Malware Analysis Report

2024-11-30 19:22

Sample ID 240304-w9dbwaag62
Target Neptunev2.exe
SHA256 8cb1a07c75e5345f3453eb95b22269eec4ecd3d4d2253452513b4e8bf14f42e1
Tags
themida agilenet evasion trojan
score
9/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
9/10

SHA256

8cb1a07c75e5345f3453eb95b22269eec4ecd3d4d2253452513b4e8bf14f42e1

Threat Level: Likely malicious

The file Neptunev2.exe was found to be: Likely malicious.

Malicious Activity Summary

themida agilenet evasion trojan

Identifies VirtualBox via ACPI registry values (likely anti-VM)

Themida packer

Executes dropped EXE

Checks BIOS information in registry

Obfuscated with Agile.Net obfuscator

Loads dropped DLL

Legitimate hosting services abused for malware hosting/C2

Checks whether UAC is enabled

Suspicious use of NtSetInformationThreadHideFromDebugger

Unsigned PE

Program crash

Checks SCSI registry key(s)

Suspicious use of SetWindowsHookEx

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: GetForegroundWindowSpam

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Enumerates system info in registry

Suspicious use of FindShellTrayWindow

Modifies data under HKEY_USERS

Suspicious use of AdjustPrivilegeToken

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-03-04 18:36

Signatures

Themida packer

themida
Description Indicator Process Target
N/A N/A N/A N/A

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-03-04 18:36

Reported

2024-03-04 19:07

Platform

win10v2004-20240226-en

Max time kernel

1800s

Max time network

1803s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe"

Signatures

Identifies VirtualBox via ACPI registry values (likely anti-VM)

evasion
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\ACPI\DSDT\VBOX__ C:\Users\Admin\Downloads\Neptunev2.exe N/A

Checks BIOS information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion C:\Users\Admin\Downloads\Neptunev2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\VideoBiosVersion C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\SystemBiosVersion C:\Users\Admin\Downloads\Neptunev2.exe N/A

Obfuscated with Agile.Net obfuscator

agilenet
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Themida packer

themida
Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Downloads\Neptunev2.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\Downloads\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\Downloads\Neptunev2.exe N/A

Program crash

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Users\Admin\Downloads\de4dot-master\de4dot.exe

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133540511058746584" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (data) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\1 C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell\SniffedFolderType = "Generic" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3 C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0e000000ffffffff C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupView = "4294967295" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Version = "1" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616193" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\Shell\SniffedFolderType = "Downloads" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\Shell C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2 C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\IconSize = "16" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202 C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616193" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\Mode = "4" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1904519900-954640453-4250331663-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\2\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:PID = "14" C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe N/A
Token: SeDebugPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeSystemProfilePrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeCreateGlobalPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: 33 N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Windows\system32\taskmgr.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A
N/A N/A C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4792 wrote to memory of 1536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 1952 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4792 wrote to memory of 3004 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe

"C:\Users\Admin\AppData\Local\Temp\Neptunev2.exe"

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffbc7069758,0x7ffbc7069768,0x7ffbc7069778

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1416 --field-trial-handle=2240,i,16875000905773190493,11379096115878622792,262144 --variations-seed-version /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1716 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2260 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3272 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3304 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4648 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5072 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5152 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5168 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4376 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4672 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5328 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3884 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5232 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2052 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:2

C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe

"C:\Users\Admin\Downloads\dnSpy-net-win64\Disccard.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3368 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=1632 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=1068 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5932 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=3840 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5852 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5752 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5920 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3476 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5728 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5904 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=6776 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=6868 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3500 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5372 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6516 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=7088 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=5616 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=4924 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=5596 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6972 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=6912 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=1940 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=7144 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=6256 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=6548 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=5304 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7124 --field-trial-handle=1964,i,4883243673990715931,15584581264942141678,131072 /prefetch:8

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\de4dot-master\" -an -ai#7zMap10258:110:7zEvent21103

C:\Users\Admin\Downloads\de4dot-master\de4dot-x64.exe

"C:\Users\Admin\Downloads\de4dot-master\de4dot-x64.exe" C:\Users\Admin\Downloads\Neptunev2.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4004 --field-trial-handle=2240,i,16875000905773190493,11379096115878622792,262144 --variations-seed-version /prefetch:8

C:\Users\Admin\Downloads\de4dot-master\de4dot.exe

"C:\Users\Admin\Downloads\de4dot-master\de4dot.exe" C:\Users\Admin\Downloads\Neptunev2.exe

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 5012 -ip 5012

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5012 -s 960

C:\Users\Admin\Downloads\de4dot-master\Test.Rename.exe

"C:\Users\Admin\Downloads\de4dot-master\Test.Rename.exe"

C:\Users\Admin\Downloads\de4dot-master\de4dot.exe

"C:\Users\Admin\Downloads\de4dot-master\de4dot.exe"

C:\Users\Admin\Downloads\Neptunev2.exe

"C:\Users\Admin\Downloads\Neptunev2.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 9.228.82.20.in-addr.arpa udp
US 8.8.8.8:53 200.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 41.110.16.96.in-addr.arpa udp
US 8.8.8.8:53 bitguard.pw udp
US 172.67.206.141:443 bitguard.pw tcp
US 8.8.8.8:53 keyauth.win udp
US 104.26.1.5:443 keyauth.win tcp
US 8.8.8.8:53 141.206.67.172.in-addr.arpa udp
US 8.8.8.8:53 5.1.26.104.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 228.16.217.172.in-addr.arpa udp
GB 216.58.212.202:443 tcp
US 8.8.8.8:53 22.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 13.107.246.64:443 tcp
US 8.8.8.8:53 217.135.221.88.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 192.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 185.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.178.14:443 consent.google.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 216.58.213.14:443 apis.google.com tcp
US 8.8.8.8:53 github.com udp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 3.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 154.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
GB 142.250.187.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.114.21:443 collector.github.com tcp
US 140.82.114.21:443 collector.github.com tcp
US 140.82.114.21:443 collector.github.com tcp
US 140.82.114.21:443 collector.github.com tcp
US 140.82.114.21:443 collector.github.com tcp
US 8.8.8.8:53 21.114.82.140.in-addr.arpa udp
US 185.199.109.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
DE 140.82.121.5:443 api.github.com tcp
DE 140.82.121.5:443 api.github.com tcp
US 8.8.8.8:53 5.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
DE 140.82.121.5:443 api.github.com tcp
GB 216.58.213.14:443 apis.google.com udp
US 8.8.8.8:53 2.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
DE 140.82.121.6:443 api.github.com tcp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 216.58.213.14:443 apis.google.com udp
US 8.8.8.8:53 6.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 gofile.io udp
FR 151.80.29.83:443 gofile.io tcp
FR 151.80.29.83:443 gofile.io tcp
US 8.8.8.8:53 api.gofile.io udp
FR 151.80.29.83:443 api.gofile.io tcp
US 8.8.8.8:53 83.29.80.151.in-addr.arpa udp
US 8.8.8.8:53 s.gofile.io udp
FR 51.75.242.210:443 s.gofile.io tcp
FR 51.75.242.210:443 s.gofile.io tcp
GB 142.250.187.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 210.242.75.51.in-addr.arpa udp
US 8.8.8.8:53 store10.gofile.io udp
FR 31.14.70.252:443 store10.gofile.io tcp
FR 31.14.70.252:443 store10.gofile.io tcp
US 8.8.8.8:53 252.70.14.31.in-addr.arpa udp
GB 172.217.16.228:443 www.google.com udp
US 8.8.8.8:53 id.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.179.246:443 i.ytimg.com tcp
US 8.8.8.8:53 246.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
GB 172.217.169.46:443 www.youtube.com udp
GB 142.250.179.246:443 i.ytimg.com udp
US 8.8.8.8:53 github.com udp
DE 140.82.121.4:443 github.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.200.34:443 googleads.g.doubleclick.net tcp
GB 172.217.16.230:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 4.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 230.16.217.172.in-addr.arpa udp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
GB 142.250.200.34:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 api.github.com udp
DE 140.82.121.5:443 api.github.com tcp
US 8.8.8.8:53 codeload.github.com udp
DE 140.82.121.10:443 codeload.github.com tcp
US 8.8.8.8:53 10.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 api.github.com udp
DE 140.82.121.5:443 api.github.com tcp
GB 172.217.16.228:443 www.google.com udp
GB 172.217.169.46:443 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.179.246:443 i.ytimg.com udp
GB 142.250.200.34:443 googleads.g.doubleclick.net udp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 github.com udp
DE 140.82.121.4:443 github.com tcp
US 8.8.8.8:53 34.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.202:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 de4dot.com udp
US 64.91.248.15:443 de4dot.com tcp
US 64.91.248.15:443 de4dot.com tcp
US 8.8.8.8:53 15.248.91.64.in-addr.arpa udp
US 8.8.8.8:53 ww12.de4dot.com udp
US 75.2.81.221:80 ww12.de4dot.com tcp
US 8.8.8.8:53 parking.parklogic.com udp
US 67.225.218.50:80 parking.parklogic.com tcp
US 67.225.218.50:80 parking.parklogic.com tcp
US 8.8.8.8:53 32.169.19.2.in-addr.arpa udp
US 8.8.8.8:53 50.218.225.67.in-addr.arpa udp
US 8.8.8.8:53 221.81.2.75.in-addr.arpa udp
US 8.8.8.8:53 d38psrni17bvxu.cloudfront.net udp
GB 18.165.158.4:80 d38psrni17bvxu.cloudfront.net tcp
US 8.8.8.8:53 www.adsensecustomsearchads.com udp
US 8.8.8.8:53 partner.googleadservices.com udp
GB 172.217.16.238:443 www.adsensecustomsearchads.com tcp
US 8.8.8.8:53 syndicatedsearch.goog udp
GB 142.250.178.2:443 partner.googleadservices.com tcp
GB 142.250.178.14:443 syndicatedsearch.goog tcp
US 8.8.8.8:53 4.158.165.18.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
US 75.2.81.221:80 ww12.de4dot.com tcp
US 8.8.8.8:53 d25hvf57b1t0vp.cloudfront.net udp
US 13.33.50.75:443 d25hvf57b1t0vp.cloudfront.net tcp
US 13.33.50.75:443 d25hvf57b1t0vp.cloudfront.net tcp
US 8.8.8.8:53 71.10.230.54.in-addr.arpa udp
US 8.8.8.8:53 75.50.33.13.in-addr.arpa udp
US 13.33.50.75:443 d25hvf57b1t0vp.cloudfront.net tcp
US 13.33.50.75:443 d25hvf57b1t0vp.cloudfront.net tcp
US 8.8.8.8:53 team.epccm19.com udp
DE 78.47.121.208:443 team.epccm19.com tcp
US 8.8.8.8:53 www.ccm19.de udp
US 8.8.8.8:53 208.121.47.78.in-addr.arpa udp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
GB 172.217.169.14:443 encrypted-vtbn0.gstatic.com tcp
US 8.8.8.8:53 14.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 keyauth.win udp
US 104.26.1.5:443 keyauth.win tcp
US 8.8.8.8:53 bitguard.pw udp
US 104.21.53.2:443 bitguard.pw tcp
US 104.26.1.5:443 keyauth.win tcp
US 8.8.8.8:53 2.53.21.104.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 172.217.16.228:443 www.google.com tcp
US 8.8.8.8:53 api.github.com udp
DE 140.82.121.5:443 api.github.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons5.gvt3.com udp
GB 172.217.169.35:443 beacons5.gvt3.com tcp
US 8.8.8.8:53 35.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
HK 142.250.204.131:443 beacons2.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
HK 142.250.204.131:443 beacons2.gvt2.com tcp
HK 142.250.204.131:443 beacons2.gvt2.com udp
US 8.8.8.8:53 131.204.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com tcp
HK 142.250.204.131:443 beacons2.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp

Files

memory/4692-0-0x0000000000B90000-0x00000000017C4000-memory.dmp

memory/4692-1-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/4692-2-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/4692-3-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/4692-4-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/4692-5-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/4692-6-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/4692-8-0x0000000077C04000-0x0000000077C06000-memory.dmp

memory/4692-7-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/4692-12-0x0000000000B90000-0x00000000017C4000-memory.dmp

memory/4692-13-0x0000000000B90000-0x00000000017C4000-memory.dmp

memory/4692-14-0x00000000062C0000-0x0000000006864000-memory.dmp

memory/4692-15-0x0000000005D10000-0x0000000005DA2000-memory.dmp

memory/4692-16-0x00000000059C0000-0x0000000005A0E000-memory.dmp

memory/4692-17-0x00000000075F0000-0x0000000007602000-memory.dmp

memory/4692-18-0x00000000078E0000-0x000000000791C000-memory.dmp

memory/4692-19-0x0000000007B20000-0x0000000007B42000-memory.dmp

memory/4692-20-0x00000000057B0000-0x00000000057BA000-memory.dmp

memory/4692-21-0x000000000B010000-0x000000000B3E6000-memory.dmp

memory/4692-23-0x0000000000B90000-0x00000000017C4000-memory.dmp

memory/4692-24-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/4692-25-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/4692-27-0x0000000005940000-0x0000000005950000-memory.dmp

memory/4692-26-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/4692-28-0x0000000008E80000-0x0000000008F38000-memory.dmp

memory/4692-30-0x0000000007F10000-0x0000000007FAC000-memory.dmp

memory/4692-31-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/4740-32-0x000001CF750A0000-0x000001CF750A1000-memory.dmp

memory/4740-33-0x000001CF750A0000-0x000001CF750A1000-memory.dmp

memory/4740-34-0x000001CF750A0000-0x000001CF750A1000-memory.dmp

memory/4740-38-0x000001CF750A0000-0x000001CF750A1000-memory.dmp

memory/4740-39-0x000001CF750A0000-0x000001CF750A1000-memory.dmp

memory/4740-42-0x000001CF750A0000-0x000001CF750A1000-memory.dmp

memory/4740-41-0x000001CF750A0000-0x000001CF750A1000-memory.dmp

memory/4740-40-0x000001CF750A0000-0x000001CF750A1000-memory.dmp

memory/4740-43-0x000001CF750A0000-0x000001CF750A1000-memory.dmp

memory/4740-44-0x000001CF750A0000-0x000001CF750A1000-memory.dmp

memory/4692-45-0x0000000075E60000-0x0000000075F50000-memory.dmp

\??\pipe\crashpad_4792_JUPIBEDXUPBSYKOG

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 89d79dbf26a3c2e22ddd95766fe3173d
SHA1 f38fd066eef4cf4e72a934548eafb5f6abb00b53
SHA256 367ef9ec8dc07f84fed51cac5c75dc1ac87688bbf8f5da8e17655e7917bd7b69
SHA512 ab7ce168e6f59e2250b82ec62857c2f2b08e5a548de85ac82177ac550729287ead40382a7c8a92fbce7f53b106d199b1c8adbb770e47287fc70ea0ea858faba6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 27ac7a30565bc8ee6c685eabea95858c
SHA1 283b2dd16c4d08c648f7aa18e758c71d59282ee9
SHA256 78392f5a49798967d0fe4378403c70ad70a7b0a656c70111caf31db8a1c65f0b
SHA512 207a4fe951f4f0af5003ded6d9dc3a4380a41e65e3960c2b1c0c5e68ff1c7ede4edae1a24f6f200ab928129a5faa2267565dd81246912fa2273b99ba0c053360

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ce4f35d1b390e41185c76bf0d4aebee
SHA1 791285d0b56aad90c5ebdfdcd9c98284fc35bbe1
SHA256 41be6a7c856b5594dbec03a65b969fbbefa5170dfcb597c698f921f6abe92de7
SHA512 883bc03d39eaf498a82e220f2659f2175e7cff77ac7fed0b2aec2a8285690a58d34b8a67f510a6d7d41933c97a377120843738649019601f91e95d424e7ad10f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5b0ec90887b341ad2a9cc27aabf8efe9
SHA1 a8c1bda0092be5992984b2bf96b301aa8ef24769
SHA256 1e8548d4cdf24b5c36205d60a519f53e2e2c839aa7a0f41a9b17e4513062b5e0
SHA512 81327671b3c017e4036de71365728b99d2b0aa8e466a779d49576502c25d943a8602e9506ea6d2a7f8feb2202832681e2683c16c6ff0879a14d25bc59a41493d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 f86a9c17c71ce7e51906cf3a6ec57310
SHA1 0f3c461bb32a3c84ff52a5f2cdbe20a2ce8cc189
SHA256 ce326d91a0d571594cf0d857b071c488abfb6ad1affc88059e7dd5ed1b9e2eda
SHA512 2144e0d0bc7cc9f4ea913ad975213ab89f28d3eaecc5166ba8b181d7bfc21bab8491e8373e4f732b931efbb1fb9992d41efbd707e4b28984067c3bbc0832386e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3a385b211e5eab3306af29b1a84e75f5
SHA1 02afc0f650b6c12c4464518b65e5cf10ba25231a
SHA256 1a409731be68eba8835b57245ebfe4542e2da06c6b29ec51f867eff857d296b1
SHA512 d50697992e2ae55089569fd01dfb6048fbbd57b99ee3b357c4ba0912263543f9a27262f47adc74952a38220570eab839728befeb083d0f8f54f1d3b22bdc5fea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9d670193765ae93e50b84bd6cee62667
SHA1 3138df038e2d09b2d0863445c95619f966ab10af
SHA256 3e45c9d40eb7d71425a7eceb74af0bcfd21903f7c0a6ac61c5f41cdb40d33615
SHA512 7dbe8411aebd9ad33d385e74ca8c071cf11870138ecde98ba458a60201afb12d4357c043430c50abdddea1e3fdfefd6ccf78407707d97db58547605082f10a9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 70a255fb706958bcbbb0704f3f30b317
SHA1 8a3f37a6df765aec20a1b7d04b9eded7d0b0e626
SHA256 23091c1700e71e36a91800f2a7b63250db876adf672a8b3b3cd590deddfc6e07
SHA512 4a0dc53906ca8dbfa5cc2eae5ddf09e2aac05708804b55e7284c0157a150c1a8f25de5f230d823960f24c0d956d1f01afeb5e883eeacb509d1e0c5dd9d7301e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1cae8846f69fbd76d0950a2bb237f973
SHA1 90c3366344017118d54242751a64801939ddc10f
SHA256 505c506538e1a4afd1751c236911136cbd5e242a65e99915bffd53a320d49115
SHA512 ecae6f8eb953ad7b3966e12318e148fc43aa3fa7afb9409c65b6c8b7bf1e739f3fab841d84a2d8d761d37b97b9fe27fa7c9d50a22013a46aeb93b0a0062b92fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 706644bce761d746ec6aaace211fafec
SHA1 e6b4e08c42a9a6459da1c564ffcb0229df18c5ce
SHA256 594a2bfbf619ea05c90dc85f79c8eb4b2ec6eac5fb4a47f4ce173a2887909909
SHA512 84ea4c8379f7924fee2db77b28769d2a50b3a52e206e4694ce97437915d6b2b63847417c6a1ea8db41b85775c9628ebd982a753cddb7cf794d172bbaefcaa4e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f3d50c998a500212424829a713182eea
SHA1 0c21b32dac303b2ca6bf1d43b2f60d3521307c73
SHA256 8dfa722e56b2a35c1e5012ea8f9cebfb22c101f8aa78ba5be595a0fa0fa5b352
SHA512 e3d683fa3addc9bb4d959f14d592e29f59fc062020c606dc513abf7481fc0d1a227003d0e61aa3c60ea2082fd815dfe8d4eb3daf557643c0b2b03cd7879ac872

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 5c307c30a9a7ceb27e0d9edba3c1adf0
SHA1 24126075a2c12ea3f42384f8978a46b21e2bf707
SHA256 fdebe2552f1459dccf5ea25d420ebf851e7cac5be7b2cfb019175a36157c9d0d
SHA512 98ca36d090c395421b82d58456963cc69101968ed0f1e9859986d19c89b03b5bec8470e508d1bdd4461f43a8a93b0e7b8fc6fe8320150777bfcacc13a2928632

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5953c3.TMP

MD5 61f687f8c8a45e9b187378bc088f0a7c
SHA1 bc1e9a39e4cc3bf95a193e3572d94585aea8a629
SHA256 4dbe65bfbe37747b39e4419f346d144829fe19c8ea2355d67f20d5890635ec39
SHA512 2c57fe49abb0d9a9502238776f969636b45073ae1c83ec240bd18192ec537f616e64260f300540579785fe91a13f60083c4b7b52e11d3bf5a86668a9ca630c0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a1ae0a33e4e9ae7a5d823a4a8833fb41
SHA1 36f8a32d2cc7559789c54b1e1457e6da9b7b6e54
SHA256 b391ae42e7c53cc4e89f73e4df06816805f5fff41123909fed5f887a07aa1503
SHA512 1f2cacd27e7acd2f1bb8157d703f3523477b16835cd7b5e61e9d491aee571d612f1b8a99fabe7fddad3bcb731927b84e627532902b919a4de7e43bb6fbac142c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a412409b5398e8996ff855d71018e985
SHA1 80c2c6ad382a1a2c182975b2dc78a12e1d614a10
SHA256 6e73f664147f70885a8d798e439057862771dfa01d5854524097bef63440568a
SHA512 956a6ca56143747f64ba2bca69669a99ee61638e828fe4a514d95bee1469281442515e17ec0149146432e7ec170cba037fd9c1ddb5be894626edf83136b4551c

C:\Users\Admin\Downloads\dnSpy-net-win64.zip

MD5 dde43f841239e4c238a0abe10cd12298
SHA1 ec6326418258333357c9e85febe062764ab7013f
SHA256 0e9445b20301079b00a14cb431a4a4dd8ec9683e49d0c580e8bb105ff0ab3607
SHA512 3ed8bbbcb1000f40611b29ea55c9ebfb1677ff70d0d6b1f4173d3c08a7dca474322bd6743197c6099ccdb23bc2c6ca32f524024bf99eb3d5403ceba51f01be67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a90f1fbbf6a0d1fc62e635e50927a6a0
SHA1 dcee8c22774c3ab8ddc8dcd46f984445db2dd930
SHA256 e777045c6e5a97c6792553d3d0eab5c4bd6d6d80fefd5453a68cd1ecb36225e4
SHA512 79af2d208baeee476cec7ff8d7b32e7674abc4b598ac341b44bd319baa7a49c4cec03fdad4da1c94b6e7b0ee57b4b0d64871de17ee260bcec51fcefca2a55f97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 880a53c2929d56462ed7df8038a72d4f
SHA1 89449be5c1d55dd0a7722d3d203a4d686cf2477e
SHA256 54bd33ff7a5bb612da0a50990431b4e159632640c038df768d43d478b97712c3
SHA512 e407706634f308b81e73efa1a1b81f3d6958fafa64b55ab57b2aff414f906e51e70f07eece77050fd8f3613c56d33a9d5d00884061ded477c789cbf16912fcf1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 af7f02ae24d5d4a15c79982c686bae84
SHA1 25ccbca2c33d400d2332620d2a6485ba4b31d791
SHA256 b426f7c039ca75abf9f54865d6dd06b1ecd4235976546d1061b0c26eae2a61e0
SHA512 d803aaf16e72f46dfa3ad8d35010b43714b3fed2804a490dd0fc802a30c24bc24bdb47be2abd93ab8d53d7e5db48607f760dc764e4bb7da6f089249e82d3fcf0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 af8e8e21d90cf2f931891a83dd37684c
SHA1 9607ce1ac367aaf2b758a0dd4ba4786216b3603d
SHA256 331a29bf491c2688c57ed9fc84e49416ce5e7da45eadb43ef438f9d52492abb0
SHA512 9a848284a39f1fea4f705d3be938615522a043445f50ffd7677c2aaf15535084d54b9ed2be3ad5fa0eea0a4a745fdf613960ccca251604b9f38cc13616017839

memory/1052-467-0x00007FFBC2E90000-0x00007FFBC3394000-memory.dmp

memory/1052-473-0x000001547C290000-0x000001547C2A0000-memory.dmp

memory/1052-477-0x00007FFBC2E90000-0x00007FFBC3394000-memory.dmp

memory/1052-479-0x000001547C290000-0x000001547C2A0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 36caf6124d0a1a90e069c85450a6f4c6
SHA1 79f3f603df3dfdcefccdd6d1a74e1650a2fd382f
SHA256 81c2a66fbdb5f903ebcb6a2cedf3f5f44aba2b43a2f4f494349db511d5de1cbe
SHA512 00882967ac35d655419749e4990d0d7c3d4fcb6af80f02eed7a1f999c68dd144158ed48b27364316d9077915ac7eb020491ad2b6c65ac89e1eb4289bbcbfb2d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1eb879ef0c7b14c247aaa4a375af49f2
SHA1 6393ce4683ee40b2369f68dab48c39b9594f235c
SHA256 c1d7d5f5c0e330e773bf9ba8090181fdc6d0b2db0ea568b60ca6450b8650ec80
SHA512 d3f77b2a5889ff1d806356dba7f9a64413749b67675d4a667e038b2a54e04c90bf556d574503343a1e89515b7e4d7ef0768452a8148c522c215c63e28a3942eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6345b3ddecd2b2f011c584008cf0117e
SHA1 5abbe750044872cef2f3330ca301f722609df6b2
SHA256 006eb8c1b8bb9277eac6a1090a6bc015bd27a6bb9986433423acc767f89155b5
SHA512 57524c6cb1749a90c904992381abd4092fd28ec92b97c2b3c981102c59bc4e5fe66315f9625ba8b5f2be7efbc7ce0739a49b39c60d58daa2379dba365d9f6c6e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

MD5 60416717b5da87ecdf5eb140573547f0
SHA1 43f23a16f1683918ad64053826d9959826e59119
SHA256 8cb1a07c75e5345f3453eb95b22269eec4ecd3d4d2253452513b4e8bf14f42e1
SHA512 05afd91eb8bdc52fc9472b6ecea01ae29c2d198c1b721de84523585932eb56e9484d0517c85a48239c25b05fac9d9072363e712703ecc797bfba416588b9c232

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 631e848c4e5e32abcd52b3967c45361a
SHA1 e05ef920eaa644c8d9b8ea2d8bba7400e2086288
SHA256 f258fdd3646530b892fc39468200be8ce958eb84186dbbf78f566ef61418efe9
SHA512 f71bb714142ff5324011538fc94a3b2454009ffa1f19f7b701d1d3d513704b3f629d89faa347a05fe8f6cb0d581aca5f5e75dff3d3cb373532d62c10685b3270

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e361a323511edb68bc5aa1f8dcec462
SHA1 c716ecf6e12113cbe9a9e4a3008a11610e178e32
SHA256 ac6b44acecb3b7be7c6e71e062271f2853ccc81ce874e22aee4e8c103870a940
SHA512 97d88db55462b6f54aa248ba7d76ebad6c7527fd37e10c921f4f7c1506a233b3dce183b45c256a74ae4d271df30534883ff0c4689ba030e8fa021e9900b57150

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4a9fca695a963aa84279756f7530c5e3
SHA1 5982931dbf0c85db88e3827e129da938dafc3662
SHA256 bc6e8042c56c3b52c939a378bfdf93376395a99962562f86ca6aebe29da4ecea
SHA512 efdf08d6b5913a77580e61b0510b87488de85c35689fd3b89c60b79ecd72b3cf47c65030ae287d7d3489e502fefa66ef4ac95cd8294a0c8b9ae4156fa9ebd10f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 bceadfe437606af422ebf5cc6c37a183
SHA1 fe16f3ef5ecd26c1c272728780fa13800be9b0d6
SHA256 92f29e6e454b5c8eb52e51c3502eeccc7a292cfa21a2d8874123f77d3b1960e4
SHA512 6fda8985ccf3ef390683395dae5b5d40c0da2c3cbc52a5cc959bab7a0b45c4fcfc66eeca7a40b5f7bfec55f766d0f1a1d55b8a002e61e4d57a0ad3cfba523e89

memory/1052-595-0x000001547C290000-0x000001547C2A0000-memory.dmp

memory/1052-594-0x000001547C290000-0x000001547C2A0000-memory.dmp

C:\Users\Admin\Downloads\Neptunev2.exe

MD5 73ebd0e004bd94ab80c304cf625f0052
SHA1 2019b6cc1a7e255c40bb2c4b19784d32fcfcbc8e
SHA256 6a49c076ae5c7e8e28025ba14f3423b9b8750cb3a7f54c0412d5c021e3bc59bc
SHA512 c4c616feba7aec14670224f34a2bd8c8d28ee6d96d37736dc8f33e256e6383a519d1b9087864efae01b8c708b32d752c66b07a172c3ba34d3b0cf52e19bf8e30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ff78be45daa2066555bb8221546ea6a5
SHA1 860e5d7e9a16fdba0bfc436a22e9382b7dd40d1c
SHA256 8ea60c2040ad59aaeb78589b7e58da26ca198d5a1dfeb7f97f6e5d84863c5b6b
SHA512 bd3b375de32e8b1c4bc6ff15ee4682bbf481a1a45973a18d732bf3874b5190fd3bfd222e9b012d667050641d8d20561f0d99b0fe3c5575720dfac5bc7419fc57

memory/1052-611-0x000001547C290000-0x000001547C2A0000-memory.dmp

memory/1052-612-0x000001547C290000-0x000001547C2A0000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e1aa11dcc6f1e6be7e6eb0792149441
SHA1 25e7965b17ed3fc277b17d6caa798954c6797d63
SHA256 8a4d0f5c86c16765aed3dd35dde96ab17a2432326de0bd5bfb901d7bf6be34f5
SHA512 0db714c34711b2a979706c86c34a9098174a67221dfcd3000ecdd41d0ca3865f92a152c2d97cfd7548111252ffaab9b2dabd446b139d13c492a08c3acd1dba1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 8b2813296f6e3577e9ac2eb518ac437e
SHA1 6c8066353b4d463018aa1e4e9bb9bf2e9a7d9a86
SHA256 befb3b0471067ac66b93fcdba75c11d743f70a02bb9f5eef7501fa874686319d
SHA512 a1ed4d23dfbe981bf749c2008ab55a3d76e8f41801a09475e7e0109600f288aa20036273940e8ba70a172dec57eec56fe7c567cb941ba71edae080f2fdcc1e0c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 51cf26210149e7e2079aa97c06e5e8c8
SHA1 793c4f314c6aa2d08143abad1ddc1714148e355a
SHA256 f8a041c0cfb0956fa22e147244778a060d77ef2a58bb2d00a14f9b6aa040462e
SHA512 0e56e6eba2dbe804a15cc35c1597df1d568738c877399f635b96713a08629d203d3e7d2277cbfa223d84b6c86056b5980a67b9867ece831123b4282ae6ccf0aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 afd9247d9576ac171380d7d8a1818743
SHA1 e601ce64ed27ea44146a553e2ccce25f2a0d2ee6
SHA256 e1a6f1f60868f7e027a1b51a8fb9bb61ce8c1b0b2301d382fc063b18183bd6e1
SHA512 12f99e6fc8f46ec01bf61b8e96395b983ae81866dddf809ce8a3679c6debcef34abbc97bc17ba4dfb3aa7f1f11a7659e7831ffe9fb2042b5156a3268c1384a2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e5353a9a25ddb2c4f781c9919603be6d
SHA1 a0dd8ebf285607d62be1c295de0fc1bb9f5900a2
SHA256 03083886ede5887290e86a5101dc57e641741ca53acc8af55c5a2f0eae897667
SHA512 ff67ca7532ed73ec1d9a050271c3b5c29d7b90bb22c13d0d5f51bbca7b84d49538beb15b1c87e865afe84ea6bc0e02ea94550b5b7a6c34f2555bf3411ec3869a

C:\Users\Admin\Downloads\de4dot-master.zip

MD5 c70cd9c16d00a7f90a085f4289efecb8
SHA1 87850f746460ef93e15c84b5dfe4c5f64949daf4
SHA256 b0932039a531b65438bbe80b47aa56a8fdf28d094679fe9af179bc1646ba62a4
SHA512 dad54384fcee91400cede5a1c4f961464607a37d91412e5d53f6ae0061963588c9fb951d66156bed40165eb46d7425aee7e656892820544214e82e6b5b71fbdd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 30e13126c3909ffd9047077d7b9e6033
SHA1 6866c165d70392257d8188521c9334bc5f59f294
SHA256 5a10adc79b6db1834de66b5e717aabfab2c56aa1eb9811db23cc1a10b6caa7a3
SHA512 351f8e7fd40360d817325564c31b6625f1a972df27dbcc848770e17bcfb16e1ef5e19893d16f5b2ffb4cfadd7c15493ac186edb1bcdaac1b6eeb26171102bd5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5c7e01.TMP

MD5 6b98487b88abc644083b9e70f17fb8fd
SHA1 f508962dbd581e3ea88feccb015e8d346124654f
SHA256 6527de0224fdb4187ffd979f225f4980bd8797783a95cf389444adeef341d118
SHA512 2d6c45646aa4a093fdd8c8f5cec7741347be3f714b39fde468367d3af94a5d030383b63e7aa8639f4576efd90af0abe1e0c5fd30e3c38074fb802b95b3717b1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4e2f203c0079d1688e5ce59e78847b80
SHA1 22575a83d26ecc0ae7edcd43221589334a03de65
SHA256 51395802c004f0050ea87d2d75be869d3c561ee1173175298c178472a6655006
SHA512 433b825968932ac08838699f40e5ad03678f7a9e08d97662cc43f65b4b8a418b377d6c00b20ea6caade6e5fb447565a19297e1e5b094ddf15e4e98ca1f1f3bc9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e32cf316c112b48bb18275756136582e
SHA1 dc3679c237fea0247e58d6cce142fa2eea02d6ee
SHA256 f6ba311a5d99f2c041af668221b4ec700acd76f59b5e36dcfa9fa29f04928917
SHA512 e182fa63864eefa3750211316668b9eaeec3024a3b68b64d63c681d4d95fa2bf8df4ff8aab60d50d4ceef4e1da4d7b3eaee820b4790328e9323e6d97115abbd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d21291e6fdce23acd7785d003e7aeed1
SHA1 c0a04802ba336039c8bc86a1248c04398779b449
SHA256 96eedfd20dfa86cfdd551cbe4f66f009e8235a9413fa7c7b1a0f0beab13a0c97
SHA512 333ac7045e020920737f132041c09734d9e5976db533f68d11ebdd6ecdc3b6390bce760bb41361d3c4b92eb9e816405a4946ae9a167d1d88a0bd74171c543e5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7089412d6bbb2cac265515377df889db
SHA1 4ba76614f97561b4ea7c239991138c125157ae0a
SHA256 b14bd9344358813700bbbf8d98401bec57666c20af3941daf29c072363b09525
SHA512 4ae5f3222b3c40ec13ebcef3307463a13832f30b62f1d6ff3246e1b34380740c33edc4485178593f1134637948488864c3f2a953ca6009c715cbd84da2990a89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 57cc1d33d0af5b10d8c0a5e00bc5908f
SHA1 6d4c9b36737026de9915d5ccd52e13a7e9d60f97
SHA256 2692b2a69f247648514ca2c2c85969564b63a764408d1c598cb513c73da2802c
SHA512 c8d6a7d5f19b3d16de7392741074b3e7bd1673f20118c077e4c2aac0f6e001d0e46c1ffe41f98915c7c91ddd5a3b144759890d5d44fc353826971a7bbdb5bc13

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 bcc228cf519590645931d6e610c9c803
SHA1 85375638d8a1badeaf3f06f9a3f52e67a166801f
SHA256 46d1d8a097f77a90eac607510b419a767c7fef63e5c7e7e2be42bbf80c49c0f9
SHA512 77e32693150de08dea5bcd9aeab8784e90c604fc57202172d4d6bd70d42e0468f6a1e7fb4ec962ff0cfdef1a2bed3d8fe131c3a74b8d42b19a6ba283e20b3977

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 8df64f08312fc0ee3a80b8358ff94c4e
SHA1 55688d2fb73a0125518c0ccabeddfff6d3c4ef25
SHA256 3feaa14533284f5713f8e2d85145f453186a16574ac7e47bec897c72eb2f7096
SHA512 36ae9ee70558e1f94579905532f646277bace1ba80a1f292b5a284099296031588c2bcf62e7515538ebcfc84db9af7b9e90a3c615cf2f4a8bd59c2b5a8c2ce65

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 d2d0c427f1d093c36a9fd6751a9a9d61
SHA1 dbd596ab1f2256ed3e3816be5eeb75d34f38f821
SHA256 b37bce0e0f504a7b54d3a01007169d4126c2a401be8f93afe35f665e62c3e34f
SHA512 b8418e074df9619ae62461b5c42fcc42d2ffb8b099e09ec0271bb481f8e1ad8d7655fd5149d8abdbce1d35226029f200623574946d6223df1c9c14c7824d63ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 cf9a2b71b637aa3bd2728783c25285b6
SHA1 27ad1370dc70efe5dfc470413cf8107e3e3260f4
SHA256 86944a51881eacf1d83efb57e57b0fee73405cfeb372df2c2e29a91afe5fd2ed
SHA512 21aa1b79a7d9cf191f9d31170af22229a1b96705a2b77fd0aae4e19c5d4e3dde06947e719bc5122e42db8a76e5315bb6bd165a65fae500bac555ec061cf39176

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ae1bccd6831ebfe5ad03b482ee266e4f
SHA1 01f4179f48f1af383b275d7ee338dd160b6f558a
SHA256 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649
SHA512 baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 ed8322298d06f491f494f5e8c388e69c
SHA1 dd1c8c0595ce620796e61b7c832127d657b5099e
SHA256 1d64b5180af2d9f5091394e9438cb25adf84ab3073a0d1e6ceb2376a94e77275
SHA512 f79c93c22fb38a2d2a00995b1d0e3944e037c23f11362b8f2468b4d9808c8377b2484831a34e84f2f3d86934d3ae369a635f1459776d4d9b353fb6dc757134d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 24ab2f3a8c26685b6be9d07b5ef7df00
SHA1 cd316ec3208392f5b2846e668337938511998388
SHA256 54364a48157dd6f58c16da41f7cf4e0ea32c2ccf432e5b0623b87223c8c3696b
SHA512 efab865d8590020d7069146b82d66a3e35d586a8672eaa4de3d3cd158680fd20aa7cc4520cae3a59ff10569e1ac9c295c171e27d3f364cf1ef3642cc696b9c89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 e562aa584409a79d9174919c1065f2e3
SHA1 d9dd1d50ab52b6b475baaf995eddbdb37545c2a7
SHA256 786d1ba73e48a4e2d26cff209e77a859c0f71e7cabff025db82f6e6fd7013507
SHA512 834825915c3f6273fd34ca174f3000d308fd2b7c3a081d4ebe9ea390e49e39e64e329ba369d6402cefe2595ad5a3718f99525c69b7a2e48eacde965ef6b2906f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 e3c321ef088d2b913659c2c1d004be2d
SHA1 b3c22a8b4e51c97ea9a0ea82f898adc88fc74499
SHA256 8d0c890ef816f03ebd62e0389e50def14b6362812bd0d5cb75cc9feaa67e08cd
SHA512 abeec3d8df3e3c12e4d5a737b66677088abd3a0466f8c3c3848e662e2623fcff90108d6f50ce77968dadf457ea2f97809cd1f44b2efab0cff3b65e3ab388b1eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

MD5 063fe934b18300c766e7279114db4b67
SHA1 d7e71855cf6e8d1e7fbaa763223857f50cd1d4bd
SHA256 8745914e0214bcd9d2e6a841f0679a81084ef3fc3d99125876bee26653f4253e
SHA512 9d0dfc21306b3a56c2ecdf1265392271969e3765e161e117c8765125b34793e24458217cf6514b364f351f47e65baaaf5856be0d13406a789f844d6ba8c7075f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

MD5 ce9fe310a8b8ed92ae2c8472ff3b59ca
SHA1 59b1ef50b9181ea7b2ff15c6b3aee5b5b9d1e637
SHA256 886630a4fffcd5467a13460abee5fe70b262befa51b6353ea902a02e8ce112a1
SHA512 31c68e2fd65c6bad73ec409e6ddd9b1593bd3ad92ed5af979752ab4cd41bcc2f896a9be992c6ceeb232db9687c57c0abd3e35185c1e84199e6e87aeae84d099b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 03884ae475b588939b9d8700841ec35c
SHA1 10993d72f304e9dd794d9e81b941e90531b3e52f
SHA256 a9c59977f187119ea233834a4b999502cc0a8f4897187fe159d61592bb6c88f3
SHA512 628b4a8830d7460efe1d4493776ecdf1a421ca5fba75ce0e07417d5b4a3edd44abed0b95a382e8272c512616d1fa74c0dce31afc59c294b3c05a35ed4cd7592c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 93ab4cf70b3aa1641a4b258c3fe03f24
SHA1 cba2ddecb8e019e6e5a91dcf867c6d6094f39b63
SHA256 d6c2f9f2bb35841cdb53abb660544e6e6f44e39d6542323992cc1c63e998fa16
SHA512 70fa907afd9b52ed54a3cf755e394c40a3ff7a83041540b435cba47d889c1c9401afc9fb23a5e879d85bed42fd5df40cd7540d428b3ee7a9cdc278a314770884

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 77a781823d1c1a1f70513ffeda9e996d
SHA1 60776ceeb79ed41e7cd49b1ee07b1e09ff846f25
SHA256 b093599957b103def2cc82ffd2d42d57a98292ace5a6596e3e4439a6cce063b2
SHA512 9aa66273ad419e1fc4ee825ec9e9fea4297139eca060572d3f59ed9bccbf2e1dbd03a006a0a35c6d37196e8297ec9a49fb787f0a31c3772b17911603eca62aac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

MD5 ccf7fa604538944974db6f692ba50c69
SHA1 262dc41dc2740df6b726ae71de47161d98032ba8
SHA256 24956f3949114d4f110e683386e9e386b3d552f3e00937aab34e98cca3ac5d3b
SHA512 1d787ea3dd3537b3dd01c81760e39d5fa7fa34b5a7b303148b1111a9c5d3a4e5fa8f554e618efe8c867e0ec5b6f7453a31d56a304af5fb58c005d0778af8e6d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d31b8108af72b75ac995f87e3170e231
SHA1 bcb7f74e9c0c6f75575d19e99d0dc8bb3680bfaf
SHA256 ddac758abe5180c7d37f0665a0c6ba0897c62e66b5a2221700bc5d3f71f88c60
SHA512 bdc3dd6e50b43d3389da78a7b2a1affc59f9a026c93c4a9bfe5501dfee04511ac5fadca0a4ad33f63be4e6fa9cca44ee89f5344ffc7d02a8766904fe317303bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f

MD5 c332e8d02f414c15152cb17c7a4e3dc2
SHA1 92b0607e0191e9bd58eb6d329db4f05213694677
SHA256 03d12e6793203bcf6a42f9a3f1d2f71359dc2e6d458b6a21027876cfd3d09a2d
SHA512 dbb51f2730631bdc3b673c8ee9ba6b1432cd090ddbd297b8a4d6834a20180a90f69dd4f04c58c595a6249a95145dbd10eaf3f6b9a5c8bcfc689e99c0790fa901

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 99f1486b3024b2295d46b28dc0fbe0b4
SHA1 4ffe782f5dc9340653ffd5e2695a11eb6fa61463
SHA256 ac5999f76324444815f0532d683756c9cfcbc096ebf6a1cd67c7a85916322988
SHA512 5eadb8907581a466403f0bd5171fa82d880b8f46ba8f65b576b89646491b0db9d3f51178d1d12c3bd5bec692f6ec3cf2679467db3d77da454d7327b59b68f84b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000031

MD5 e6109e630645c25c6d010eedb04748f3
SHA1 aa33737d08fb50eb9a34570af0c283dfc7348f61
SHA256 7a4c899d5f9895875a15f532b9b15376242ab852ace31eb7d772e1f79d5a54e5
SHA512 005ca6eadbe1ec272d766a965205907a6be60727037b8499166ca8cbad3944723994d4536689fb5d8ded817d11cd04bbe6f19c74eee0caa5abd90c9a901ff0ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032

MD5 d554686e20107ca7cac51c1e080820c0
SHA1 b3b083960c7eda4acf148002ccbf9d6fd1717db8
SHA256 8adc204be6cfbef0400da12b5cedd1bb5db8eead5f1488ee4cb16b548aeb8f75
SHA512 1351570632b09d068be315ee69526c128a5d4dcc32783c6f025f93e971771514a291ee5ddfcdcd6523a055ee2230810fad653f08971cf09f72a899566ab52824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000033

MD5 cc9aedf7d25ad98c0c5466616169300f
SHA1 cf31ec7b509c4fb0d2ba92b5a255fbe44a571b77
SHA256 cc3c41abfc666cdc6b41d785a5512c49837f6320c18a17f8eff94d4a3e8c5b5a
SHA512 93755c037e8b13398cad9dfd020b344449779980562da66cbbf5208d170302af02122ac32c7b4f2413885cbf693063953d7ff546a3d9a81218276b2619d2057d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000034

MD5 8de2c3401fef13f5c0f8e82a2fb76354
SHA1 f208974c5f866e071c838d0407a6a72d2d1ef1e9
SHA256 3fa1c740fe39c7ac18b90935c9d64505c77ab4b95256356ffaf9c0cdee5f7643
SHA512 ce357e11fbb1ddfd15be9d2534e392799b94af0c2ce614980e3c9124e4267857989662ed2b7e46e0697d0d3ee222e259f66f5a03d0f321152cb5622f5a8bae5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035

MD5 a8d8a93a4f3c677e87715d0f99b96dac
SHA1 2a334b879233c66d92c622e3340761bd1888d9df
SHA256 d4d80fb655c3fed57f385d75cbaafb1024e8261cdd7b7191ea9c03aaa127187d
SHA512 b7d84e85d68a4f5a73446082286e562c62d1a2d0c185b63c62158e296cf904afae35513d0850383002f5c524d2e3c159df99332859697a6bc670b825eb448bdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036

MD5 6e6779f524e26eda8ae9bf4bb9d936bf
SHA1 0553e3ffa952c3e3ac8147192a8689effbcbd247
SHA256 adb2173996ce7d7e8ce3de51d2f6ecca8ce7e3288d836128f5e0538fea327f32
SHA512 98ca7925cd68b00fb57be654d8e76abf2ca1a20089a33ded6f1ef36beb8f1916a04b625aeeccf026943834b635699b666bb8e6a679a82422508eb0d5de4add2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037

MD5 00494c10001e5d3506062fe05b3be14b
SHA1 b6863374fbf468a7e7ed8c5c229b6b47e9e158a9
SHA256 a474b4dbc3de7f01ae792b12f5950955fc94e31fc77c523d1676590b244c2a65
SHA512 9f68ffec822ef1bb4c479ff206d65305dc17b498caa5821c9a9da70111bf457eee594894189fa9ea4e50bba50bac876024d3a82349d35ab42adf523870fbbbde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old

MD5 945cb72e8e09ac045e07de16fce40ed7
SHA1 9f1a04c61ec9f707a836fc321edb1cf7e88e0e4f
SHA256 6185463f639054e56f1245b69ebba9c4fe48df4c529c90f93d6a022f027a0027
SHA512 f63d5720c78fea5a951f2a8133736e7d7efd749438ed0501aa2655b71923c8115ddc1d6b5d99b86ebd99b7af075af36eb9c3c823295591ae9a681dd5dca90609

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old~RFe5da069.TMP

MD5 acc71c843354beb0afc6dc72db90870a
SHA1 0a5c62f3c203ec52af8239e93cf237871dbd4922
SHA256 b7ea18817516964acf83d846b0eeb5f62b2e1b171530b4efc87e6e48a85216f8
SHA512 7ed771199de9e29b574541d9f383abec68e8149ab6919bcb7ce3364b88f3401635be72e0c5b41275ef51e0980f83ce8b9893cbf9ec5fed54aca90b66aa8b1358

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000038

MD5 1862a084867804c6446e31f801a6ca10
SHA1 9f0addd7e5407ad6adc297d83e71864bf5d234ef
SHA256 fddbb692490ae3a98abc3505688261ed1d9de4440367b2b83dfc26237dab2637
SHA512 110160df85746bedc1b5c56c9837a0e6850f47b27b18b804077179821932ea5e4317d1e42407304d3b96f9848504f0ca879c02030510f509d6409285aa90d144

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 6c6ade018e44de28305743561795260a
SHA1 48fc69b305366a71c85e91b246ec88c5378001c6
SHA256 74fa08a626b0d8940b8bd5856be3ac31c4035a2ece78d5f98b0fc489eb27f365
SHA512 dda51edabd2ef17a13468b79523371449ea842474d244f6f19fadcd6cc01b3b6934d766db527fd603f08dcd8538de698dcb5aee3980e4941ea36b90cc3f39ec3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041

MD5 b82ca47ee5d42100e589bdd94e57936e
SHA1 0dad0cd7d0472248b9b409b02122d13bab513b4c
SHA256 d3c59060e591b3839ec59cad150c0a38a2a2a6ba4cc4dc5530f68be54f14ef1d
SHA512 58840a773a3a6cb0913e6a542934daecaef9c0eeab626446a29a70cd6d063fdb012229ff2ccfa283e3c05bc2a91a7cac331293965264715bdb9020f162dc7383

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old

MD5 0518326930ed5fb7923f783b794e3e93
SHA1 401800964b827997de043073370afad4c898dcf3
SHA256 988faa32ad593a48267ad822cdd7737a2f79bab481c122ea02f3551bc602f40a
SHA512 1f0d7968726fa9fa70930c055802d5ee77286208e2ea1568ce270514a1bdf5e48d07d937f9d39cb22588ad19c7e64edfdd9014f84e0adb0c5ce0d575ffc16ec5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 06c989f0f3b81ac60fe38fd57fe14435
SHA1 387e9f8595f633c1c463a518c73292aaa9b9f3cc
SHA256 cc919964449d5a4a33ff9e235eff82a68f45ff417e9c7a239af4a53fde9ba53b
SHA512 82f7759e2c42d79693af748ea5cca1a93c5d87740212db8acf346e553d69e9e3c1a03519bf11d149b8c006539fa57604a6aae8b86ea12b886c0752f293448a27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c8aaca7768e05504b61878269fc416b0
SHA1 0319e058f40a66b781aaa95079548492b15be332
SHA256 07def1c59fec69bc9903f5ca171624d4555d089e21c4fb935b79152c062ea9e6
SHA512 67f491806d2cc5e8f1a7e1a5a5e30fb9a60337c8534eaf34682ebad02f396d64bc1ae7a929619bc36d1d259ac9d143a0344a033a6f82e560226bebbd27795b87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000003.log

MD5 5d6062434976c1ad2fad7f901f498d6f
SHA1 59e67b1a9f5cd238801734bce45908c9a29f94be
SHA256 2aa45364fc6be185e8c782c7c07e9f4c6e56fa45fb4141a98f6f40dd756620f6
SHA512 d65f51dd0110605fceaac01638e1342a1482717bcfb850fc816a6c0725ee9a7065528f3b153c98c48e443e8e7bd331d1d6d6e3fa8e2af8e4fd9d6b275621a57b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 3c2b50280658a13e398625d8d2f5f08c
SHA1 5085338dbf42fe4e6be0bdb0934816829fafb7f8
SHA256 9c1327747b9a4967dad9bb246169a9202e80b10638a1370c81e7c5429c97b4d1
SHA512 10227009dabf7826778f47b437b972e9d8417915bbf1869846c0538da9cc9a6580601e29ee96fd7310a4be9f0969f63512ec690d136f7d5386552b70be14d8a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eb2cd1d4a8e8932a7474f2f12c0df44a
SHA1 121b0ef14e0be315a3cbd2f35a56cef6ecbb83ce
SHA256 f71985e84be34de2c5ab1c7f588d8a51dd64924c1a95293baeccf56a7f8f6e31
SHA512 eda05a23e067a8b48720d9940b57c2c7486bbc018b839378f419274c1a9819a3f106fa099b892f672f68df76dff0d6362af7656279bb4c0710964a03eba8d83a

C:\Users\Admin\Downloads\de4dot-cex.zip

MD5 1a30d3c69919c1d7eb1d298f37426294
SHA1 be18611bcbc14c11aecfc3589fab1079a0dedf72
SHA256 c726cbd18b894ca63b7f6a565c6c86ef512b96e68119c6502cdf64a51f6a1c78
SHA512 6e00841a7192c451988b0a907e0f925d369bcb458366e86ae76f313b0d69afe57e40db137da45ba1cce7eeabf3f61e0e2fdf7d5de119a6405fb446ca22d41e4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 859ca1e39f809a1f4528df811bd767de
SHA1 7402f57251f0d4a46139be6acc8ecd83441d94c1
SHA256 c701e347b344450203478f41aa349a8a3208fa42a2261a17a686b0ab56debc1a
SHA512 527261e0e540efad90304e4e71f7938ecadf5a336c91d6213f62203fe7ab92b0c4916337baae3d06db9b74c706d7abfa345140c961cd12c92d8ef85376b22b30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e74b7db6e32e7ea7e6572e11fe82011
SHA1 9610ad6be4e13ec85168a7a21c9496a57f4b7b9d
SHA256 c926364e1b428148fa9304c15ee15ad5b07a0b82f2724fbe21ee8e3dc2e7a535
SHA512 c228020251ca6d8c46f25f5e79ad5c8eb641914e642627114562e05ca35db50fec0b4ac09c01bc3c581afaee0363a27569029bac202b1958874692a847bb47d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c5c34f9976cb4427da2651bc23db86d5
SHA1 3b708bc3a8f19ecc928dee195a80f9f2de13a647
SHA256 f00e503a17e90d1f0e2f9dc578337fcb353080f2663bcff02a22409d163ca337
SHA512 b65435776aa2ceb45f5026e8c47bbf87dfafb63539424643aa2dee6d4fb1785a2706c098d155a5bc41a5f210cb797fbcd811dfe3b9c005113dbd90a20cdff14a

C:\Users\Admin\Downloads\de4dot-master\de4dot-x64.exe

MD5 b8c7e0333c8d0883800d408ca4da1db9
SHA1 1bceafeace4157d1122a14898eae95a9aede3db8
SHA256 31892c6ba09d5ec1ad774b036a57936221b788cc2bb7af34e803b97b466a6e8d
SHA512 31cfd64b86f1cab6a0c7e6f99aeaca93eed83d72f763a5ece7b3061fb8a56d2963cb61c99b61ac79ce6fec3b09cbafeb0dbef9451b566b4783908b271201481f

C:\Users\Admin\Downloads\de4dot-master\de4dot-x64.exe.config

MD5 93e84ed4b5e33f385a7f4b4fcb0fcc68
SHA1 926af837e5c707e523ba06af17dfca3d2e8ed2e8
SHA256 caba4f4bfa95539f0dc3dfa3ec1229b325bf1c307bd666a3889fdf96421f5407
SHA512 8d132f889591b70e5c5120b18cdabf34662c4ce9ce2aa81168910552d6dddc7acc6dcd88be8b79b7e48cb5cd93b50eefc0a6c60d92f5c9e69f2eafd570dc5647

memory/3864-1721-0x0000000000320000-0x0000000000326000-memory.dmp

C:\Users\Admin\Downloads\de4dot-master\bin\de4dot.cui.dll

MD5 5ddc6ba42b288532d57d7809dce2db1c
SHA1 1968d7374674b9c9aa04a9604c813c9490f3f9b4
SHA256 ac7b8dfb428d46cd31f3fca3c4002ba01a3acd67dc2998e11941d519f34cb792
SHA512 dd7d1f3cfd61b5c0fbf24b590a7aaa7ff0cdcafa303c2f7f00a71f5d8703e398643ececfb94d6b8ece8fa3051480667c5df233ee7bc0ac70fabc606aa3a59428

memory/3864-1723-0x00000000010E0000-0x00000000010F0000-memory.dmp

memory/3864-1727-0x000000001C060000-0x000000001C184000-memory.dmp

C:\Users\Admin\Downloads\de4dot-master\bin\de4dot.code.dll

MD5 e8a0659bd6a0de12bc61b4087adb9996
SHA1 844dd095dac2667bf19d2e9e161f39f1d1aed67c
SHA256 c6d7d8616d74179dbef9ce441f02cdfd2b0eaaec55bce1d209c86f196ce55135
SHA512 431cb41a6bf7324654179b91e89b086ac9e4040ad34d809b2ed71bad85d6dcadcc90c4f5bd449d69ab26112057cf41d4ac4419ec0f0abef0fc552166fb736845

memory/3864-1725-0x000000001BE30000-0x000000001BF24000-memory.dmp

C:\Users\Admin\Downloads\de4dot-master\bin\dnlib.dll

MD5 6e803cedc518f40f427be4ed6bf77553
SHA1 6cbf298605c4d236f88b4c77435a55dddd9f4a57
SHA256 1b9e108e458c30655f98bb681bc6162b39c08e781264f2181e18be297d7b22d2
SHA512 75e077872e0d0ed19657d7d0bb456ff22a53dd72cd96cc08841f3bf516822a6e07cdc3b25429459cff9e159e4f56104ecb6ce6e062d30d90bf50ebd56f7985cd

memory/3864-1728-0x00007FFBB9160000-0x00007FFBB9C21000-memory.dmp

memory/3864-1730-0x0000000001150000-0x0000000001166000-memory.dmp

C:\Users\Admin\Downloads\de4dot-master\bin\AssemblyData.dll

MD5 d7b52562e6512f3654ee10c3c9529ab7
SHA1 576c20c832a50a5b21bb583a93d23f40099ceb09
SHA256 2e91c540553e6432f24d4fb6b6b407eafd393b958bdff56fafaf615def9afa67
SHA512 890d39ee5d2d80c9a335de9466de9efe706c63a55d60a3b87940b7b3a18abe60d09684af3c0f3ab17be28fe4b593a1cba79fbfaf3c8827785dd6a0f41f5809db

C:\Users\Admin\Downloads\de4dot-master\bin\de4dot.blocks.dll

MD5 cdd68ffe464313c170ef8e98b37204c7
SHA1 9fd1b8318a333cd10e017b208cfbbb71c6868d33
SHA256 ba197b4b6a19ce6242256639a3f641575c77108a07d5fcd3ac13f1d38bfcf98f
SHA512 684b50c63c832aa62fad5db675a8037fcc0b5f91c76f21fba99e3c240c5f0f06786f5e240c4019697e5b4d7b924cb3522a2d8e2565d45cdf9ffa3303dcd86f7d

memory/3864-1732-0x000000001BD30000-0x000000001BD5A000-memory.dmp

C:\Users\Admin\Downloads\de4dot-master\bin\de4dot.code.pdb

MD5 3140fc2bbb78c42856607b5e4a1fe98d
SHA1 9182b1f91fed43e7619273b2530b55d61c1f8aa1
SHA256 cd3aa85a8cf38cb4edba5c9b5686041856a3d3037c8a7fe077b5f3e6cc3f4446
SHA512 9139b19fb283352df834619af26871c6b3a246216762762a64de819528c340e455e5f42919662dcbf16adf646e39d11dc0cdc596f99b1cc3dd6d0885d8109e06

C:\Users\Admin\Downloads\de4dot-master\de4dot-x64.pdb

MD5 d32d3321ac9116647f64c62662c2ffb8
SHA1 6540b6c797e830c0da0abd05940a563b25277bf6
SHA256 e4b0e708e323f699175c1fac7c44ee73966fc4f4c26b4482a4b66f79e0016230
SHA512 caf4395a5b90c1f95d7b43a055bd7996d2c6ea08ab1ad1d21b3ce61b63cfd099fbae81fa2bc7f8c5baab6cf738e0b9f43e6cb3971f5d46691ab9a72f99fbab55

C:\Users\Admin\Downloads\de4dot-master\bin\de4dot.cui.pdb

MD5 05ea38583fdd31a9ea02e0f9cbe5f9c0
SHA1 79099ec5c22e3984531da03af04543c256fd394f
SHA256 029cba4deec4c81d7176e148f7bcfffbe262006b9d6cd8e69e56a34d9a027267
SHA512 92ddf88cafe7e812abcf2be95d8e1f2af0c4509d13f69d589dc754caaa1c725b5c2c002acfe0989e90a70532df5b6b80bbf671da0a437ee04bd805d570c7f97f

memory/3864-1736-0x00007FFBB9160000-0x00007FFBB9C21000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2115f60e3cf2622d6850106cba2332c9
SHA1 d8c355eabf98ca850e14b0079f9acd4affce6aee
SHA256 037f8974bcde42b5ebd5c8fa3342c1aa55af6200272b457bfba1ba28667b2cef
SHA512 3bd6b5ced1f8f11b33e447a20110dfabad30e430e70dd5e0143825a93a23352b8c7dc9b7435ca329acde80843001f421ad593800cf49c091cbf57ff9be267522

C:\Users\Admin\Downloads\de4dot-master\de4dot.exe

MD5 e4ec36a7794af9974ae5d559828aae6a
SHA1 ddfe58436c62d3a81098ec862f612daa7d3741c7
SHA256 0dd150d75641089f7cc7de58e064ce6d091a2dad87f69fa812321838efff0752
SHA512 328dd26f46203adc8e38c995a6aaa4e1e4d8d482f8f09a20183439e906a6041a516f0cb826aa3069559e9ef4cc79c8bde984ccb7f40d947955a355772dd34e93

memory/5012-1750-0x0000000000190000-0x0000000000198000-memory.dmp

memory/5012-1753-0x0000000002300000-0x0000000002310000-memory.dmp

memory/5012-1756-0x0000000004AD0000-0x0000000004BF4000-memory.dmp

memory/5012-1758-0x0000000004C00000-0x0000000004CF4000-memory.dmp

memory/5012-1759-0x00000000750F0000-0x00000000758A0000-memory.dmp

memory/5012-1760-0x00000000049D0000-0x00000000049E6000-memory.dmp

memory/5012-1761-0x0000000004A20000-0x0000000004A4A000-memory.dmp

memory/5012-1762-0x00000000750F0000-0x00000000758A0000-memory.dmp

memory/5860-1765-0x00007FFBBA250000-0x00007FFBBABF1000-memory.dmp

memory/5860-1766-0x0000000001380000-0x0000000001390000-memory.dmp

memory/5860-1767-0x00007FFBBA250000-0x00007FFBBABF1000-memory.dmp

memory/6052-1769-0x00000000750F0000-0x00000000758A0000-memory.dmp

memory/6052-1771-0x00000000750F0000-0x00000000758A0000-memory.dmp

memory/3928-1773-0x0000000000FC0000-0x0000000001BF4000-memory.dmp

memory/3928-1774-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/3928-1775-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/3928-1776-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/3928-1777-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/3928-1779-0x0000000075E60000-0x0000000075F50000-memory.dmp

memory/3928-1778-0x0000000075E60000-0x0000000075F50000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5709218b214c71f3369a9cf7f0174aa4
SHA1 7a26319e0137f53d3bf5c01e31036ef6fa191f9c
SHA256 697e3317d342ac325bd9d97f59ec774a8145f2821d633aefe22c46dfd7069d7b
SHA512 4e542c4c49a24c395c9b9fe0b2374858bb58dbeea0b05ebe47fe162d93dbdf4b98ba343c870c10129a4e8d073e3665aba1dc08149ac880661741ac162a5ba48b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 fa1f07fad9a1710ec97759f173b5ba83
SHA1 2e7842102a8a4806b4310b0973b2219411360f9c
SHA256 9de22d39314c28c106f107493ba3ce79407ac020d19cbef2fe638c34934ae3be
SHA512 acd18ddfa3e991b9b5aedc6faf43e2f1054ed19d9fe7b6e61ad48999bce7bdd14c43cb5d8ec92a7a6fbb8ddfc98feb1af3f2f8ebb2af94c7b7bb9ff5ffbb044c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 eb938333a20b630fdf3443a4965f6d25
SHA1 4d5ba3b2d28cbb5ebe1b517aa8bbc26beb065f70
SHA256 3395b3b959aa94bee27dc9587f7640530d5be7b230144158e3672fb3e1b6d868
SHA512 963945c504eea20f0e63cfeccab52ac2d3df4b3e27ca0bdab15e8adc532970f63648eb9c0fe032574556ebc045a25fc294d25c8f0c020a4db2ce0adb1dd55164