883497750c1b3931a3dc0b827d7b97ef38ddb
SHA512 024d14244269b8b69b0cde9d0ef749fe213932cd52de19b7a7498f7aa85805ab84b9845dc8533659439587e8876fe62e878c3eba7c3d43516f17779b91451476

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e4dba3cec7900038_0

MD5 32f49e4be452337a595d34f738f03487
SHA1 d10b23d08d27c3d204cc34a70b7d39b332362502
SHA256 97b5244c0ce1d8909ec599075c718bcda6d430c942ccdeb89bb6ea7b1fadffa9
SHA512 d71137d1fd393f3b275e0d49caa32252d5cb7239f383bb29f77fc0e09c57a830d134d7ed399f6c14d4373111c50d3ade27619f8751915da04299b35720d79fab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1cf46698c2dab619_0

MD5 7e3d08b5aa70b65a185c2498a42ba745
SHA1 4d31461c09a07b97e43092a4ebb065f231cc6b54
SHA256 0b9631a791847c3d3a67a10afa7c1ba3f6e3538bdbb2d4a915f3cb971103ea60
SHA512 64e5b9f16e38916ab416ef4b7d0935be9c6c8beaf375aeec8c65caf83143ed61b4531bdbb325f871f441926302a43dbf38a58ad67ab41c7e320603fcf61776eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\573d3657605a98d4_0

MD5 a7677321a1aba16abd33c160dc7c628d
SHA1 d1d0246b27797b19d616ce69c053508b5bc45260
SHA256 8e55ecc7247432bdd6298ab53f9482204d0e50288509732e8c6663a6a9635947
SHA512 d130b41d488d8f833a493fe845e4726e54ddc5bac7b6ec2944bc0dd1183dd860d736b82035caded1b77e5d9d01f059f87175cba58cccd9f5d74730ef1ade90e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bb9d3617b204eedb_0

MD5 a03401c33be91257c1a4844e0413cecf
SHA1 4cc4da69f796f97a30248399ecc300a1d0656ba4
SHA256 6f1ac7790ef7bf7f396e84765ba1d89b9364017f3793267f98e242d0d642be86
SHA512 48802bd6794ab4d6548a43a813da8103c628c22715d2129f7d25f2abb00ae7d6dc32cbf2dd28ba246b12cf9a154abe4f5c310120abce431999eb7c636b0d6314

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a83342dbafbcc57e_0

MD5 d5ce6d185283bb9c6a490b9bebd2cc72
SHA1 486836c23cdcdd01bb7b9f0d43aec8856af08223
SHA256 018e3563b734f1cef3c5164c08beea11372db8897de3b0dbba113738c6d128d1
SHA512 1129e67255fe183016e3ccb48c6956edc14f2931aa0cb4bd84db7a18a9643d4ca73345e85a8c2d2c1b310a3393ba3c727ada5acdb8b419078df2bd3b5b666d20

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b5a3f3ea72dc2b75_0

MD5 4009efb52a28145479b5ce0b3427a04f
SHA1 fc8e36e6ab2930848a862c2c6abc07ed11461953
SHA256 79fb02a2711492b8ba6dab5b4f79ef7b4f70219b02bfef96d48d52e63bae72af
SHA512 c58402ca470ac0d2d8e03a2c55335067259e9da34d95f5a88f6c26daaafc1ec8bb5d5878ff80bdbafd625b351f9c0dfb71349977a1f174b982b0bbde40726fce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\190f4b65e8702c60_0

MD5 da8860c9bdd0c1eb4c1c0fb4200c1032
SHA1 a73f0e4437ab01595895a420e37075e9992f2b0b
SHA256 73de6dcc01013346fd9826fbe222ea1dc91fff55a28ad1d78f0bb2cc269e54a7
SHA512 017be56fc8e5e19f7dec08c791e146a933ce9491a024fdf34e4bf59febdaa99b98811e20ea164ce072cbcf3dfe5a3096e18511fd687e44becbebd127400a977b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\08628914e4b7485f_0

MD5 9d588075c3d99caa02b8f405ee56dbc4
SHA1 fa9dc4d6b1e11d2974ab4243a5ab3b59e1991f67
SHA256 d622e04974d53fcc9f76a3721fdaf894464ba404fc18b2d6a350f1c035a7d00c
SHA512 6c947f38e8e008215ed378299fa5a00704d0dcd4bfa9415eb05cad8e7f50b8da5fa5542ac6597a0d233bbd7b1df3ab453825db0c95060a7e39e9b295ca26ed83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\40767c6ffa0c49cf_0

MD5 51116a06d3fcecefd7cbf949d052aa87
SHA1 1184d40375f7dd98a2465c64b34b0761ab6b0ad2
SHA256 1ef9790dc7fc39a58f963fa5d2df54f9d860b3b2360076bd2c23db4365ad5014
SHA512 869b47bff16710024fff3b204b3c95e0932dcc90591563b5fb2b635c81e5305679bbe8bd1e6caa2a28ea7d37c4f0f265a347d8499269a7ae4d290778ea166720

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4245a3924b00e0bb_0

MD5 63615d566b101c671ec1d821b7b1b55f
SHA1 39d2f40d67c367faca6509e214878e66e628eb93
SHA256 164b72bac14aadcac68edcfb2699c9676113ec08a9f22c88b14d7d0959e54928
SHA512 9fd0d7dc057fba94a86a1764731b2efa6d1df31e60613c3bac4dbba84075a2e871c55646c277ef38547fe114e13597c70cba99be2b6d26b9b6dfb2bea26efa85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\76ca9835d72a6572_0

MD5 25ad8e7a9402e500a7cd5fb6de561e5f
SHA1 b1074cc0b6740336944435cc6b5d4a15b14daff2
SHA256 7b4fbd0ae0d27c40b4d84db3212f73d874d19f5caf16bf7884a20dcc52f602d9
SHA512 d935fc48ba46f1e664d355e5b623cc52bda30045f829dfa7bb7ee47e678d19e18b612d5ec4c2eabb50ac154a1436b277dc7b5ddffe4d020d207a0755e1717332

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a5b3c49f8e448214_0

MD5 9faedf172e66ab84f0225734e9e9d597
SHA1 97445053cef8acade341bc79db06f07f080c6960
SHA256 a123a92f0bfb9ec37eb725988c02738f5d6e835363afe3784e58d092ecce178f
SHA512 c3abaabab186c7d5b79c01f466050c2890b2c87556c6aa4db54eae838baf552707178006ff89d45b62b56ed56d65ff22571086da55340cca48c087c592d925d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\611811b3324ba8b5_0

MD5 a23bac6b1f8b25ec1eda491e39d0a3a2
SHA1 9e97569e69fef9af3fd0acdb143052cf69bfa40d
SHA256 66dbc58b9569cbfec07fc735e86c0e98af95b4f3fa3d285fab813cf6ccc638bc
SHA512 f25273036a0ae64d5cbda2489387a674785c2d74ea87c868d84e5d6cdeddffcf3208240fab0cd6271e0317088cfdb578bb6c1c884ddff3093232f008c1cd2d8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5bffd0b926f3c3a3_0

MD5 5357dd312e83ac862ffca0c5f40cfb79
SHA1 073af3035df0da1d540ac4a26db2988135f2ff01
SHA256 9502273370a556141d788b20475db2c05250c7157546603677305e4ea924ad1a
SHA512 17b566064ad71b2ac17e9e98a7c2a4f324a3921ecd4bd4c741f0719510dc2c3f689d1b0103fcf2056dec4aa5ee0f851fdfc5a4fbbf8d5b20b5a9f2751d74df19

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bce7a0cec4e30e6d_0

MD5 bd9b401c6122ac4494f67bde716f5981
SHA1 7d4671674d557a5bc1f72adceda301936dbbf683
SHA256 0f81c85abe42848ffd559d39f8bc37143886e91023b55af6c571d916d3ad70c1
SHA512 4a922b141fa62eafe95382d4132128792245dac392681960dd999e8329b074805ee94e6f274b4088e08c3858bbb56729c5a890b815874640b95f5a299357f23b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\eb6f70d651835ae6_0

MD5 a9cdef3af750fd884fdc45bbe55fa853
SHA1 1aa40b77fbe80b5c42bb7900122ad7c33f3bf547
SHA256 5d5c0731f29ad2f15790ae234684c7acdf4d3a89872724a2723377a9fcd5c1e7
SHA512 d98e3722f81fd039bdd807cda3a75067789f14c9b5998d97dbdacf5f3249b6191754642bac0a5f26cec12159c00d1670020c2902cabce14254b3b8c2984361d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1e0365393a644acc_0

MD5 3d75f2585800aff1019571f34f415cd4
SHA1 7d76c1cd2f0bfb2d90bd2ec8e470843c122fea56
SHA256 c4e18868dd88bc642b39fc317c6210933739f84004b5573d79460ce9c98c5c1e
SHA512 d4c0e342738a4559cb2f1db5eaf1d7eeb321aa08242979ccdac28b24b506ccca0b4cd2f6ef2ee0f9c33d5c8e5d2987be0ced5d8fdfaac715d7b0fc6221df76cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6e9da99e936d66bf_0

MD5 21374760ba6b91db957db2f34a064fa7
SHA1 eff0a5a18d97b3ea82ca2165f8355083d0135036
SHA256 650ea56148ca7616cffccea3fae5fb669369738d6b447e792f4922c79ebece05
SHA512 61d01ca13da883f3ed97fd974b976fd477bc97d9cc1f98154dbca715b9cdecf4c472f9785298af7e19ad301d62e928cfb0303d275ad867569e252222f805621a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\03158d9548ecbd27_0

MD5 65b9dfd83033852783889b9e997a6538
SHA1 e0dd7a72a6408f3064d69ab6017986c700b98f07
SHA256 38eb963a524fe229f57b92bee6c1d56ca2daf64245e1f9a4bcc8779472a2586b
SHA512 a94647589ecce8a4b6779373f0bcacd29ed0f23c45217781cdb3c00de7710147dc1413d8a435b093e13dc8119aaae6a6c8d43f07201fa87cb15fa581e8a3e244

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1d4d37820f65cc29_0

MD5 19b38d4ea92c409c80e3a4b14ed4845c
SHA1 26ee13cf632694e2b8694f31bf68097fcd6d63d8
SHA256 c9bfa63f8971530f4456fe289bd1fa068b326afba117b4a449a41ad03c8f73a3
SHA512 72ba66498e1527576506cfcbd35760823012af7fa757174355da3840ce2ff4ca5f27fc600d1f360b9f3646821bf1b8657b02a8d42e05691b6e7b09c9696939fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3e8c447b551ca4ff_0

MD5 5b673a508fb439bc338e904acec7e99f
SHA1 20cf485b987d30d632216bbe5883dd7b6a6f4e1b
SHA256 351f0cea7411630f8f272759ac9dec74a03a4b485ea890fd00a1880f28b81683
SHA512 fabe2a67d042debad59d5c3604254d9a60c261abd59bd7efc8fb46482daa3162d5c18beee1578d65818c50827a1c2d79ddf8a8aef202eb579236fc4a5cae786e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ade44207b4253689_0

MD5 fd0d7512f8e67ae44d3f3d259e846165
SHA1 d6a9cf2cb02267dd34735ff2e858a9c911ce48bb
SHA256 8c3a5042ee93a26d31a631d26474f7892653d7700b743be8ae5436c417df6060
SHA512 63072a022f25dc7fa346194f49af417684c22cafdbf33fbef1366ffeed2832ad558b328d8a0b2717e793c5730ea009618a9514f28a9f91b1c91dc5c051476b72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\42bc56ecf5f0a96b_0

MD5 080686790a83ed856095b798d4b24c21
SHA1 1f8331f70d903306fc34f3d50f5ac0dc4ae8c2fc
SHA256 7d6fdd03046ef6489a461017b564ee9fada8501ef1c30455035283f15c79971b
SHA512 980cfba276a8e6440ebb5e5530edc4aaef065c7a4c211e4592bcbb7badc41af50c9b48bd352f8ed01ff2db8773e025f79253f437fcbceb1ada1b864e55df2d1b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3a3c8393d90e5773_0

MD5 b57933fad5624192820d9ec48725f12d
SHA1 0f02ca9f8e514b23679865e17cc1eca076a561ff
SHA256 81f908793839b753571152966bce44fde1020ec3cd5f3e280bb7c76da06a0271
SHA512 a36f91ec1982f9937d3ad4e794ebe1469629c78e8dd9f21057f6a925ea61255fb3113910e9301786d0d7733c162d87fa3a65debb77c9a1c76fb1c67d998a9fce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7116d760c26aedf6_0

MD5 6e13f29716b2c1c8b3e33a238a31981b
SHA1 97180b69743751f95064bbe338eeb980815f2593
SHA256 80f1fd0fec3399c818b86bf851d21ac79b5281f7bc55c82741f4ee031a2f63ef
SHA512 f04fb19f3f2b43bbd6933f6d91a9104e5db24d0c83e43cddeaab0c6109e316ae7eafe54842f7b9579825eb45be5c2e4e21504d9bd82937463503984b176dcc7c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1464db38cba1193b_0

MD5 35657a9fae470a8a6cbca24f38ee0cf7
SHA1 4af567c601c7e06cb37ff826be733e83befa0f3d
SHA256 eeae4e473ccfd599fd9bb20589ff6629f669cffffacd41edb4399de40b9ae7a3
SHA512 c671074cc523b5c4972f7a3494bd079d6269ee460a7b947c2fa5b459b77a1ee86b209d13296410694e9d3af2b24edc547718bf8a16762ccd1de22abaf4866da5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a6b9ae79142c3831_0

MD5 4e4bdea5c36d446cbe07087f88bb3337
SHA1 44448321ce8808942bcd7f7a1b293606cbd31c98
SHA256 3a8e517e3a22e93f16ec177ebb03c7249f6858138a1e3f54c61a424603871275
SHA512 d4dbdb56a9a7799d648bb2ff31beda703404334db5041c5d6f06f819ca9da940351aa67f6f24881f9a923ebe2cf30d894702467b5cc9b80fae99059a61aa815c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c128eecdf74447b0_0

MD5 73ba69e4f98dc33961fa9ada4843054b
SHA1 16a875779a9a35a44568d27164b72516e7c027ec
SHA256 b2d18c96ceb647d0aae9b9fd0ade81edaa8f30fea4ae850adad8691c610022bd
SHA512 7adbf145b236910e17e4ddbbbc7e42657e05bcb8e6641d08dcacff0493297d9540af3bfe78af8ef99bae384d958527fa41cffe346b7008b7921a1b63ff4b90cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\94047a9e7e8ac3ea_0

MD5 7f31d31a2fbc2d698cbc5fba3fe2fdf9
SHA1 fccbdd859f6e5241f485bb3287279f39144ef1ac
SHA256 9cbadb4d85bec89b71e1ec5340bca0e04d2b46f1c8db02da478a2f0982c39c6c
SHA512 f39da07875b6d2cc5c94a18de9fa25a5ecdc5a024a847864123e464fb0b926b87643062ed027df5e24d55a4f81dcf7d0fc9bbde140c2e83eb3acd027995ebe8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b01044b2697539fe_0

MD5 2192a1945df68a54907fbf976f189e8e
SHA1 5a019da07ba6aa6c1f59139c09e4c721fd7872d0
SHA256 a8c50f6311424ca9193861456f6eb52bd2a205e8a8f448d1ae0a6f4fe6283133
SHA512 5f4d2aef43674896e4c9af67546b36e4ecc969936fb6cc32b3860ec16513a11e64035661ae0de5e076e705eb45f0464adb3d92a3c3f4d3829d58c20a0b7ae5f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d063bed1bb0cb913_0

MD5 339c8ee6627a7a80a602dc00c7f01930
SHA1 f33f876e1e0b4c1c51a1461adf2f08fac089df58
SHA256 8412a4a43d7e8d7bcdf81c9a6ed1ece52559f316c39969e1db68dccdeabe30f6
SHA512 18797b89c91053d19f17873bbe85dc2ac38b8a7e62577ac91eb2cb43205ffa75cd931ffa66b2d277d75c4e298c6706cf0b18f2cc85731fe5135c77d2060c8ec2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c39c4bc05ee7afc9_0

MD5 61a18642ca7f311254c03fd10e21069b
SHA1 74483229218e846388a25e730125ee0c8f7b559f
SHA256 7bd7163fadd768de1ffe3eb18845f6ed7cc3c427879ffb435085a3885ba348fd
SHA512 a96127e60a6e634bc2ffb3ecfb97b26ed63591a58d4e9d2ada621521bb76e7ecb826424d70dd7c94cd70282f0981e9ae55b5f2fa87127e1e025419a189ecaa7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f099c5aa448c3273_0

MD5 f0970f632f7fff590cfa222a94fe180f
SHA1 fe86ee12bc55b6034b30cdc791dd44b54abf9721
SHA256 f2b60644a6bf2003953427a66c3b5dcdf6e00f2ae3c87269660d4f64320d9ba0
SHA512 2777f0d7bc0f969794f6f21c21bc8fb261a14b0ed4f5477ffd50be132ac197d0d47ef38debdaa5abdbc9a120ccf385b67641a71742c6780167cc3d33104ed3a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b2d9898686953e01_0

MD5 c7b7df48c161d220e2bdb6668c484933
SHA1 eef2a7187c1800ebf48c4de850e15882d6ed9ceb
SHA256 c09b9e5c1d8d9f700002cc9a197eb2c909a3ba3653381b7547003d3240a06a10
SHA512 be0823059475483d89223f799c0ec5d6c84c0f4d33787ddbf0ff8f7fe97b2338d0059b14fb57c666589f8b8bf1d39ad87766dbbcc2ff8e6672cd916061aa80d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7f9215f801fde18c_0

MD5 b8e55e202e7218dd31a7a8374e9acf68
SHA1 e632b7c284f137ae7dfcb0a72b973d06ebf7a82d
SHA256 fccf17d85deb7c4a290edb71fa3776ed7d93f22f8c21b7c9d8398217fbe67fce
SHA512 f17a21152c9cb10b1f3e7eba579af45d9cf64b8a05465d328e47c9db73ec1797211525a6317a54442234baaee10683dcdcae17de92c066f1500b64cfc455b0bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\73a511878b0a1e26_0

MD5 8b57344413fab14e9df1f111c2d2c8c6
SHA1 b059027804c818deb70156278eef573f4ca31d0a
SHA256 3c5bf01b0e611c76062cc728d2ffa08fa441ce895a057d9ec6befcb919620fda
SHA512 ccb1bc4e0d0487f98e235e7eea2d9c05736d0fe020a2bd255a0f28089b3a64d8dc380a1de2cab9b90962ce109a9071ca78d5b2c62c8d3ef9706cb30f6d6292b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\673fc05caa823a0f_0

MD5 9bf6efc828f5f7c66e168383ddddf02f
SHA1 e700d9b0c228bb871313f6314ee7363e96578b69
SHA256 8b766a1d1c10fbba36dbde4532d9350477d784f7c7a95805c1edbc7d8d910f0a
SHA512 b1f95b2bfc2304c474ac5e70a4c28d5b36d8e00eaace66afdb6646287f490b90d23346e0c43fedd100ce77463be414a31adbe34b9f05d432b1a36401b510eed8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dd15999e8ce5983c_0

MD5 951b36bfcac0d61ccc1ab0b6c8955620
SHA1 ddca832101ca99cc5cc96e12261f2f4e7b01fc34
SHA256 822c0292f2ad13079e408b7f34dab8ef9f6bff9c853f043267196a95dc1eae54
SHA512 ba9c1cad6621b3684133032679d7105f1c70bfca1075cbd2e061d32b1601a11db4039c51e563f05a531b63500124492f7db9dacb77b6aed263044fcee992f441

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f9236ea0294cf442_0

MD5 f66e075023f72ab390ee5be9770d3295
SHA1 1f80438154caa841403b7ee699ac6b5207470066
SHA256 62fbb234a908cf634909a87b97bfb343574f93d23d82e2dded45e797d380c663
SHA512 0106773e75dc021557c2ea8b93adc613ff18622456a5c0e486765f195a274e7bf9927f71567933d566343ac06ffbf73455400739d1c7ecdc2d7db6d9548da08e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\df6303258b5a9992_0

MD5 e70ac39f1160397a05b9772dbfccb1f9
SHA1 74635425a645920ed318ff11e424d67f9f3dcbd9
SHA256 fa3b6c9809fb7593c82471d126085750a6ce8208c99a8e396836e901bf766c1d
SHA512 411266abb5ca33ec572ba7e74e2026190a62f51600cdfeeb294e81639f5ea8aee86f915cc34ee4548d9cbb6bba406962b5ef9e61713f17605aed5c6e659b3902

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9e96d197dd7526c4_0

MD5 962c415aaae605c8e0fc7357585854e3
SHA1 74776c08fcf3118359ddb3befcda731722fa792f
SHA256 c4c6b86ee9262bc454bbb6fbcca4ebef8ebe07453f035c973a4aa3d1a8ad4619
SHA512 5b92805d1f34421aae54d6dfd6c15a0e2c67e023e95f15a25a83640cb6e0b733a3c007cdea012e9d5e1169026c2fd0499a9d581d4694842302ae9c4e18c8de26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\505556e698f8ab61_0

MD5 ea321f9ad844388b251f508f0140bca1
SHA1 ae932092951e1135102eb38b2135acf695ecd461
SHA256 bdd1399fe286309b0a3176664354f93caaf724cd2093760726026ad6a7ab9db3
SHA512 0bd05c923af9a11a7eb14ce01f036f0d5be9446e8f46057eb0d31aeae1ba2c195dd35f09e4570ee144c783d487e2e97664f04436f46c534c6797cbf6a1be6ba2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\71eecbaaf9326469_0

MD5 aebf2b0fb3ac9049a00879c5f03e1667
SHA1 3a26e9622ff425d0adbcf734084154349b4b3301
SHA256 79744aba04c654ff7e2b306a4ba7e43b87047d3a40261a6a1836198137dc9580
SHA512 eb36e75477ea36aee9d7a9c59f2f1e082728e1d3cdec2c6af88a7921fcbc8fa872d05c09389bb0b7db66ec99520dc317fd622f1d02392ce1263359ddd91b6570

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\10b849d2c801896b_0

MD5 aae070a6ac827847e783eb163c274dcb
SHA1 6d33f439c291bef34010ebf2609dd5a33e0c87b9
SHA256 ada19d92ce049a156bffbd97a00c15876627590d0bc070d098db0de2dde69b62
SHA512 cb4dfda8544591396e4eca3cb22942ca0fbea84fc5664f2897e34e75ce64a5065699b3ffde7f7b03efc84637f69e174916c2adab50b7714cf81bf4418953ed6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\eb04c2a645bdefb8_0

MD5 8f6fa8764a657755704eda54da4ab880
SHA1 3bac249d92bdee9190711e84ff67d8c3fa345411
SHA256 a4ba6c45bd9e355200361f2fa18fc748f65e9bff9a5e2fcaba647623caac1da7
SHA512 6a1d679767ad68f7fffda7cd520b294c114e74d381576d2342e09a87a38db7c9bc08cefeb7dfb97c0d6e1453f1ab34b71fcb6fe01c5c6f4f9c63740a89110163

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fbb391511280563c_0

MD5 11df5d54f41ccdabd8eeb5a87e958b9f
SHA1 0bdadfb2c4b3b6aee710974f9c262dc18aeb7810
SHA256 baa0d10e5d14db36da3adfb426c483b1e8e0cfda3b1204c568f41b4823a3de3c
SHA512 d0684e877bc994913c05ccb6bb008ea9301bbc3f1f513c93e63225b01ae391f27290db0559126e15f4a460f4349d772a93669a89ed35c05e0beca668462fb4ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\74c030fec6eb1f5a_0

MD5 ea2f59782fc5447c7441d09412fa8981
SHA1 26811a7c73049b8ac0158de0c89879f2dd1baaa6
SHA256 980400ee46cde517f59f22889502b30dbee1787984db4cd7103a429571c35b1a
SHA512 250a5915eafeb8289c05453d237825bafa88b6223a1a7614de63d83d6168587ffb550314f68db5d426aa3eb3ba9455c5eb1e9f2ed8607cbbecd629b64d4335d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\559f497660fadea6_0

MD5 b659bdeb72421f0283714d5839129bb7
SHA1 b96ddc8c04af63f7fb41c941b04c63887fe2abd6
SHA256 9be4b226ad2471d1692118f4bc80e150fbf809d9b9d7bc002646b2b2d1cbb38f
SHA512 3360616420b42b83d1c6b63e0fcf1366599e62e2c3d6d2a5a31a048a3f6367e97b10f7b818872264e7674d2725b8f954dcdb959c5a085e7285e9d654560d237b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cf2a30152d4eb1a8_0

MD5 48539902179f0f8461e5bb4f5584882a
SHA1 239dd56f7f5eeac3a9c7204a3fbb6cf508c61b7b
SHA256 cb5add682b6cfa94e4dddfaa7fef1eee4d04b16f08f6b7be5292444d5ac59a12
SHA512 a91861f327ef04e1293aef4d809863523fbe3513a166c77e322b59949b586427171e064803507fb32c539c7fd100f7467169255ef5c9095b5e7103f075a3252e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5fba9a69b89c6367_0

MD5 4e0a8a6751b6d209b54b1f4b013ef97c
SHA1 4903a73989dc7163337547eb5ab04733f4d4d178
SHA256 ee155eff94e676464842546908f00806160104ef7b384bddf5b9d6e5e3f70b9b
SHA512 0ac27d71e12c3c2eda0519e68b0fb3239de5a46d29462a8b44383d43aa45514ed0eb583f015237da8b5c682bc256c9c0f480cfcac362129d6094b06efc598c6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\367801523b948714_0

MD5 4022fcdc20aa02280ad7b2dd887b9fc8
SHA1 d2faa445eba7b1779a49fc6ddab7851058782770
SHA256 3fe2e627de83fd306ccfc3c70cb32ea7ad42be5b1bfe57540642792b1bfdb9a2
SHA512 c6fad8314d604c57172bbf115d5cd80af806669967db4346d21f1528ba703d4960d5533f621ddfa1a6ec60ba601f6504eabdd168f0cc463c6716f564b6a48314

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a7ced07faa554faf_0

MD5 5515dd11f5cfc47c069650d2c89692d2
SHA1 8111424226a6065a25e480dbe5a446dd3bc17024
SHA256 45b582dea8d5e864892277551e2045a74d0824ac266581e5028fefb33a8bcfd6
SHA512 af8dcd68777ffa05cadaa8768717f5df5af67c5f56c81c1aba685cdc1ce2672ff3fbe7aaf893173c4767f7275a050a306860aba6afaa0e86bdbee37185b77b4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dac519eebb4a7a0f_0

MD5 506a0d7068eb92145b99faae7c7945d6
SHA1 ed60747d01144ea7d913ef1c55fcbef29f29c696
SHA256 eeab4d2f868a206384277702c6e0902d30662e26126fb373f4063feef73e4d73
SHA512 fcb7720cb95fb5abbf552159be563204cbf4f610a977ed05045d92f4a136506676f425486a588c6c7de0ebdedacc7953660c62cc8cdd2fe97a2c188c6ba13318

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\628643c40af93f74_0

MD5 626fb5d346db7923e424778d9c77a4da
SHA1 f031cccaec6c80147bbe5e7254b1d48032db4653
SHA256 e5f5dac26b944c24475099c1e06400f9187e75f1e53ccd20a4302137ea1aece9
SHA512 e642fe0b0c190d43859d65758b85eebae1ff77139f8eefcf8282c6ac8c6fc88855e75eced697c6a7f45ddaff1642f3d471794e3f23d32be562745834ca15b586

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\76d9a3765792ca57_0

MD5 72faa41b07167b525a94a700545173af
SHA1 d2b7372665d40aec90c847438daef1230956d233
SHA256 ef889cb1cea93b0322da21f761be745ece6192e79ac23b67fc0b7e6489e89ebc
SHA512 0177b2b1d96892cfb9aa4b3e36f34a9342cfd81d6572aed476b3b6cf7119ac6cc457a08d3a0e2b8845476516af56e13835feebf194c94faf68cbeac6803917b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\46a13eaeb331df93_0

MD5 2320ca6a4156bd972d525a4c5eacf70c
SHA1 86363ac38dd8edcae215e7896e860db94f442381
SHA256 f46f9fd6196f3eb152035eb8fdfb5e1f5ce2fd8f50dbeab3cf932a95ae6f3066
SHA512 5a13025f61841a4ed34718bdbc5ef264e42ad545ccd54b0f9e4d7a0f41bacba9ebbe9cea0ee04c0838cb5bc9029fbe2752c269673a6f1c9615af2d45325c4d9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c9822c34ba20db86_0

MD5 9055ee4eda6075ffeb713911e9174bc2
SHA1 c996b3ad784ad4f3e6d873feed6d5f377fe2040d
SHA256 72fea5a6e4bde340397ca2adcb9d1cce8ca5d06f5d885c623bc737ecc4a22d66
SHA512 9a6e92d255f11cb1ed0f0868bcc8ef9a4337382e4ad45dcad9ffba1c82dd769c74a447774c5372c5f38a24ab07b7d3d8e928ab35b9cbd20690990c39bcb2f6b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8642c2fbf3040ecc_0

MD5 9e50ab3bedf0fd0576cd6403863de94b
SHA1 61443b0825fd7d53382eb68b2483f15d30c1e981
SHA256 bd3636b5b4d2108ec8545aaea556015d450a3bfa73574cbbfb094ce81c781631
SHA512 0fa63e96debc775627441c9d7458b36f477cbb765ef2fd858223cc69e1219db53f7f2f2b2e8dd5c55b3346641b455e21ab3f66518373df4abd9844d75a4f558b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9441bb93ec653ba3_0

MD5 3a310c7ac771adee9ce7ead7a8eed941
SHA1 2efe041f72391c72f8cd77cda0b8ed6e40660b06
SHA256 ba038f3708ad054e56561809bfe97ef4e41d256730a9c508666353c57067544d
SHA512 17a959e7de17a01aa55c01b8f2745cf092a04b9ba7bec3df6393eeb96d1926626d40bae4ecfca4ebb541f2a4f38d1fc908f6d8c27fd50d51add6e7bee2f82d5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9d2cc39ec17df0fb_0

MD5 2d2065e3e62c94a5964c8b0e0e7e5da5
SHA1 5eaccd7e362c10dc3489347c44e8e3c82a108162
SHA256 502bb080d372d65f7f255ee036cbe12e486049cd2df728b669d031a389c229f8
SHA512 e2096a27cc341b29a17da1234c15e08f3cd40c84b4db1608ddbfba340f3bcd8b714bb226c256988dd09aeee87c3d0e144d85a3c12396ec38ec739e7b6649c79d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b592afa2ef95479f_0

MD5 1f050851b17766915bebd51896b9cb46
SHA1 049a272b7e62c80cff349eeae4c176d5500e4c0b
SHA256 10e6af1eca03b699f3ae481110191393ab26f32026f1d6515d4b14b5d073ce47
SHA512 1b0a9e2b058e0e048fc0187f2da4cc1c2b0d685230d171a581fc5656911deb81698d4c140bb32cfa1ca07ebfb2ae72974cfd6039e8437ce035eb982ba1bb5b24

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6ffb967ca502d302b956e1a5b50640ec
SHA1 3d2e951b59dcdecefe0ef257bd0c2716055c403b
SHA256 10eb204baa7095159e40268a812c62cec6d19f2a751dbf12dfcf35afaf9e079a
SHA512 829e32ffaf94d89f7c1227e5271eb4eccbdda0bdf26a8fa1a5b47261d7d02e95962510ca5d10a5f78730cad21c3d7aca0c384be3c89f4f61e37fec1be8f85567

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4e390a7c179ad3bc16e1e758f94b3bf3
SHA1 d915d531c24285497d92a45de40a96fdb050b9ca
SHA256 fe496a438e81ffb4804259848086a8c56e4c6445e087af9049c87a60704062fe
SHA512 20835c34c1baa433138938c112fcf5e98de060411b3bbd9520133626b672eeed0d99f937616a1d4a0ef3e5f37bb070fdfd62610e1e3b751db6def6e061c28b47

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2bacc88d5a5db15ae054402e858f38b1
SHA1 27f7ee375b35d1db7455ce02bf96a65364d10c63
SHA256 a2e10e70d3d9a5e18ea7515720df926ece0ff13e6a4186bd87f029f22a29f0c6
SHA512 0dbff0c1efceffd8c72f178c2857d2d1e55a86e4b35eddf0f04bb4c3619fea872e1598e6ee85eb9005d491159857846a04ab3e724e6bb9126ddd912eece12aa1

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 1ba436170fe51402b0e47b6c6cb8b692
SHA1 ec8264d0e73311521cb4c3956a790134edcad49e
SHA256 3054dca31fb3d83aa02e90407ae26e5cc43541de95dddbd39cf21fad26855609
SHA512 ad8eab743297b2079a7fe9656acc5953a8aad89e959eeeff4d8ead3b85b4ba9e7a62d17c310493b6d98467f280a2da471e42f4acde6ff70cb950bdb39761f335

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1012d439c8d20394f63bcce437f6fb47
SHA1 1e9f7a3eb6956930e4e12bb2d0d913a28e1d6d03
SHA256 66ab4f417ee260fb76a629b0be3ddc9946de644951642aff34dd64ddd59bfe86
SHA512 7b0812bb7bdb599017386977b2942702ce5cc42417b30b8b4e449f3eb94d113b8b0ca0e5356ab4a82add708da9736ae5d4ff725896579ec9fe27fba0ec1f5855

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 422038b739d1aa0289681b10f9e7a705
SHA1 59f95529b3d94394fba00483210d1e1e4ab5d3fd
SHA256 8fd63567ed6003f69c205b75bbe587de479e0ebed6429f40e13b90c6134738a6
SHA512 a4477370e450cad5f4a8d96042cd30631673904b2faaf76a838e7e4fa242b1ca88faa8a32118809f034cca107355b77d712c8103eced60b09bc58f100215cba8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 eb572835f9101fc12a76773010b608ea
SHA1 6d25f0552debb86fdf3737e78d0b74e8f698c39c
SHA256 8bf0538bbdbe2a79b9b7f5745b5718c873fe63b387f08e9a33acbf6c353ee4cf
SHA512 bd94901e4464456eae2081a723f2e63c3f81b811ff19c63f8c17913578dd71c2c1554c36721ed7fa29c67978f1dcef61a4ce5750e99df3cff8a92301149fe6a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 63b9a5882fb5d773b3189452fc49a778
SHA1 d26c95fb6e3f85acb1a6eeaa23d8833ad40611a9
SHA256 113ee9a5ae2d2113d154f25e081b13999f514c9e486924fc8886a0a6ddee346f
SHA512 d6257f1d2d50cc66474e49e74bc3079f6321800a4ffba270949666c843ee266dc5960134ae77fdc27cb4874fa35ac0ab82d4c62f8aad198bce1fd5d74cfde1df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ce1d21f38a9abbd4ed23bb6d325947d1
SHA1 201f35548000ff83e2a167c345568fcdf8938057
SHA256 4e402ada280edd8fd491e2392c54c5ac4aa5b8a3b726a2228444683192ef288a
SHA512 93ad928fa9d5f7109d7cf700ad17c3107aaacd19ce3582548bbe36e7096badd1c7f83c1e60f13c71ac21bf32a9a4408caaaf1308d0b5b0ff58bf390acbbbebdc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 11ba98e9c4449e98e04b94ce4fced312
SHA1 a821a39fae56b13c0e5b8504a7df747d65b58d49
SHA256 8aef4b0fb30782dd65272aa23094b71851918a4fc77ae33f2931321593480e65
SHA512 8492696aba1dc42e17c0009c84017c8dffe27e79306c386305f50e6afb5b2b71ae9a06845d886876d059becf2f581328f1c67eda82516cb3b624a6a0c1aaa4d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\27c6c37348d5e89e_0

MD5 91e11e0410899e8bbbf6b4467433f31d
SHA1 5fbe188e0beb3869cf4358712ccc916f9d207b76
SHA256 35495ca867004e265d2a18a4639f06f1454b60b510e83d37a4fbc7dc47b587bb
SHA512 6b054c323d815a92e4ecdad8056a7fd2f61e3df5854d963ec5d1c5aa7c1dd0465a8663c15af6e69af9b92f573d30429b256100cf9f35ce69cefa2769236dfb82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ff3249ea979788e3_0

MD5 7c5c5f3061a42a753c2520bbde4ef7e3
SHA1 5ace9f5cf6eeae5e59ce3e74c494fb0c5ee6d9c6
SHA256 550d4313021d323b4b26a138921e84d6b6e9dc75256928e16c7ea104e47179d6
SHA512 5ffae97fb76563c4ce92b2f42d0668053e5c63735e27a41069d7bbcb3fcd2ace2ded6050329d64c846600d18f8b799ca9c6154b4df394c0a4cbb7e9a8152598b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\84ef792e97c5476a_0

MD5 9127c297fcc93730a7c92604e8983cf6
SHA1 42fe47fd2dae9870cc2ec8f801fdbf38d1cce3b8
SHA256 96d51deddd76e317a2a4d90e8b42b6785ecf6b51d067e27a77d2e19e4e43804d
SHA512 f3231fe2751348817a3f35385f9ed9afb54f965993055173a0527be474f6993a2e849d1a904025bdbf0751dcd2dfc447ddcf9e0f4ca6189fd2c1d3ea1df0679e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7b4df8547f7d8414_0

MD5 0363238096297557e8dfbafe96512c08
SHA1 60d8e9797e2a056f50ad595f28e68069c0105a8f
SHA256 3a51921743fb1724e47f33be6d2f9735febda06734bba3b36e46b86639e44289
SHA512 c585958a237b9523b6ab8b1bdc2a31822926358c6729c0296fb50fbff73afec128acb1371fd4f7a03e35a52af3472c80e721c9375a984a65c5654e2cb8fa2e59

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bebce419d9f0e83a0012c505d7888e24
SHA1 5ed1c04d21ded1c1a80fd82c5776ead89243955a
SHA256 ba34ea7fc33dc07472fff4c1a8433b977e386958fac025e07ffee7b207e63d2a
SHA512 60efdd1c9a00256587a83ec813b4d38468c498c361354d4a1b1b147e56072806e18f3b06f4395677696d294a33d39e03400a9c4cc2f38811c5cd364756bdbe38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 45346f5f0a69489fe659b209bed2658a
SHA1 d1d7df729c0f100294c6483c77abab468ee66161
SHA256 23c110dd0221c96af62486294cae95df0bbe51d17a69f60566e5dc6ef2d8092c
SHA512 9f3110f814767ad03aee5e28f482cf6789eefcb1b767525a85f3dbec2db6cb78c6715a9941bb63f77512318bc17bee10dd4f9bc3f256610c177bdc72785d2976

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ff188ae59dc8c128f17b6b54d2a0addf
SHA1 86195d9449f8cd9e1fbe31cfdb18a41502fd7016
SHA256 2373294f1827980c82683604d9fcec053b14c7aabe583575d169fa4582bcab73
SHA512 f6a62394afb86f9b4f4709bab2e9d0c7926d3bee343fa1591e6a7fc45132c23626a7dead0427919c1bcab8123332015e2da7d23ff4de38cb450f6516228e1220

C:\Users\Admin\Downloads\immortal_spoofer.zip

MD5 662648e35865755096a79b7697594b8e
SHA1 ed8011e08b7b008a91cbff2915d47fdd3d27ed8f
SHA256 d0d0114e8de1f2ea72dbaff949232e5e2f93886eea6d180b4a9b7cb46a1cb670
SHA512 d288f2e5e8f9953c11bda0a3ba804d68da85b15b6b3677bb24de963bbc94615edfe5e75e6c65c99fe2bd05f8b982a4f03419fa321a1ec8d82b58e218c06e8703

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 95c52b284c921ff0181f5686541a0c4d
SHA1 7e42a648325018f3bff5b55b1f013d0aed55c214
SHA256 cc8ebdcbe87eb3b36fe6d18581a39356d977b51cc40d01148c5b36e22cb0fc5c
SHA512 f0c060d0002baccf7b0e5ef1d6e31f412eda16841a9ba4e16f2a6779a87e5d1590dfdb7fbb005fd640e75481bf66675338fd461d73871be08994a719b292b460

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8c4c28fb5c481cdbbbc99cbdd148c49d
SHA1 8df5da29ed45c5155452a7c2f8f547557f395b38
SHA256 ad27478a03c464ce9f7c818147585b6421c8a2b5178d6e2c77f9e4a020827d97
SHA512 f65dedb26366b69c9d5320f2b102d33c6305755aa3e236b3afc1535dc3853f2eb68975fef32d320052d1420da924b4ba85df0c1f6596b5e9f8aa9b1eb3b00faf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 e59ef3c3881a0c8b0a815ad94e7e89f5
SHA1 11ddf4c2572ef7c36867bc6f3a13d925eb2b1bcb
SHA256 c76ba7d7f1ae18bc58b63757670f6129f4fe577b49c04aa41b48f005aa1fc93c
SHA512 f1048f4a21663e60c1aa5094439e5810a22ee9342f7d8032a85dd1a371b5ee7e8ca660cafccf018325ac2b517c148986283ca0767d90d7c8e512503c11639730

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\System.dll

MD5 0d7ad4f45dc6f5aa87f606d0331c6901
SHA1 48df0911f0484cbe2a8cdd5362140b63c41ee457
SHA256 3eb38ae99653a7dbc724132ee240f6e5c4af4bfe7c01d31d23faf373f9f2eaca
SHA512 c07de7308cb54205e8bd703001a7fe4fd7796c9ac1b4bb330c77c872bf712b093645f40b80ce7127531fe6746a5b66e18ea073ab6a644934abed9bb64126fea9

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\StdUtils.dll

MD5 c6a6e03f77c313b267498515488c5740
SHA1 3d49fc2784b9450962ed6b82b46e9c3c957d7c15
SHA256 b72e9013a6204e9f01076dc38dabbf30870d44dfc66962adbf73619d4331601e
SHA512 9870c5879f7b72836805088079ad5bbafcb59fc3d9127f2160d4ec3d6e88d3cc8ebe5a9f5d20a4720fe6407c1336ef10f33b2b9621bc587e930d4cbacf337803

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\SpiderBanner.dll

MD5 17309e33b596ba3a5693b4d3e85cf8d7
SHA1 7d361836cf53df42021c7f2b148aec9458818c01
SHA256 996a259e53ca18b89ec36d038c40148957c978c0fd600a268497d4c92f882a93
SHA512 1abac3ce4f2d5e4a635162e16cf9125e059ba1539f70086c2d71cd00d41a6e2a54d468e6f37792e55a822d7082fb388b8dfecc79b59226bbb047b7d28d44d298

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\nsExec.dll

MD5 ec0504e6b8a11d5aad43b296beeb84b2
SHA1 91b5ce085130c8c7194d66b2439ec9e1c206497c
SHA256 5d9ceb1ce5f35aea5f9e5a0c0edeeec04dfefe0c77890c80c70e98209b58b962
SHA512 3f918f1b47e8a919cbe51eb17dc30acc8cfc18e743a1bae5b787d0db7d26038dc1210be98bf5ba3be8d6ed896dbbd7ac3d13e66454a98b2a38c7e69dad30bb57

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\nsis7z.dll

MD5 80e44ce4895304c6a3a831310fbf8cd0
SHA1 36bd49ae21c460be5753a904b4501f1abca53508
SHA256 b393f05e8ff919ef071181050e1873c9a776e1a0ae8329aefff7007d0cadf592
SHA512 c8ba7b1f9113ead23e993e74a48c4427ae3562c1f6d9910b2bbe6806c9107cf7d94bc7d204613e4743d0cd869e00dafd4fb54aad1e8adb69c553f3b9e5bc64df

C:\Users\Admin\AppData\Local\Programs\Launcher\chrome_100_percent.pak

MD5 d31f3439e2a3f7bee4ddd26f46a2b83f
SHA1 c5a26f86eb119ae364c5bf707bebed7e871fc214
SHA256 9f79f46ca911543ead096a5ee28a34bf1fbe56ec9ba956032a6a2892b254857e
SHA512 aa27c97bf5581eb3f5e88f112df8bfb6a5283ce44eb13fbc41855008f84fb5b111dfe0616c310c3642b7f8ac99623d7c217aecc353f54f4d8f7042840099abc5

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\chrome_200_percent.pak

MD5 5604b67e3f03ab2741f910a250c91137
SHA1 a4bb15ac7914c22575f1051a29c448f215fe027f
SHA256 1408387e87cb5308530def6ce57bdc4e0abbbaa9e70f687fd6c3a02a56a0536c
SHA512 5e6f875068792e862b1fc8bb7b340ac0f1f4c51e53e50be81a5af8575ca3591f4e7eb9239890178b17c5a8ff4ebb23719190d7db0bd8a9aa6dcb4308ffa9a34d

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\d3dcompiler_47.dll

MD5 819fbcfe302f255eb6d37ff0b5a7d497
SHA1 32bdf0323877baed290f248dc57a24ebd59589c3
SHA256 39526097f8d9c7f64da30382a8f0d9df2c7a4a1b25878ac6223dc88274adb576
SHA512 b02fa9caba33705901c7d32ac42911ec37f9fbe67483bf043d131ef1b5a0d0975af0dde627a4fd7aaa867f8731d1338df26cc61d3d5dcd02767ea708e2575807

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\ffmpeg.dll

MD5 2cbd898c55fa332d3abda22fa2a0bf67
SHA1 45bd1e77b5b1a69c7d6c130f4c2659d1919490f5
SHA256 3a409117b38432380839f4218bb88503f7b2d5b4fb43d8c8d971939da650169d
SHA512 1c591afb596dc3ae80474f0050b0edb9deccecb77a880df14084d0a7109555edac51f9457d7e0c5170baf47d2bbf50ca41ef53a4db5d3b9c3bec0824f27168fb

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\icudtl.dat

MD5 063d13500ff586a7459e825293bda3e7
SHA1 8bcbd758ec82060d9fd65ddf4e794e166e32d8c5
SHA256 cf779ca7db09b012ca77c06400b05850f79efafeb52d27f66802a9fd4e466fda
SHA512 993ffa540ae11db88c8ca939a9bfc0120a4c74f3efbeebd26f4f03d11d9a9677751eedbb8a02ba2b9c921d4f2bc310c7515ffd942c871c45259e5ca4210e0e1c

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\Launcher.exe

MD5 eff176cf958043f9c1ce264a781cc6eb
SHA1 76f93585bfa619a372972a1d2805646883fc41b1
SHA256 9c580f9e14f1c3b59ea6c4e7f7d084e2cba57b725f510318540ac0ed19b997af
SHA512 00c6dfc5528ba96ca1457a7ec194755259df0ef5edfde5fd7aff992ea1a92953e70704d782744dd74647c3886b182b3ca5cc0271a68c6549fc9e12d675318a05

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\libEGL.dll

MD5 7db25d27ba305be50f70bbd947d51bdd
SHA1 550b2020d897a5f54a31d76253112641d629f7a4
SHA256 c5c4588f4937ff8dc82d75e461a95d6da4b6a057e57c1874b2d488f832b4d002
SHA512 61c47f1ae5d88bfd7f160ff496d6864d683664d7707be044ce41f82918b734cfda858c159a2016520ee05f7a2528bcc8e9f9d48b5e0d499538811f7b6902ef22

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\libGLESv2.dll

MD5 44db76793ff6aec13b9b445b5942a52d
SHA1 d4402bf2717016b71727e39ca70d8730cceca862
SHA256 ecb315949b05b30c0bbea8050431fa163843f74e551591d34dd2d11faaadf0d4
SHA512 44d0ae8951de75000baa513de871e7ea98ec18bd2d461dc763c5d6a98462cb1139a4426ad795a6088c5289f0b8d6f81e7287fa4f4f8d31f885aab6f5a13caa0e

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\LICENSE.electron.txt

MD5 4d42118d35941e0f664dddbd83f633c5
SHA1 2b21ec5f20fe961d15f2b58efb1368e66d202e5c
SHA256 5154e165bd6c2cc0cfbcd8916498c7abab0497923bafcd5cb07673fe8480087d
SHA512 3ffbba2e4cd689f362378f6b0f6060571f57e228d3755bdd308283be6cbbef8c2e84beb5fcf73e0c3c81cd944d01ee3fcf141733c4d8b3b0162e543e0b9f3e63

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\LICENSES.chromium.html

MD5 8d5b254528e6281cfb98d3be986e4fef
SHA1 8cb7e78a7e0c3a052d0fc5c1634762cfd977f9e8
SHA256 9b85ce9c5c9d2c495449dd5ffdb2c21e8fff04e1a7d2a03293f6fa2699a8657f
SHA512 37f0010265289fb41d30bae94186e42c07b57ad58d23519b280aa89e77c9e2e543376ae1080c5d9e8c709a4edd942671760522bd0fe1fc0c45ff6b4c7f70fe99

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\resources.pak

MD5 d9d5aece7ee5ab670292960cf7346126
SHA1 e8ba38ee4c6fc223402496e2f02320f067b2e6fd
SHA256 b870a62f70ab4f777bb051105488c788f106d93fcd1a392bd98e5bbcb7251f58
SHA512 b6db6c6c1a6e9e3c8df3e948cec1e5dc452932550941972a2e36f7d109dc109b6aa31a0e1500bc6502fea654c625e008eabe2959471b46e9a8aafc1ee7890287

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\snapshot_blob.bin

MD5 b82ff216a0babf602940759b9a3af870
SHA1 07e8a22dcf8d7be04a6ddbcab3098e040494bb0e
SHA256 943b27009d41801c5a649caf680e32d4dd25de002787a4ccd86b0925b3aac3a5
SHA512 da157570afbab7be135f7749df7f4518df1452ea24f98d8f5189430e732ad06ed438afc701cb70451bbc7137b5f35a0c5957df92ecb40d47d54c1071ea79fba1

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\v8_context_snapshot.bin

MD5 031ea03da08fe1247280cfe781658791
SHA1 e91db50ad16b5a5fbbaf4118672d60b347ea6161
SHA256 c16dcec41919a6d2850214f2275824be8a97d8c5e694e2ec8dd7d16ab2d5015c
SHA512 b3d6f282761f8ab8760728ecb108f64741f6f3cd2a143813042ff63a3b6604fcfe7c1feabafb65f9f67906217edb5851f44605a34f7a50ed2058c25ce5efb30a

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\vk_swiftshader.dll

MD5 8bb5fe3b0efff8c1c9dc70d26ce4a842
SHA1 b5e6467e53189a8f48cd577819a52c77ecb07247
SHA256 8981534e7c4c692b8a33fb784270cfeaf40ed7dedde0871c68aea1b0381f0e7b
SHA512 26858862dfae9717a5001ab5e6d310a880ba6f13d09b7f16dec3d77bf7e6e9fad670c012d3b9990a368f3d748a8921e7f3960dbb7d7fad1cf97c6299b7cd5cff

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\vulkan-1.dll

MD5 c286e1191c5b91130b6d16e23cbd44f3
SHA1 8231664efdf30b07ff0dbc6b6f4e4d46ec574de0
SHA256 8d4b92d08f42bfe9d30362b9cf671fd6ae3166ade44f94de17dfc531393b66cd
SHA512 5cd07f2edec7bbe8684ea291a9d1dd3709f6a25c55fda3d92938eaf9c3b047ec481e3e7f3fc64973f6833422ab5880f1318a15afa666e2dd207763c7d3822bbd

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\vk_swiftshader_icd.json

MD5 8642dd3a87e2de6e991fae08458e302b
SHA1 9c06735c31cec00600fd763a92f8112d085bd12a
SHA256 32d83ff113fef532a9f97e0d2831f8656628ab1c99e9060f0332b1532839afd9
SHA512 f5d37d1b45b006161e4cefeebba1e33af879a3a51d16ee3ff8c3968c0c36bbafae379bf9124c13310b77774c9cbb4fa53114e83f5b48b5314132736e5bb4496f

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\bg.pak

MD5 56a5819882196e151ec3df76c6492e54
SHA1 011a72188c91265511222a8c5074cd94c5823869
SHA256 7e052c81ad3de168d80f9343bde9eeb33ee5d903b6cb13058e0df3e1cbed4a74
SHA512 2ebd808447f2dd8169c1d1dc049f8749dcf634684e7793f86add1bcdefb5793d98263b46b1e578ad971c2a65ef7704c14372ee8d3646e2e79f93132b6e31eb87

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\ar.pak

MD5 14b9981f3f67b6ab1707764ad71d68b2
SHA1 dfdf09fa15a755ed31d7bd38ed95f9bc761bb1f0
SHA256 363fca654f804c741ae23e5c4c0f67e82e7fb39947ee0099ccff6ec5b4ce2265
SHA512 c42d33f27d87d731f367686e649143bed79280ee1807603839c9e46373707391c75d7f30cb47a0533b6b2075f8b855ffccbff728d39b4d94548f36a6567b77cc

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\de.pak

MD5 8569900305a5661573f7766b93909f16
SHA1 3529376f54e32c17447b065d08c77314c4db2ec8
SHA256 068ba3e34e7f253fad7dc526b1078aaa969bea044d48171925534598aa8becb3
SHA512 d544febbe20a9bc5cf31f79f7ef74c1a742cccc99136e9828187c9a643bd0317c7cc48706346ee1a3c9eda8984be9c8606e9dfa7a6ce2cff49db2d785c2aa1c3

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\da.pak

MD5 4bccba46add5ebaf6efd4ade3c42aed9
SHA1 e48dcc2de930bbf0ea8ee7b735ead321dadb5be8
SHA256 2497368658a988e4eb3f64cd17423ea04e7555b104d43c8996c0ecbbfed5f74d
SHA512 e2059e2a7f80353981eef6982a7da006fa3753aeba9aca5279eef71aa2fa4b7adbf9cbb17c85b8060359f9e871b1a5c665226f8d3b8a6fe49f908fd44e1b46bd

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\cs.pak

MD5 ff919631102a3a9ec635b3080b63e305
SHA1 e43b117ad5b2d5b373321ab0ae63dd4bc1352a89
SHA256 1b8c3add009028eb567b0094759daff29b7861e11d5a9d864071012200e9735a
SHA512 21833774413cc71ba9c0c592504ae6288e3c8ac4e5d1d62768f4b3eca09e90009abec5e8fadcb4e7d63b99a522ae48fd608aad432eb4165ec7021c8888ad7df1

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\ca.pak

MD5 0312c87b6436e733a037bfb3084f7550
SHA1 e3f30b8f3bfc8ddbf4b8f85f845733ed5ac8c632
SHA256 b6c895fbca90c36ae2cfefefda989922162a2cc259603fbca066f0cfbf43c4ff
SHA512 24b7780211b9dcaf7cbe3915851c7b873562e0cff022c29ca1b4e159b9da152b517305f81dd33712a0224fc3b77e594405e432fe5eecf29b7a4f83f441d6905e

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\bn.pak

MD5 fac2c752c57175a4b1f4630e3667123e
SHA1 a2dbcf1dd7b3cac499b9f782c7393ab438039584
SHA256 71f99a67bb310fab8068eeed7ce24ea7624a66051ba4e719d051cc7e67e78001
SHA512 4820704bd92dfb60736da5b84c8bc9135fca484c678585ec9d26dcb90632e382f354d03b539599f4816feb027dd285ff06ed8a520bede56d7a1c590d942e4250

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\am.pak

MD5 a2a17bdd83467a027505bc817d1ac028
SHA1 cc1266a22606a1055db9653b82e90c9d1f551d44
SHA256 f92b0299185d963337e96df1016e1cf5ca335e22ff86568c1a6507c3fea29094
SHA512 193c5db0a30a3c8ef5e8c821cafb9d0b5671b7e7821748c7b432e927bd4638ecf5bfc1d99721ce89fb3df4f6f23b5e55d753430e8ef2bedd1e1633e613321028

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\af.pak

MD5 198092a7a82efced4d59715bd3e41703
SHA1 ac3cdfba133330fce825816b2f9579ac240dc176
SHA256 d63222c4a20fa9741f5262634cf9751f22fbb4fcd9d3138d7c8d49e0efb57fba
SHA512 590dcc02bc3411fa585321a09f2033ca1839dd67b083622be412d60683c2c086aac81a27bc56029101f6158515cc6ae4def39d3f246b7499b30d02690904af0d

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\es.pak

MD5 4ca91891b2d4670d02931f0ca84e4744
SHA1 85f6559b09c80af2575e3b7626842c10081e188e
SHA256 85fff1ca6bd2527073de03fa77dd013db2557a57cce1fd370caa2b185abb9336
SHA512 83eae7ab2f03598c657786bff6171803b6bbe2128d1a5b8a01d9a13337113632279712dd8ffcd3b707fa6052a936d92a57cb67d848c77ee291e75700e29f2bf8

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\es-419.pak

MD5 02452424bb0cf6ab832808d04883f147
SHA1 a8e97ee52f3d97c1a4c678f7578808416e9fac65
SHA256 1b23cda69927c77764bda121ee398ffefcf5edcb5866432aa3526c378553c9b5
SHA512 9e750b26ab40b5f1c075acbdeb15a57cda9e6bd8049488cfaf368b5cbe8cd9b6e5dc96130e4137370c90bb0777b97515ea2be0787e255cff750fb7e188e22ab2

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\en-US.pak

MD5 3f6f4b2c2f24e3893882cdaa1ccfe1a3
SHA1 b021cca30e774e0b91ee21b5beb030fea646098f
SHA256 bb165eaa51456b52fcbdf7639ee727280e335a1f6b4cfb91afc45222895b564f
SHA512 bd80ddaa87f41cde20527ff34817d98605f11b30a291e129478712ebebe47956dbd49a317d3eeb223adf736c34750b59b68ad9d646c661474ad69866d5a53c5c

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\en-GB.pak

MD5 502260e74b65b96cd93f5e7bf0391157
SHA1 b66d72b02ff46b89ee8245c4dd9c5b319fc2abf7
SHA256 463af7da8418d7fb374ebf690e2aa79ee7cb2acc11c28a67f3ba837cf7a0937b
SHA512 0f0f9aac8e6b28c1e116377ab8ee0ffadbf0802a4026e57aedb42d21c38fbf70159be9e0314799c1de1f7638fbbd25d289dff7cd2c9eb7c82e1b62b6c4e87690

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\el.pak

MD5 620cc46545d04f4bb05652f42fd7744e
SHA1 df71bbc5adfd264722f6d49b96027b22f7c94412
SHA256 085bbdccae5474f7446148e52c9e0151cfd8471475e85831637db207a091ecb8
SHA512 f37cf4d073579dd982240bd44ff07ec3518d2ab64ea6f644352f16bae4118949bf805c243db86c7c6533e5d1e0e67c35439ee27c5c1870631574cd4fe656d845

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\et.pak

MD5 74eda453b23793ced4480ea7a595fe44
SHA1 76964af9c8024bd84fa1d89f60784e7ee6569350
SHA256 e2d38131a5ef4b0e8438f45e8c74c56bcf666760d4682120c8071c9220230555
SHA512 e9928cfac01f10b040c74e63242ffa1f7f616d8598f49f0aa7ddad063e18666cf5649cc65d00b3526526af8a7b46ee3b3655da22adf46aa44c0c6a1c2ac4dc7b

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\fr.pak

MD5 a7c88eda9e12b6dbd432c544767acbe2
SHA1 81f1abe537870f7888431e820b636b17b5213835
SHA256 a4d0e5a39241a6326143afa4c8ec881d6edb0382c66425411881946f98e053e0
SHA512 88ca203256aaaaa26afd4a0aacb6fba2eb41618d09df6fc6aaa80ab8d699b30e73c373fa75098b1ec4912c042341dd1c79ee3d04f98b4bd59a44481d350a7988

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\fil.pak

MD5 0b7d25d70a2d94a032b7ff7faea45a75
SHA1 d9d473b2ea936ffea4f751d8716cb03407a95785
SHA256 a737a14f84b10b2e3c9ad4d147b430fd30c5ac0e125d5aaaf1ea19b0507de5af
SHA512 e4dbef6fae4cb56c3cd7bd5dbb239b5136eb2534a17cacbf628f5e5d77bfca924580ad4e4d0ec580ffaf94d6e1fafad58e9c5f472c3a3ff782702ea5eae2aea3

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\fi.pak

MD5 fa7dbd2ee35587ff31fde3c7107e4603
SHA1 baaa093dcb7eccf77ce599c8ff09df203e434b60
SHA256 5339b8ca52500bd0082e0ba5a5f440c5f04733803da47963280479760c7fff2c
SHA512 587f6d0e216d1688227345a8a75b94848ee710ec633fe6805db66bb0e8cad1b8d24a1e6a7e234061516770d881571166c78d8fa1c40e6335f3dcb1339fbffc14

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\fa.pak

MD5 d0694866c0cf2c338d073421c6be9f1c
SHA1 4338739df90e93225c3af033376dfdde9e978670
SHA256 46fb692141809876c5e6e7f1795f080edf4cde5ea73241b95f19e61cc1dc52ec
SHA512 6c9f839ebbb688ade9f19377181f593671d8058baefdee1f75109ff8ca0dc56ff69e1435aac5a07e03b47a2ee42ebaf81f837b18f1e2508548309cb5f7f1366a

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\gu.pak

MD5 db4b043576a0b8c798cf28efd34b6e09
SHA1 0578909e777b9a63398b5d021a3406ee791c221b
SHA256 fd97400048bc7c21a9d18715cf57a0e25056cb79b4d34b61e9c28c6477151660
SHA512 79f5273dc69d4e30660bc2388f8d9962a34ae0b3268cd9bf4425ef666eb05c746f2b4c61b7cfbdf3f8715154c88a12fa3225fdf2b93c2226e2a16a86e23f4ab3

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\id.pak

MD5 881ff04e220aa8c6ed9d0d76bfa07cb8
SHA1 cacf3620d1bf85648329902216e6cdc6f588a5ba
SHA256 9210c4c4c33e7ceb5f70005a92a4fd36ca4facdd41701fdc1d2ce638db8adf22
SHA512 9134102928aa80c49bbf2b862e8079b2ee23636ce63412a4c3813f234d623ff563f5ca1ac407ddb77cecf1224896ed59ae979dcf63435d35a4f13de9c22755d5

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\kn.pak

MD5 de5714e238687f8bbaaea9ae7c6c3df0
SHA1 a56ec3aaddf5be23d9afb4315cef5ea90237bdd6
SHA256 9e79b868a325d494819a30e5b5e4127d0925cae4239ed1bd016fe6549f090a41
SHA512 572f4bf60d8814cfd8ebb653aad73c6785b7e29bcf6ac3c85b22f039fb79099d0c197083bc22d6006ddb88bee84faa584f9f6be7a25a97b3f5782307ba636db1

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\ja.pak

MD5 c294012268f9e611fdc2904be57e45d8
SHA1 9ba4bd190ced7ffe053fa74071fc5836bdebea53
SHA256 21cd7ae581f6d0c19e90ac7df03d7dd5305b882776a1f091573f824bd28514da
SHA512 d16653f30617e52a040c5e033896a71055fee9992e54ffca5029601bb62a41b9685a68655b9c8bf7a7ba54a914836a0f7a49cccacae0eda180a6b68c0471a268

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\it.pak

MD5 6629c344b6e5ee8fb476522627b34221
SHA1 28335e3c96a68a560c68756860394a0a86c21870
SHA256 e76c3f15529fa7cc088dc32903c6885f4cfa170a1e0144710b05965f3210c31c
SHA512 78ca2ebf40d6cc3eb7035cca78364be63b8eb69e27caf2cae57e3489b39a9e443409e800fd95e1b646d37655c37ee8a9ae1ab344b506cf65f8603a6a3ad892ed

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\hu.pak

MD5 eaae7707ab0541ca1cd597ca8ed32f97
SHA1 3adc207ed214985a991cbc078958c60f18d3e2a7
SHA256 dc40b88b816433dbf8d0fab5e859e223ed0dd6f8913dd1b4244c39f708058343
SHA512 f1e9f47e92f01b2e1c02e85509458ea0d86178f37befbe3521fe7a3ed92353135818b8a53c658a87a54d9888adbec41196a4ee821f70e997a6aee1a27095cc67

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\hr.pak

MD5 7dbd4a9de6e30de028c97a7d39f8038a
SHA1 18d68f37b3c5eea3a2fe42c4ab1694a439a189c0
SHA256 e1c793e08e062043cc65271718d9b21d5742729dfa2e076ab012e8a008d06c04
SHA512 a18c43257d26380ec14ae0259cf192257fee0c6895b82240c3b41c5d6e8bd6f8023cb39dc2da0701bbcf05e8eb2cd13c84af971c28c94099a6d0ea02ce745ddd

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\hi.pak

MD5 d726b47b17ecb120ffab919839f1b0a9
SHA1 785de6424f63734804b56232f1195e6debfd21f5
SHA256 ff305044e5dea2c9be13285f22dbffff969363aba121aff4a22234165e83b5f4
SHA512 a7174e49b5d39e1ed68755c98992c61987c888f8933f176e7585a938a692d602345d80569ebb0f707ab1ca6e22944c45a5448edf57675e2f36eee8ce16669604

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\he.pak

MD5 7158376838576d8c4a1b217440af6298
SHA1 598136bc5f54438d9c58f3e0e5f6de110ab668d6
SHA256 1871268d46b6c6868f96bda6e70dcad75e65b62229a53874592575e18769bd86
SHA512 e1a0da693fd2d3bb4f2d6013506ce5172bf53588c04f27297c2224a68350f2737ab01ae91aba5969a453a8ee796d99cff083b0fbd8caba9ea2fd4ac6b704b88b

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\mr.pak

MD5 eef2f03ad3c34e075c01dbb181628c51
SHA1 13e8effd0281a547ccc4d87dbe5e35a2da45c696
SHA256 5917997a6144b889aba0c957bc61b6fbc4a9e4cf252e5ea5492c63e097aed47c
SHA512 b1027c65b7f2d2d4223536cefdf8d3c8c85092388c26220bfca16373ccc8d06dc3d68d56c1b9486cfe3ab8b7c354a39c5f33731f33a353b66b8fd2b1396600cd

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\pl.pak

MD5 f7813e5d9b62c1ffffdae1661dd6f288
SHA1 f44ab4202443f41ffe4d1693ccb5ec81df2d4676
SHA256 c4e7e3bfd8ec4858980cfd4ac61afa0367239c72133dbcb54370986111ee54f1
SHA512 6b2f0c192b01390e3bc40f50751ebfeee32dc9f9a2ed8d7938ddcc89f20728857b93c1287e910f4d2d21091613cce533a17818d535cd997060cda9e88a51da0c

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\sk.pak

MD5 675eb9e678ae82424065b9dddffadfaa
SHA1 428d15628f3470d0863faf07d39bcd6341806996
SHA256 022ff93bebd6b5c4d92bd255e066366f3f4f64a9312d43725cf7dbb9805f78fe
SHA512 55d387e87c68d9ac49cc9922d96ad30955ab8025f76a300c97649a012f703bef68bb04e0ec8cb1762f8c49021a33541b6261723de85f044deecee20127d1a800

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\sr.pak

MD5 fdf9fbde9fc2100ceb288c4f6d622cbb
SHA1 47878bac9714d93ab969e9950246c1f09ed61c73
SHA256 ca9fa50010a60126ff4f2f242e859a7bb6ae6623382c22c29e35ab2cb798a89e
SHA512 ba901f7adc6571be8280e00e38d724b958d229edb6b1a906741252104af7227f82c43661f2aada913a8c0ab1da8d082e5ad2f27051361ec0b0442abae25534f1

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\sl.pak

MD5 8f268fa4d447d997f5badd116c814ee3
SHA1 df9a721333d9dd3a8545085c9d42a3ae373fb6b6
SHA256 60bc0c36218fb293cd50a4d719333bdfcfbe9b0f9572be46f9d43c6aec0ca2c9
SHA512 27324e7048f286d729971dc2cf7af09ad777ff46d2d201b0521dd9e375b686f980e501b63a655c6c8e8ada830185bcbb916f220050efb629c72ce98a298c40eb

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\ru.pak

MD5 10684dcbdc55f1cc674d9317e0da7887
SHA1 8d6447b754392761031f9c5467b632ccd179b5d7
SHA256 ca1ad2092787b36f31b9a856d5261df06e7a492b7405dac025e20b0cf0962661
SHA512 9cbc5ecbc2365e7dcfd8c3fcab3ff8cfe575ecd28f57d56eea021180032396c9fb3c22977f5c1c15adf51462a3fec4be97dd405fbe9e955d842723afe5ee8351

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\ro.pak

MD5 6d0bdd8673b1719d8a8035ad51f78fe4
SHA1 ccc7c98d60327b60fb167bf3415b61023a1dc79a
SHA256 973eec9de965cfddc06da9bc3eca6eddf49348103d425181959a9462c3196eed
SHA512 59a459d604397110439b3607cb7fdcdbec5033547186c47fc0729a2d3638c9b8352e3c23213026c24c8fc2411cedc190dae84acb61f0ddfef0f789fe4c1dceb8

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\pt-PT.pak

MD5 a3bc11c7bc7a83043d86694a38d6834d
SHA1 a6fcc233e99f9273fc2435b4f65c196a069ed0fc
SHA256 f655c51241193911bb7a07c964bacc29a9754911ad530a94dcff254284f8c700
SHA512 198bb9eb7c7db5523ba1919f4b0c0270b99e2647b8813051049b9aa26b63e3e351be6fb20a56e220eee196a82e7b0f6f479774ba77b6ac5511a7d630c0d576e7

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\pt-BR.pak

MD5 de08a7fa1158c8e43717f551bf51a2cb
SHA1 6cd32a14f1b3cc46386f5238c4e4b5538322c69a
SHA256 c025a4a2384b142f49609ae50041a1de45379c2d9aebfa6dcd349b997c4d60b1
SHA512 98f7a393571da0b19dd0dca6ffbf5e9152c043c989be218d7ba9aae81220bda722d1991e92e11fc6ecd8de4a70adfc3ba4005f9489fcf4687804bf58a1748510

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\nl.pak

MD5 f46d130db4509165c2fa625f0db22885
SHA1 d4bc317dd37c44e484a76f69c20227b5899f3eb2
SHA256 2d0d4efa0e5b336402862c187ede08899070825c41d1006e06f571e58118eb19
SHA512 356db8cb36fe5e081f32a06360118eec8fe2fad5882931adf0dbfb5529d81db732bb8a8af0571aee7e0e668482696e3f01d2995f47cef5e6633bcbdf9dd52fe3

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\nb.pak

MD5 bbae0915edec081b04bb903b689bc40b
SHA1 6a0fc635ce1c431e512b8b3b8448176aa4025556
SHA256 d565c6c95dad89d3f2b7210de4ec3fc437633de4dcfc994fde0704b92bb53ff8
SHA512 573a9fe43213829a6a4b39e67be25bc330b417750ea6d66e26163de7a80c29f6f5deeb841d9ff8303595943a81fc01ab668aab02a5cac4eda078ed06120138b4

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\ms.pak

MD5 6de7b004a86967a3433545b3b38bf89d
SHA1 113bd5b28dda669b27c798e0b46fd680f3a04956
SHA256 ead5a37549b98d55839ffcf0dc8f8201d37d71968ec9138fdea79d7c9b79549d
SHA512 239c4acd2c0b6c08fb92fd95b89a302ddefc01ea843950a0247b7310c2b024383ae98286c2d4b83b99833452c41b386e047b2ef33610ef122fcf2f439ef43726

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\ml.pak

MD5 00292b0801e0dd0a74091bf53f1574c9
SHA1 63a002e7a8796bc4b4459a19c95ce426fbd1ec7f
SHA256 61a372f170de0a22712be980c3c78b22035ebf40ce79332fab75cdcc4208c9e6
SHA512 e2e15f66851aa435e3bf4de6672f4aa8b01204d8efe11ec6ee9a51d9877ec4f2e71d7e9547d6eab9bfa04af1bea71fa72aa4963fa08b48717bf1c3fd21c00cd5

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\lv.pak

MD5 cccbd7f8a0c34c7094ce4d7b8e7e0588
SHA1 1a08401e2dc8c59200c4ecaa1886b43b6faa6979
SHA256 7467360f9addd4d8694e1508a6ab3a3e00dce57e5897d5376ad27d8e651b23d4
SHA512 2cc43437f1cd8d5fda0e95e7dd117c9b82e90cfed58ad8f492f46b4634aa01cd1b0ebe39377231a0828fc1ccd39641e4efc2f1210d629f9aba12ea9048accd95

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\lt.pak

MD5 7b6bf901352885c0699db71239b7cf24
SHA1 9e3ec5f327c0d0e54a449332061e60a8c79243cf
SHA256 9200a9509bd77834d9912f4ba8f4219d2b9bd2cdad49a11873db30e99b9d1350
SHA512 79ebef723fb4c17581eb869b4b4e1a364a3d28df0e168e7e1a3583e0c1ec5b9716dd270925c0545b8247421a64b03705f10910fe3416900de9258840c470d580

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\ko.pak

MD5 ce19dea7b7d0b9472f99427de2b307f0
SHA1 9c84dbff9927c052dcb9818ed73bb272abf9054a
SHA256 586f34de2c7bb0e92fc376f3ad962bf9bae1a768398459d39f8ed06b59d8ccbb
SHA512 9a6c84ef9bb03be9ce96948bea94ec0ba83ecbd06ed648acab9d6fd27c1ab85f011a5670591da6256781dc147fc234d627cfc4bf5eb29bc2c8bfc84aaf89085f

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\sv.pak

MD5 14ecf7684d7987950a9655258d3a72be
SHA1 b1506b3b4be332081dde72bf54a197b1ee0bde66
SHA256 690a83bbefe1e97de5d2c1c0791707e8ddc3414a12cf30b79329fa5d21840d6e
SHA512 fd9d36c63b00bb1caf6a25f2c797f3a844395f16016a9010819462d647e8e759fd8887e5eae3ef300871f4abef05f4ceca9edb5b30ffdd56efeede9c75f56e30

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\uk.pak

MD5 0d9b7f3ce815f7bcfd63ee3492350d52
SHA1 6138b5dc296cf406b2314b8b797f9f96de2b40fb
SHA256 b86358579a9cec015c996c6ae862ddcb8cb558f30eedd0d0b9ef3cb18c3cc130
SHA512 17d874849e5eb17bff2ac98c8191f9f38a07a66eccc502122c0ed2bdd6af94eb17db1b0a2477a75c1fd4f3ed00c76b1818eac5bc4093d92eca0d0a5323718cc0

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\ur.pak

MD5 6733dba4f3f0afeffc40bd87300b9d6e
SHA1 610aab026d25f2cec6c636fbaee922c099d26ef2
SHA256 d0c8ae8f4f60f04d4eee8cc639ee3b52ad073f5c9ee6fb84c774eb855fd51e9c
SHA512 40c1cb7be3709bb6ef01a4e66bfd85e20641020a800292a2a14f4cf188242aa0b8d42cabd0f323acd3d2f257243c7dc04b346a39475343c761af7a1833c3366a

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\tr.pak

MD5 0662e2b67524444e843d0104adab0b7e
SHA1 ec39112f57e28010295398c24c6a17e60a88fd47
SHA256 e8f86dc87dbf11935863efb3a5af8213a97123889019e98a7ef313b488088790
SHA512 6529083d04e777be3cdaa14f06bb6b3a3d26006ed9d067f7a1bdfcf669856cc6340bf0caf90bbceb75666062fac1bc02ca2d2cff94c6ca5627ccaece6f973a65

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\th.pak

MD5 d34a2993eaf0ee6bf65c3729baee426d
SHA1 d796911e57c89b11a603c645dd0e32aad7819d75
SHA256 7870b92c64f7776c469b4d19be8881ce30a5263cc8287c3d7de573aed43c7dba
SHA512 eb2f4b3cb7741c996acbd121d0c69eda6cfac6bdbd7b8036dc6394ed7e49c9a45641c7983431b5f8c5db685fc7ce958e7c9f5e79837b381caeecf009f79ca4c2

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\te.pak

MD5 28f500e12a7b91d91d8f99395fce8332
SHA1 885fd6c78259ae38f7dba3887f7fee783c1766bc
SHA256 06dd7ae122d6f1f394aeb85089a9c837ec05dad627b0bcc92863ab2830e971c9
SHA512 6f0fe4a527e9c53a41d20f95cafda7a2488bab310eecf68c98271a2db6f3efe5d2180e158b5018a9c56a0580b0735146f0ae07d884f564de1e8780956a10d190

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\ta.pak

MD5 714ef30e819d791b41ab093d515e1704
SHA1 5410b58dcaa0bc82146655ed56493581d18d5c04
SHA256 9be97a18356b05ac4c3aa2b7e719eb29b47d8ad406aa50cf0f24bdde1d613083
SHA512 a35074a54dc12a68301553345c69f02ad31bc010690d5f4c4fad5d65b3fd9c3f7c3ec7e3637673d250cb33496b93a9582e28b5210d11137bc0bd5b2e219c0aab

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\sw.pak

MD5 9632dd7d883fa4deb3963ea663e0ffd4
SHA1 0db135be4b3a7c54c39e9df5034d5576b68ea92e
SHA256 690027c4a31c4aea00b7d1b32ec6cd3fa50b1eac412ae273ab15e72eb485dd6e
SHA512 3aac1857784dfecd2ae5f7c4056f58e27a966a6cb949e02eaba56fc1fc283243ed6213f17628d62d435e33fa4771eb43623f25da6510aa4ce6f2149f72ab0d37

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\zh-TW.pak

MD5 032c4f24764d531d0de876f1e9d51dc9
SHA1 6662a5e3466c1ca415e219634cd67863ff830b32
SHA256 a0a715a3ef1ead036f0f03d02a8252fbdbd52ce6f8cc5b9298fc1c4494d4e508
SHA512 3cf212a638cfe9d08e625f7f70d453263e44721be9550c2aebfb67462666a8d67b87cd2ed613cc12c7d1fc7d1c1368c7d198a6669fa3a10c2c2bf61966c46aff

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\zh-CN.pak

MD5 37b051269289e0eaafd411d374663135
SHA1 fa94bc7fe89475f1d5e1c9a2d88161cc992a638b
SHA256 4ff334da089d2ffb9c6173de7c918b74c9326ed7bd76317b2696d57861871488
SHA512 357350ec552765df460cd66ae59ebcc771df72431baa380247750627ee974f1859bfa423461a2197d4e608063d021faa7fc94bd30c6fe2b1a0cf9b9f7e64ea73

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\locales\vi.pak

MD5 5b8fc875f0b57ac7793e19e0ac6f4899
SHA1 b8ec064365fc29a70bc3a8d3df0ef222ed244fa8
SHA256 ff3cdd834569cf9f957a444ab8a51ebe673bd26d7c907a907aedfeed248d4890
SHA512 f3a9ad912823aaae0d089cf53151cfba0b6fbc2cebf826b1b7c70fec03bf3f967e440558fef94c990c87349b82c36379bf645b828ab6b69eb9f396165dd6178d

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\resources\app.asar

MD5 7045e0f7b9fc4380765bb925bb075258
SHA1 96b0d5885382ff51ad3159851b55a7b69d14c353
SHA256 bcffc69cf2af875a6a2add74e4991edfe4ffd078fd624f1f78a8327eef313579
SHA512 7ee262aa8ed62bdd8e95ff61621b62f962c7980ebb9334a65f050b981eaac092c221902c9178ff3881b7555da9e0005e4373790962d863f82d214e8c9c9c250e

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\7z-out\resources\elevate.exe

MD5 792b92c8ad13c46f27c7ced0810694df
SHA1 d8d449b92de20a57df722df46435ba4553ecc802
SHA256 9b1fbf0c11c520ae714af8aa9af12cfd48503eedecd7398d8992ee94d1b4dc37
SHA512 6c247254dc18ed81213a978cce2e321d6692848c64307097d2c43432a42f4f4f6d3cf22fb92610dfa8b7b16a5f1d94e9017cf64f88f2d08e79c0fe71a9121e40

C:\Users\Admin\AppData\Local\Temp\nsfC548.tmp\WinShell.dll

MD5 1cc7c37b7e0c8cd8bf04b6cc283e1e56
SHA1 0b9519763be6625bd5abce175dcc59c96d100d4c
SHA256 9be85b986ea66a6997dde658abe82b3147ed2a1a3dcb784bb5176f41d22815a6
SHA512 7acf7f8e68aa6066b59ca9f2ae2e67997e6b347bc08eb788d2a119b3295c844b5b9606757168e8d2fbd61c2cda367bf80e9e48c9a52c28d5a7a00464bfd2048f

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

MD5 6407f5c145255c3786d5971e633ed7ad
SHA1 7178d92f41a58c0c00f98b69327ee27b2892357e
SHA256 eb3aadb7471b06c33b097ad3c26a0e948279e259a2cabde52aabb27e6c1e011f
SHA512 571706203b6e23dbcfc008e6040385bd64dc71b44de8749365f8ccdf1657d1ee56955d57101bdf2b6e16392c7c0db13b7248c4c1246a6bf7be5214186be6e950

C:\Users\Admin\AppData\Local\Programs\Launcher\ffmpeg.dll

MD5 0f888ef4e9b80f9cc59ea471d0584efe
SHA1 bea5e130c9c2e97585c5139990af6aaddd180ffa
SHA256 6f970c9f17cd59e565b9cfb094719b4086ded2967d6ef09357a9ec1d5976e4ac
SHA512 33b9388abadc31b8ad8096dbb5b9c66b4f25d50de4a575d4cd82414d4d803d178c97e101d32f281ec95f0d60fde4fa9450cc711e55503d8c2c272c4dce7c315f

C:\Users\Admin\AppData\Local\Programs\Launcher\ffmpeg.dll

MD5 0ceb59828ad11106d907bbb51365011e
SHA1 e1fa6d7c9b691f17b9604bffc55fba09d84ae8cc
SHA256 a0c982647dfa5ccb86603a617f0c6b125d3bb1e9c6ee87b6f95e649c84c25069
SHA512 57fe63a8b30534637bc4196f1f5826bcf8ad451634aad030c729294787f2ce8402f0f3e9ebfaa6ef8e38997ee01b06121c7851563a315f0817afd0c80da88f97

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

MD5 04aa3e911b2d3203e5716e06206f8cb3
SHA1 37368cebe7e89cdc538d2ded97cc4669b16b4d4a
SHA256 4985feafa59767c0cc7f5156a36bf3f557dcd01f70923f4e5e41a99a675d4689
SHA512 3712434ed5f3cb06c4a33de7a3f9a2f045f7c2b2a77d77e925419e9b7e20307153185650ea18601c50f63e79a0c69b6fb68532c345933c8c7a1f9bd95fdf8684

C:\Users\Admin\AppData\Local\Programs\Launcher\icudtl.dat

MD5 85afaba6e186d74b99c2c5be111345a0
SHA1 01728352f6dd66243274b5ad3f0b38dda4f1e12a
SHA256 591d6bfa8d4ad1713526a08e14b2b8045233336ebd213a67a84737126fd40ec7
SHA512 516ed4d6737e4447ad06144056923b18d020ca421d9e1f287933133c93d496280ed99b6617b8be29e10b1e7a2382bb6f76e22a04c2d9379eb5dba625037656b6

C:\Users\Admin\AppData\Local\Programs\Launcher\resources\app.asar

MD5 543c1b40c58be1ff9d5bb2ec65b4f848
SHA1 c257cdc03a1733afa86c8dd35ca816270a3ebc6f
SHA256 95d7f5bc97a98115b8c2bf4df2ada2991ef02d69f398fb32844086a6843e87a2
SHA512 7710280790fe7abdd14302dc1d587a6c9fafd445a08f79edd017fd3d7da6cc3e51fba88d7263be78d35e3930a55f50472070d31b09061daa529a186693345eeb

C:\Users\Admin\AppData\Local\Programs\Launcher\resources.pak

MD5 27b4593e499058b5f6d6ac9d2766d6f3
SHA1 b85cf0314ff957190b6078f8fca9160dbaa9f4bd
SHA256 110e94bc2552f111c041e225790d73d4c9297adeeb6b041003c6cdd1ba32bb25
SHA512 9a947e9827d438e0cb360fb50f0db91436c5a07beef9775ffab8fd185553f2d3cdb43ef378aba9a18448a9d65dcec588ce78c51966048fbaa69498a4148a2e23

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Programs\Launcher\ffmpeg.dll

MD5 d2cd35c38037e2f9d1af52795701392f
SHA1 4675bcb4bd7d3ce61e7d007d79e1352ec519f181
SHA256 3e505f5666dcfd93b147a87dc024bdf69da9b35918b2c3f04f4ba2df4054f010
SHA512 d73a80a20a96813c44c182b077472bad88c26d5e21453075cbdac03bbd43be2e37ef90eebfb96a5930c38794dfc6ae96b9709cd73e0b02a758cd40e0f5bfee63

C:\Users\Admin\AppData\Local\Programs\Launcher\ffmpeg.dll

MD5 4d1b63189c6b2378acda7cabda68e4a9
SHA1 2990d4b9ba51fad005672e5663a838d067f7e789
SHA256 025485ba3c66be2b02bc3b19318b58f596e8b690675e476235ad16186700734d
SHA512 c0615de0cb30e5f3f94855c8b5e176af0c6b4e023fc4b01d2c674a6c9c4a1cbc809d364ff37b28449b30bb6591d0a4eba3749702c249694d69e5f2034e943904

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

MD5 b2f971bae2a7f3827b71bfa7d32d7fb5
SHA1 393d8f2e8424d58171eb5ca687e0e80812fa1d8f
SHA256 034d4c17b064f57a3ae0b239737641dd243efd6687e9fa73e631605946d730bf
SHA512 80ba681b0821c87b7629faa112a45efa84193d0a29d06aa33f48547e400111d996bdd5df4b6ab78defa06178ee2fb52806b7081b1e9caf93b8d47776fb543286

C:\Users\Admin\AppData\Local\Programs\Launcher\ffmpeg.dll

MD5 9c4b6dde11ab307d491041e12ab8c807
SHA1 bf887430cc6cfa73e20164bb4bda3e18a896ee6f
SHA256 6af72f0ea4f8d1f815d7e9b51c1acf09d55044e790190de94906e6d271a4658b
SHA512 1563704bbabc7f0ff18cb9130703d4ead42527bb727d1d4c358be3b668907d443468bbcbd074ecbc36b8c91408fd1e26cbef54a0ce58e72d468618120e9542fc

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

MD5 0a77884cd3bf22244ae0d8bfbf024181
SHA1 d82aac29be2df830bb4bcaba8b615487b7f6b289
SHA256 ae8fb665efd1cb090bd8c8a25951d7213470de7d27e8d0fd7d9b667ffaa39e79
SHA512 c7362f4f738f64c82011a31c81b6b315bc42f8c3a358d100f666c3d92e74a093839bd3fa37c713c18f2b683bc2e688597cdb36fbb71be168899198f01c4884c3

C:\Users\Admin\AppData\Roaming\Launcher\GPUCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

memory/3164-3916-0x00007FF9B4F90000-0x00007FF9B4F91000-memory.dmp

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher.exe

MD5 6945b61725df2f3c48cc5da716667034
SHA1 4c76477d208fdc3ba92e194eef8d68109963c1a4
SHA256 61c4045d9f36974c14dd0449ec21d5f07957a62a23882e5279f93b7b59dc7933
SHA512 4411f7df07e2705979d60ed5a25a35fcc169cd5867911e9d208a73c331b95d2a5103ac655fce2a5e05d3bf850f7c445d0db5ba58b5393e26dbdd21e54d84ac01

C:\Users\Admin\AppData\Local\Programs\Launcher\libglesv2.dll

MD5 bf3ee75f3fb62cc50e8a86db1da79142
SHA1 c9436040006a0de505477a7d1bdd3a01a1cfebf8
SHA256 8110dc2b4ba07c81d2fad50b33cd5054ad3a4d8b461682b0b2c441d45c45cf6e
SHA512 ad38373e0ed95ef0fef82064d9adddee7c6f3463c60afd3f5f2a11873ed6c5cac5c6fa42be59944d529da49c9834fcd1f0a5dfd8ecd20cd200afb9d07163c5ff

C:\Users\Admin\AppData\Local\Programs\Launcher\d3dcompiler_47.dll

MD5 66cc370bf7b2826a4a599ba4a45a76ac
SHA1 50cf4088208657ca1b7d27dbeecf7287be66ab47
SHA256 40140f2fe97c34c8d4c771a2164e2059053c1d4e7aadd00f07a56744a6bfd8d4
SHA512 039fc83791c5338d757e5a2eb9f0ca75a2b1289d471ae383fd6a9c406f2a6241b7c9e47b17d8b6e145219e276e3e27a0d7354debf3c49a17f8d4a9aee1cc297c

C:\Users\Admin\AppData\Local\Programs\Launcher\D3DCompiler_47.dll

MD5 187aaa9f5ef356bdf359f5fe36e6660f
SHA1 250a0eb1e24e236c1c7970ffc45d3c4c65c15594
SHA256 c96dffa9b836a3b40f1edf7493aa2495fca685051d62ddb1ff51016aa1562d18
SHA512 3cd4a95c2d251ba857a8c45e933742ab774f505cadb2072e97d6ad2bb3e0776af4aaaa4f72caeafeb919a49767db8672297eebfff635eaf4fe74ded5f0a115f0

C:\Users\Admin\AppData\Roaming\Launcher\Network\Network Persistent State

MD5 37a563e061de2644feaa34e232a3aaa7
SHA1 35604629995d1a138a56abbe91fdb7f9f417b86c
SHA256 027fbcf0f32a9185dd358b8e0592583a3ce4612c706a308677fccceacd70d567
SHA512 3de4d99903be0bd2f79273dc86d92868d91eb872caffa8b45bd4212761927825cc1ff99b5cc310fe975058ce99a2155866223b157e9209098e8fd34cd3480d96

C:\Users\Admin\AppData\Roaming\Launcher\Network\Network Persistent State~RFe5f3477.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Roaming\Launcher\Network\4ad27035-b690-40a2-a30e-39bff229daed.tmp

MD5 d57e742fffb5061d7cbdb53263fe6aee
SHA1 19df9b36bd889550052ecb6928ea351f02e79387
SHA256 659731c86fc271da9615bf6690b96ab13ed27d8082610f9b8e7d2a842bd396ab
SHA512 3d1c4f74e0b9168c6cafcc7d32d4545d9d7c3315319d5d198a7af2cd41190c84c9538e9139d71eaf4ad855f928b3c05449d0ad38ebb440b373ba99e5af930ca6

C:\Users\Admin\AppData\Roaming\Launcher\Network\TransportSecurity

MD5 e619050c4068ef13ccaedadde6f670e2
SHA1 0f6da00935be187071379c447f04c8e14d9c45a5
SHA256 dbf4ceba1111b29c8b359f6bf62c777e2142b09daabe590bc4202c10970bfeb5
SHA512 8f1f338a67c2959cc2a449ace25fc72da056e4c9fed850aa0300618e1d409d42ed35a8ce2f342952daefe4118687710e22395b4c7423fd5844d9fe9b3921278d

C:\Users\Admin\AppData\Roaming\Launcher\Network\Network Persistent State

MD5 f03c74063177a7878da6f3a73312f024
SHA1 1a652ffa705385a37f39112cbbc00169d5f1aa1c
SHA256 5da52e42eb0dfa147e235464c98d1b337748851becb07206b84d37ffdb475c93
SHA512 2efc3708d4d71eeb8be3e92756fad3bf70e675f9b9b54c69241299f12aade570a46cf664ab4061337730fb736e51a5ed9530e06fc45d0a4ea6a2077ab545307c

C:\Users\Admin\AppData\Roaming\Launcher\Network\TransportSecurity

MD5 d83eb9245309c58cbfd9502191830c2e
SHA1 b8804c24a7dc358c503a2b10b64be405cba6f9f8
SHA256 56237fa31e4c75c5086dbd04252261975f53ebb55b2944da9a47dde9c508d825
SHA512 1388e5051453434dcb53573fdfd41ecc982e1dd4b675749170d628f50380c5ef5bb22d8dfce6eaf894a51bbaa31a52bd843a4319e1aa1fe45ec85f3c4b445b68

memory/1320-4055-0x0000000000F90000-0x0000000001018000-memory.dmp

memory/1320-4057-0x0000000074A40000-0x00000000751F0000-memory.dmp

memory/1144-4056-0x0000000002390000-0x00000000023C8000-memory.dmp

memory/1144-4058-0x0000000004FB0000-0x0000000004FE6000-memory.dmp

memory/1144-4060-0x0000000074A40000-0x00000000751F0000-memory.dmp

C:\Users\Admin\AppData\Roaming\Launcher\Network\Network Persistent State

MD5 df09f519d709c6bc22d8fed28b5731e3
SHA1 9d6f9fea74d414aae6a88a2c601d25dea4debcd0
SHA256 88df4fd5c0ae2ac55c23f7cc41018e4c19f97336f370654283a74eae04215918
SHA512 347ff9ddb9193a0717e9f8a346eefc99ea9fab21afb8d1b8fcfc7d7cc6926d3bf7a6d1cb6ca6fc18dc743fa8ed1d86cba8f9eccbd3acd104568fef1ceede7812

memory/1320-4073-0x0000000005970000-0x0000000005980000-memory.dmp

memory/1144-4075-0x0000000002450000-0x0000000002460000-memory.dmp

memory/1144-4079-0x0000000002450000-0x0000000002460000-memory.dmp

memory/1144-4082-0x0000000002450000-0x0000000002460000-memory.dmp

C:\Users\Admin\AppData\Roaming\Launcher\shared_proto_db\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Roaming\Launcher\shared_proto_db\metadata\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

memory/1784-4112-0x0000000000400000-0x0000000000430000-memory.dmp

memory/1144-4115-0x0000000074A40000-0x00000000751F0000-memory.dmp

memory/1784-4117-0x0000000004ED0000-0x0000000004EE0000-memory.dmp

memory/1144-4116-0x0000000002580000-0x0000000004580000-memory.dmp

memory/1784-4118-0x0000000074A40000-0x00000000751F0000-memory.dmp

memory/1784-4119-0x0000000005500000-0x0000000005B18000-memory.dmp

memory/1784-4120-0x0000000004DF0000-0x0000000004E02000-memory.dmp

memory/1784-4121-0x0000000004FF0000-0x00000000050FA000-memory.dmp

memory/1784-4122-0x0000000004E50000-0x0000000004E8C000-memory.dmp

memory/1784-4123-0x0000000004EE0000-0x0000000004F2C000-memory.dmp

memory/1784-4124-0x00000000060A0000-0x00000000060BE000-memory.dmp

memory/1784-4126-0x0000000006A40000-0x0000000006C02000-memory.dmp

memory/1784-4127-0x0000000007140000-0x000000000766C000-memory.dmp

memory/1784-4128-0x0000000006980000-0x00000000069D0000-memory.dmp

memory/1320-4131-0x0000000074A40000-0x00000000751F0000-memory.dmp

memory/1784-4132-0x0000000074A40000-0x00000000751F0000-memory.dmp

memory/1568-4136-0x0000000000400000-0x0000000000488000-memory.dmp

memory/1568-4139-0x0000000000400000-0x0000000000488000-memory.dmp

memory/1320-4141-0x0000000074A40000-0x00000000751F0000-memory.dmp

memory/1320-4142-0x00000000033C0000-0x00000000053C0000-memory.dmp

memory/1568-4143-0x0000000000400000-0x0000000000488000-memory.dmp

memory/1568-4144-0x0000000003A20000-0x0000000003E20000-memory.dmp

memory/1568-4146-0x0000000003A20000-0x0000000003E20000-memory.dmp

memory/1568-4147-0x00007FF9B6170000-0x00007FF9B6365000-memory.dmp

memory/1568-4150-0x0000000076E20000-0x0000000077035000-memory.dmp

memory/4848-4151-0x0000000000560000-0x0000000000569000-memory.dmp

memory/4848-4153-0x00000000023E0000-0x00000000027E0000-memory.dmp

memory/4848-4154-0x00007FF9B6170000-0x00007FF9B6365000-memory.dmp

memory/4848-4156-0x0000000076E20000-0x0000000077035000-memory.dmp

C:\Users\Admin\AppData\Roaming\Launcher\GPUCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Roaming\Launcher\GPUCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Roaming\Launcher\GPUCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Roaming\Launcher\Network\Network Persistent State

MD5 f766ee2acac7c31bead154f99f38ed82
SHA1 3d41e4cd9cc80debfa600bd531edeca005a7c435
SHA256 e1ac4a438383463dc3b30d31d06ecd7ecebbc558ab1a88427bd3ccb098171526
SHA512 0f7f44e3c358e77587d0c5a67c9bbffd58635c3574de52b63c506e1437d548b874fd2bf6d318b997588aa3afa58b0a28517ff79bbc557867e2de3fbd69d2e8d1

C:\Users\Admin\AppData\Local\Temp\c4a2a65b-9607-4e68-8c0d-1c1c77baea96.tmp.ico

MD5 c6336059a143241935e629b63782297d
SHA1 e9ff66f309de70aa7118c3fdd09d9b99474a3cbd
SHA256 d7806422a8edefa3b66637911358edb7c96102eca5bbb1b3ad2f0454fe6bf7d8
SHA512 4bed43d32670b526be01879537a7e6dbadcc2368d5fd28568a9b87fc3a3b63c66007009a80b9c1a5dc21cc8e4f26a6065cc9aafd6c7d92dba33d063e45f2ae3e

C:\Users\Admin\AppData\Roaming\Launcher\cf3663f8-7435-47e3-949a-ed222b2739aa.tmp

MD5 d11dedf80b85d8d9be3fec6bb292f64b
SHA1 aab8783454819cd66ddf7871e887abdba138aef3
SHA256 8029940de92ae596278912bbbd6387d65f4e849d3c136287a1233f525d189c67
SHA512 6b7ec1ca5189124e0d136f561ca7f12a4653633e2d9452d290e658dfe545acf6600cc9496794757a43f95c91705e9549ef681d4cc9e035738b03a18bdc2e25f0

C:\Users\Admin\AppData\Local\Programs\Launcher\Launcher2.exe

MD5 4bc025aedcf805507443eb9b5e4052b4
SHA1 e47629f314aa782dab163a0d9cfa8609396157ac
SHA256 51c9f1ae87d7ce5082ec5cf440cfcd2ded4aacf927279195be08368954d6e9de
SHA512 239316de79164aad16ab479ae89ccf1e7eb8d485b5f5faa95d27e43edc22a8f35cc7ed7d8403e991ee966db1dd64778ec6e0985a1a354f347b17833ce3822a8e

C:\Users\Admin\AppData\Roaming\Launcher\Network\TransportSecurity

MD5 63738ba495bd60fd35a78c12a04bd725
SHA1 027210c23c2364906c6e531d8321b5587769221f
SHA256 027d4d13d0a281c79046cd88fb5e8a46b5e1c5c2669ab5f370b6c66937244658
SHA512 a77daf36be3b7fe09d211e0fefd5cfe93ee67a5cce9bf4b4626aa08d53e1c7f0e6e78de5f1edcbdfbaf6b2353db31f788d61370f2be6ed5418eed99436ad4181

C:\Users\Admin\AppData\Local\Temp\Launcher14.exe

MD5 5bad939602ba3ff9f3d82b885e5ff005
SHA1 cae6f6e92268f16995fe63b03aa48b7a99641775
SHA256 0cadc63343d5ab35c01ed0246cef71dfb36f62a9773b1d86c38835da52702328
SHA512 14d331addf1dc58a065b9871506034075649abbf2ceadc7b8ab62e9bce05f4f73e4a72198e165a82756c654349451939a3897e7df376b82ea0a59c32cd83c17c

C:\Users\Admin\AppData\Roaming\Launcher\Network\Network Persistent State

MD5 4962b46632b4b68c87768ebd3b2a3266
SHA1 5099c4ec120946ff9df20ed856fae076d254d4be
SHA256 849c0c14e3cbaafb1ba01ed43ee8c8d55f3faede302eb3be9342062baef8fa9a
SHA512 3cca39b361622e3ab3c166bc5ca23f0fcee57917c186a92ba7ea16fea5aa90505ef3998f5683af66788a84110908918fda8e4f3337fa734c30884ebbf078f0d9

C:\Users\Admin\AppData\Roaming\Launcher\Network\TransportSecurity

MD5 285485925f16fdf2e0e755398a27c599
SHA1 908feb98f25dfaf47535891198cf93959e89c611
SHA256 87347c964d9a5f89d2dd7570d7c1a2f6aa9717360abb247fb56788d086dd159e
SHA512 710ac6600d3260dabcde77fbdf8167e63c3c6759b5d989ef7307b9f34f323c47ff9479da9b580e87f3c49bd514da0e3d513239d45b2d9ba4052bbb83ab979b51

memory/1040-4343-0x0000000003C30000-0x0000000004030000-memory.dmp

memory/1040-4344-0x00007FF9B6170000-0x00007FF9B6365000-memory.dmp

memory/1040-4346-0x0000000076E20000-0x0000000077035000-memory.dmp

memory/4964-4351-0x0000000002300000-0x0000000002700000-memory.dmp

memory/4964-4352-0x00007FF9B6170000-0x00007FF9B6365000-memory.dmp

memory/4964-4355-0x0000000076E20000-0x0000000077035000-memory.dmp

C:\Users\Admin\AppData\Roaming\Launcher\Network\Network Persistent State

MD5 09f2313b1053e9c3487fbe6fc49f36eb
SHA1 44bae3331788a29a5c4272f17e7be63527eac77f
SHA256 865f4fa9dd3824dc18b346fb2b90bbb2ba00688b2ec6006c56ce89842f73698e
SHA512 c15bd1e58cbdd8aa413c727850c763e43b3c58c31a442a00857b04fefd6ed23bd00f18f2c6f95bfbd6e007e00096fc842fe791825189c6d5c496f078d08364f4