Analysis Overview
Threat Level: No (potentially) malicious behavior was detected
The file https://app.mediafire.com/uzg9rt06apy3o was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
Modifies data under HKEY_USERS
Opens file in notepad (likely ransom note)
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Modifies registry class
NTFS ADS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-03-13 13:46
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-03-13 13:46
Reported
2024-03-13 13:49
Platform
win10v2004-20240226-en
Max time kernel
159s
Max time network
164s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133548112371745256" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-609813121-2907144057-1731107329-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\PASS_2023.txt:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://app.mediafire.com/uzg9rt06apy3o
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffd8ef29758,0x7ffd8ef29768,0x7ffd8ef29778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2168 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2992 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2996 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5360 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5068 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5604 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5652 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5780 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4852 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5584 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=6196 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2704 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6492 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6652 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7024 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=7332 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=7340 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=6148 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=7608 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6312 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\PASS_2023.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6456 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\PASS_2023.txt
C:\Windows\system32\NOTEPAD.EXE
"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\PASS_2023.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=924 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4596 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\roblox.7z"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7832 --field-trial-handle=1944,i,8173314656546168869,16746626206772308463,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | app.mediafire.com | udp |
| US | 104.16.113.74:443 | app.mediafire.com | tcp |
| US | 104.16.113.74:443 | app.mediafire.com | tcp |
| US | 8.8.8.8:53 | 76.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.113.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.178.17.96.in-addr.arpa | udp |
| US | 104.16.113.74:443 | app.mediafire.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | 241.154.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.80.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.mediafire.com | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| NL | 142.250.27.155:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 14.36.251.142.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | tcp |
| NL | 142.250.27.155:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | sessions.bugsnag.com | udp |
| US | 35.190.88.7:443 | sessions.bugsnag.com | tcp |
| US | 8.8.8.8:53 | api.amplitude.com | udp |
| US | 104.16.113.74:443 | www.mediafire.com | udp |
| US | 44.236.56.181:443 | api.amplitude.com | tcp |
| US | 35.190.88.7:443 | sessions.bugsnag.com | udp |
| US | 8.8.8.8:53 | 155.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 7.88.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.56.236.44.in-addr.arpa | udp |
| NL | 172.217.23.195:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| NL | 172.217.23.195:443 | www.google.co.uk | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 195.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 217.106.137.52.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 58.99.105.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 41.110.16.96.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 100.5.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | the.gatekeeperconsent.com | udp |
| US | 172.64.103.2:443 | the.gatekeeperconsent.com | tcp |
| US | 8.8.8.8:53 | btloader.com | udp |
| US | 8.8.8.8:53 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | www.ezojs.com | udp |
| US | 8.8.8.8:53 | translate.google.com | udp |
| US | 104.22.74.216:443 | btloader.com | tcp |
| US | 8.8.8.8:53 | cdn.amplitude.com | udp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 172.64.102.2:443 | privacy.gatekeeperconsent.com | tcp |
| NL | 142.250.179.206:443 | translate.google.com | tcp |
| BE | 13.225.20.181:443 | cdn.amplitude.com | tcp |
| US | 172.64.192.22:443 | www.ezojs.com | tcp |
| US | 172.64.192.22:443 | www.ezojs.com | tcp |
| NL | 142.250.179.206:443 | translate.google.com | tcp |
| BE | 13.225.20.181:443 | cdn.amplitude.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| NL | 142.251.39.106:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 2.103.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 216.74.22.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.102.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.192.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 206.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.39.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.20.225.13.in-addr.arpa | udp |
| NL | 142.250.27.155:443 | stats.g.doubleclick.net | udp |
| US | 172.64.102.2:443 | privacy.gatekeeperconsent.com | udp |
| US | 172.64.103.2:443 | privacy.gatekeeperconsent.com | udp |
| US | 8.8.8.8:53 | api.btloader.com | udp |
| US | 8.8.8.8:53 | ad-delivery.net | udp |
| US | 130.211.23.194:443 | api.btloader.com | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| US | 104.26.2.70:443 | ad-delivery.net | tcp |
| NL | 172.217.23.195:443 | www.google.co.uk | udp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | translate.googleapis.com | udp |
| US | 172.64.103.2:443 | privacy.gatekeeperconsent.com | udp |
| US | 130.211.23.194:443 | api.btloader.com | udp |
| NL | 216.58.208.106:443 | translate.googleapis.com | tcp |
| US | 8.8.8.8:53 | g.ezoic.net | udp |
| FR | 35.181.89.222:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| GB | 96.17.179.205:80 | apps.identrust.com | tcp |
| US | 8.8.8.8:53 | 42.239.225.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 70.2.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.211.130.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 166.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.89.181.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| NL | 142.250.179.130:443 | securepubads.g.doubleclick.net | tcp |
| US | 172.64.174.21:443 | go.ezodn.com | tcp |
| US | 172.64.174.21:443 | go.ezodn.com | tcp |
| US | 172.64.174.21:443 | go.ezodn.com | tcp |
| NL | 142.250.179.130:443 | securepubads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 205.179.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 119.110.54.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.174.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 130.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.36.251.142.in-addr.arpa | udp |
| NL | 142.251.39.106:443 | translate-pa.googleapis.com | udp |
| NL | 216.58.208.106:443 | translate-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | prebid.media.net | udp |
| US | 8.8.8.8:53 | btlr.sharethrough.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| US | 8.8.8.8:53 | hbopenbid.pubmatic.com | udp |
| US | 34.120.63.153:443 | prebid.media.net | tcp |
| DE | 52.58.203.207:443 | btlr.sharethrough.com | tcp |
| DE | 52.58.203.207:443 | btlr.sharethrough.com | tcp |
| DE | 52.58.203.207:443 | btlr.sharethrough.com | tcp |
| DE | 52.58.203.207:443 | btlr.sharethrough.com | tcp |
| DE | 52.58.203.207:443 | btlr.sharethrough.com | tcp |
| GB | 185.64.190.77:443 | hbopenbid.pubmatic.com | tcp |
| DE | 18.197.95.73:443 | tlx.3lift.com | tcp |
| US | 172.64.174.21:443 | go.ezodn.com | udp |
| US | 8.8.8.8:53 | 153.63.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.203.58.52.in-addr.arpa | udp |
| NL | 142.250.179.130:443 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 77.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.95.197.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| NL | 142.250.179.206:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | contextual.media.net | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| GB | 96.16.109.9:443 | ads.pubmatic.com | tcp |
| GB | 2.17.4.21:443 | contextual.media.net | tcp |
| US | 13.248.245.213:443 | eb2.3lift.com | tcp |
| US | 8.8.8.8:53 | 9.109.16.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 213.245.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.4.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.otnolatrnup.com | udp |
| US | 104.19.215.37:443 | cdn.otnolatrnup.com | tcp |
| US | 8.8.8.8:53 | 37.215.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | otnolatrnup.com | udp |
| DE | 52.58.203.207:443 | btlr.sharethrough.com | tcp |
| US | 34.120.63.153:443 | prebid.media.net | udp |
| US | 8.8.8.8:53 | tags.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | ad.crwdcntrl.net | udp |
| BE | 13.225.239.9:443 | tags.crwdcntrl.net | tcp |
| IE | 99.81.175.208:443 | ad.crwdcntrl.net | tcp |
| DE | 52.58.203.207:443 | btlr.sharethrough.com | tcp |
| DE | 52.58.203.207:443 | btlr.sharethrough.com | tcp |
| DE | 52.58.203.207:443 | btlr.sharethrough.com | tcp |
| DE | 52.58.203.207:443 | btlr.sharethrough.com | tcp |
| US | 216.239.34.36:443 | region1.analytics.google.com | udp |
| IE | 99.81.175.208:443 | ad.crwdcntrl.net | tcp |
| US | 8.8.8.8:53 | 9.239.225.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bcp.crwdcntrl.net | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| NL | 198.47.127.19:443 | image6.pubmatic.com | tcp |
| US | 8.8.8.8:53 | 208.175.81.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.127.47.198.in-addr.arpa | udp |
| FR | 35.181.89.222:443 | g.ezoic.net | tcp |
| FR | 35.181.89.222:443 | g.ezoic.net | tcp |
| US | 8.8.8.8:53 | 190.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | cdn.id5-sync.com | udp |
| US | 8.8.8.8:53 | oa.openxcdn.net | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| US | 8.8.8.8:53 | cdn.prod.uidapi.com | udp |
| US | 8.8.8.8:53 | invstatic101.creativecdn.com | udp |
| GB | 2.17.4.21:443 | contextual.media.net | udp |
| US | 8.8.8.8:53 | cdn-ima.33across.com | udp |
| US | 8.8.8.8:53 | a93970b56248244c7442778212892351.safeframe.googlesyndication.com | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 34.102.146.192:443 | oa.openxcdn.net | tcp |
| BE | 13.225.16.60:443 | cdn.prod.uidapi.com | tcp |
| US | 172.64.152.89:443 | cdn-ima.33across.com | tcp |
| NL | 216.58.208.97:443 | a93970b56248244c7442778212892351.safeframe.googlesyndication.com | tcp |
| FR | 178.250.7.2:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 172.67.38.106:443 | cdn.id5-sync.com | tcp |
| US | 34.96.70.87:443 | invstatic101.creativecdn.com | tcp |
| US | 8.8.8.8:53 | 192.146.102.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 60.16.225.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.152.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 97.208.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.38.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 87.70.96.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.21.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.160.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | cdn.ampproject.org | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| NL | 172.217.168.225:443 | cdn.ampproject.org | tcp |
| NL | 172.217.168.225:443 | cdn.ampproject.org | tcp |
| NL | 172.217.168.225:443 | cdn.ampproject.org | tcp |
| NL | 172.217.168.225:443 | cdn.ampproject.org | tcp |
| NL | 172.217.168.225:443 | cdn.ampproject.org | tcp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| NL | 142.250.179.129:443 | tpc.googlesyndication.com | tcp |
| NL | 142.250.179.129:443 | tpc.googlesyndication.com | tcp |
| NL | 142.250.179.129:443 | tpc.googlesyndication.com | tcp |
| NL | 142.250.179.129:443 | tpc.googlesyndication.com | tcp |
| NL | 142.250.179.129:443 | tpc.googlesyndication.com | tcp |
| US | 104.19.214.37:443 | otnolatrnup.com | udp |
| US | 8.8.8.8:53 | download1591.mediafire.com | udp |
| US | 8.8.8.8:53 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | fa41de44b6953563bb095f156d03d47f.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 34.120.135.53:443 | oajs.openx.net | tcp |
| FR | 178.250.7.13:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | 225.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 129.179.250.142.in-addr.arpa | udp |
| US | 199.91.152.91:443 | download1591.mediafire.com | tcp |
| US | 199.91.152.91:443 | download1591.mediafire.com | tcp |
| US | 199.91.152.91:443 | download1591.mediafire.com | tcp |
| US | 8.8.8.8:53 | 37.214.19.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 53.135.120.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.7.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.152.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | s0.2mdn.net | udp |
| NL | 142.250.179.129:443 | tpc.googlesyndication.com | udp |
| NL | 142.250.179.162:443 | googleads.g.doubleclick.net | tcp |
| NL | 142.250.179.196:443 | www.google.com | udp |
| NL | 142.250.179.134:443 | s0.2mdn.net | tcp |
| NL | 142.250.179.134:443 | s0.2mdn.net | tcp |
| US | 34.120.135.53:443 | oajs.openx.net | udp |
| US | 8.8.8.8:53 | 162.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.mediago.io | udp |
| NL | 142.250.179.134:443 | s0.2mdn.net | udp |
| US | 8.8.8.8:53 | googleads4.g.doubleclick.net | udp |
| NL | 172.217.23.194:443 | googleads4.g.doubleclick.net | tcp |
| BE | 13.225.239.91:443 | cdn.mediago.io | tcp |
| NL | 142.250.179.134:443 | s0.2mdn.net | tcp |
| US | 104.19.214.37:80 | otnolatrnup.com | tcp |
| US | 104.19.214.37:80 | otnolatrnup.com | tcp |
| NL | 142.250.179.134:443 | s0.2mdn.net | tcp |
| US | 8.8.8.8:53 | 187.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.23.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.239.225.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | images.mediago.io | udp |
| US | 8.8.8.8:53 | google-bidout-d.openx.net | udp |
| US | 34.111.60.239:443 | images.mediago.io | tcp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 34.111.60.239:443 | images.mediago.io | tcp |
| US | 35.244.159.8:443 | google-bidout-d.openx.net | tcp |
| US | 34.111.60.239:443 | images.mediago.io | tcp |
| US | 8.8.8.8:53 | gtrace.mediago.io | udp |
| US | 8.8.8.8:53 | trace-eu.mediago.io | udp |
| BE | 13.225.239.91:443 | cdn.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| BE | 13.225.239.91:443 | cdn.mediago.io | tcp |
| NL | 142.250.179.130:443 | securepubads.g.doubleclick.net | udp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | udp |
| US | 8.8.8.8:53 | 80.168.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | dsum-sec.casalemedia.com | udp |
| NL | 172.217.168.194:443 | cm.g.doubleclick.net | tcp |
| US | 104.18.36.155:443 | dsum-sec.casalemedia.com | tcp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | tcp |
| US | 8.8.8.8:53 | 8.159.244.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.60.111.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.36.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.168.217.172.in-addr.arpa | udp |
| NL | 142.250.179.162:443 | googleads.g.doubleclick.net | udp |
| US | 104.18.36.155:443 | dsum-sec.casalemedia.com | udp |
| NL | 35.214.168.80:443 | trace-eu.mediago.io | udp |
| NL | 172.217.168.194:443 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | ib.adnxs.com | udp |
| NL | 172.217.23.194:443 | googleads4.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | download2390.mediafire.com | udp |
| US | 199.91.155.131:443 | download2390.mediafire.com | tcp |
| US | 199.91.155.131:443 | download2390.mediafire.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| NL | 185.89.210.244:443 | ib.adnxs.com | tcp |
| US | 8.8.8.8:53 | 131.155.91.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 244.210.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 137.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| NL | 172.217.23.195:443 | www.google.co.uk | udp |
| NL | 172.217.23.195:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | 1.80.190.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 209.178.17.96.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.178.17.96.in-addr.arpa | udp |
| NL | 142.250.179.162:443 | ade.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 169.117.168.52.in-addr.arpa | udp |
| US | 192.178.49.3:443 | beacons.gcp.gvt2.com | udp |
Files
\??\pipe\crashpad_3128_SGAHLVDUGBXPGYCB
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 06cd14bc8887567c034d6d7f1096327c |
| SHA1 | a79e4ee5d5d8042aa89ee8e01b3cae5a5d8de997 |
| SHA256 | 742b30458f29ef2e6f8b2d2702d1215c068a5cc572932d1db4507ee9b78f1634 |
| SHA512 | 44671c7c554781bb7c51cfdcee26a5d0b3a7dacca9523b20ce3086ec52ce908cb6c754b8dcc94c7e5dd61523173171ab3f0d36940ef5fa76190001fb87833df1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 9bdf243ae814a8520a743e2c57517427 |
| SHA1 | 06d2d5cd2507c53020d499c2cd4077967171bdf3 |
| SHA256 | 5efea8ba77271105b033259563d00830aea59f1e514a88c23d6efcf9632ead74 |
| SHA512 | 298bbaf1b69769e00a5b3f4aa4eee042298789f8b8dd98155271f876f991d74f47d92b1f5c4ffe0e70e07555e6a2ca817fbf95e9ac03ef390ced5c9019ba6fde |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ebb136c035b1d5a50eb6553884756211 |
| SHA1 | d973a13b9fd26b27c22d1a08664dde8b39998140 |
| SHA256 | c9acd7f2579c30ea6cdd1bea36b1a48cf43fd01c15de9b92fb006aa2b7d1bf36 |
| SHA512 | eb343edba7f57a6fb43f634f303ad3a9884720c23b35433b57f83e339a3a4cddb4c5eefd03fe433c669d856585775d9311a509c0b37bd5d2df1554df63371c5e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 274efd17192b14a26fd50ee9be7453ec |
| SHA1 | 16b7f494e6ac8aae7f2f6c38412d1e61b341159c |
| SHA256 | 30de954d353d052ce505f8824bd19a2b6cc89d016264bce9e8394e5fb689e888 |
| SHA512 | aef780b1e2ed36500e91457cac6e5b1478c88700e5ad4f1828b97736c2854dd874c017e48f598566d7e7e065578211e2589c4549a378d91065a23b35f206e9bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 57a262279c62e30d76e135e00c2fde9d |
| SHA1 | ee8da855c0abce2708b3e9546ffce058dc521ae3 |
| SHA256 | 27740b4a6daec32e40e98a4ffe23c8e30f554f4a432bbcaf665a1f8a86d7cb6c |
| SHA512 | 768310e81eb044b4bf378d70e47b90906adae098912e7ed043e9aac84d970e46ae819f60f365c34485f065a4792159354485d4498dbb13e001b1a204dd30cf74 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 14a75668ff755f14e5cb89e25715e9e2 |
| SHA1 | 80fab2507c7a30930d6f0ff66270a098b3301505 |
| SHA256 | b79aa82c4b8f84d39094b6e70563857061f6afeb812d825ccc6229b34ec83570 |
| SHA512 | 1d8ff7419d6ec0ddf6bbefe7e37214fed650f6771ff7a983ee3d2d816dfe6b4cc031ecf2003c5de1599c4ad5ca0a96a69484bb058c56fc3ce2e94c3f013c32d9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | dde37f2abdd0151c034d4e930efe62d6 |
| SHA1 | 48e7314aa0d4ff4ce7510b03c3590113eb5bae2f |
| SHA256 | 88a737f0a9455a3caca4a0cc7fc6def9d0e86e43f1ba01e9929db2cc97d89650 |
| SHA512 | 08f0b54296fbcf692c34048b1d8ae42679b1d756a249ea058375e7c7ac0bab2d10a79911a5973e94d8cef459bec3ebbfab5d2bf772a61a3318583e6313d5bafc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9d47d5fa50afba4b6bf5cda25ca4ac24 |
| SHA1 | da2442224d0ff34ee8abfcc688af85be4c404299 |
| SHA256 | ab48d6b9824527095f323dd420ea2a433da0943eff3ec1ecb11b1f094f372e73 |
| SHA512 | a51bda9c72959509de13e56a37df15044c768fb45037d9ae91dd398af799f17bc8d90868349a3b57579701408d32d49f2a05d39a6b9e7cc9c24135c160756aa8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ffaf935325769ed161ef5018567147ef |
| SHA1 | e063ed1bc9a65be9de4d6188823b5d98fc8624c6 |
| SHA256 | 544496b3c8fe2a3685be3a28077ef943d2cbb4fd8eff86fddf28ae3b20fb6cad |
| SHA512 | 4a85b203df108d6749f900c7816964e72d8d67e7b2905d621b8bf3419c3b2fd798e642a75930780bf6030701b6e8a482604f22b9a31027b5b3963d53a37b0710 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5ee51ae38ba4b96222ed3899b5016334 |
| SHA1 | 6332f44680607085675f7f81b938c94419964242 |
| SHA256 | ec16e7527ebcd73a9af8c229866e41967ef47b02f47906ada336935ca978833f |
| SHA512 | d65bbdeeed037a6cf3d51a004a5383ad1a153c523d0bb922d70481ec74507f42774d08f820ee21a19bfc6e33d411d9a2d9654ed5394266caa8faf8ba9d60e6a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 7f652922f004ed965b78a444360adb45 |
| SHA1 | c681cba7ca5514905f53cab070f45fcc549b8efe |
| SHA256 | e888caafef4d1107a5ed6749cb7520e7f7eacb2b0f2cbac9f8ba4882167200a2 |
| SHA512 | f9f79f1360f01ded2ade45a14af8755f9d76d02bc82eb643bee7d1ddc196b6502047a34878e90706878e15ed25ba85b3e32cf0325e93f9a90038e429b87ec294 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022
| MD5 | aa41473732f30d3b58deb7b994624a04 |
| SHA1 | 785555553919d805666b4b135ee0cb79b3aea51e |
| SHA256 | 7a3ce70f6a14dbcffeb2aeddc3f22dad500abaa0d18b387e4930e36bae09ed51 |
| SHA512 | 00bc19d8266aca5de6b551551d8baf8f537b8e5784566109cd9c24cc6463a652ef7d1466588e0401a7d52c226647454e5f992c4581b2166811294091e3040af9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | aa7f6edfa39b2acd39c75925abead25a |
| SHA1 | 14ed8a0e3726419e7f851a6701971ef399c1f11e |
| SHA256 | 9f313bfe8863eda86bfb07482a75bae7c850969e831df637cd174119d7f74e2f |
| SHA512 | 20fafae02c8914447505f8127340a5505595b44fc4c36176c992f1ea6b5ff43a7071289a8a9d309d58ff845b88b6b455c168177845c3fc3ac96279a1ebc02451 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e061cae66cc3d6d6dec56aa0e8ae0485 |
| SHA1 | e17eb08738541317bc4c77fc1b044d24270ab66a |
| SHA256 | d11370f7032248b6512eb6ba052d310732af813b5440047f2c36736edaebbf40 |
| SHA512 | 9cff41a020c58c5d0e12a19df8a39ff1c62c9f7ad0bb64ddef7778fe305732978cedd29881802ad5b6a0fb424b29056d8160432284093f9f574383692a33071e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | dc0f895773ffa90e743c4d2ff27aec92 |
| SHA1 | e1b27c756d2f812808ca603475f9b7eaa72137a2 |
| SHA256 | 734f4f215e8ffc1b65619f4d162495e0a6da350e672c3b76f1b84fe9875bb6ff |
| SHA512 | a00590089bc4f01e0d8a5550670bd345170bfcbf5d9a8a84e8f2b28cf8a998a3a153274e6c841c138108c54ff9396bcbb6fc8adaba948e680cfac46e88f02f44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | e275f829805a2b53b500ce50460e19ed |
| SHA1 | 667a994b84b22d03518676630e3d073494b71c16 |
| SHA256 | d37b6f1617206af22ecdf1777b9bc44c3bbe7631109e3b5aae1b5b28af6ef366 |
| SHA512 | 66d460b65236bc1bcf1c3d43ae184bc6001e01ccd7d741a4c844f25bfb7a158258c01e3f4b04fb2c0e5ff1aabae708e7f3497bb0ddf2b245ccea7db298156957 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe590c99.TMP
| MD5 | 65249712a4f6ea7a51593a80d4e02092 |
| SHA1 | 72980376991f1a3fdbcd4449a9b4b82c86914f50 |
| SHA256 | b3591725a51bb042451e71245cd7982c435b0e8c52f3600af87bad9d983a5cd2 |
| SHA512 | 7c3683f0afc3dd6fcea060cb1d5b52ae215603f26e7901310a07e9c483820bcf9f7b13aade3bb08b14861b5a460221432f22698a79bd95c8dd73f057c6712e20 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cabbdb196857fc4c507f848d18c0d81a |
| SHA1 | 529194e4b5a362a51daf5d48dea3e366c5c9aee1 |
| SHA256 | 073fd94e4fb75285c28a8838b1f2aba0740d84261ca8d4cd3fbd34de25a1f2ac |
| SHA512 | 8e1925d2b93e6387229354232d70e72e4457c8eab70a244dd45ae13e9dc50091a914dd3c48297fc3b0c8d1539739fc1d9aa9da9c3249923e115707b60a7f88ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 894b0c38c66791d6e5eca49fad18c62d |
| SHA1 | 3404578f9e27bec13697f8f15964fd45a7f5cc6b |
| SHA256 | e03f130b3f72e80b39cb818177e50954379a3deadeef3dd024e1897eaf269e03 |
| SHA512 | af7ca3f5cd49b2671b6b6036949cb7a478c5861038339f3d428dd6622118aad8d56f7cee2cf5c6ac9e12f9e7978a359a4abbffc91a51a731bf8d9263888851d3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 79e3ed1b80f05dee3f32fcb1c9aaf447 |
| SHA1 | 0d1dd1102e11b6cbe8d7dd98bbcd52845303629e |
| SHA256 | f4a4767d4408745c3a13edcbe61b20e7ba911eace0d586c8ec1cb6559654da91 |
| SHA512 | e7a47c909106a1df100ee1a7ae114a649787365c0abc26da59169ef9bfff9447ebe32dc683f1ded17bd6775cfb67f1451d49fcd970fa83149e43f7cc7b43b209 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f03149a54955179a1e6ff2a5f478e092 |
| SHA1 | 78ab5db7a4f7ab183ff1da2d981b356c6663d70e |
| SHA256 | ab01eb118cd36f72d995802c93a439a6f54a907a0b743a0e45532c1ce48afa79 |
| SHA512 | ea65b9f6c87a50bde5bfb9c7b72238cee6ae3cc0689b9d95b89cb435b5111188f48d5499d9a0bba22f2822809b13f38d3813f8f9cb638adca2d88e1da2587155 |
C:\Users\Admin\Downloads\roblox.7z
| MD5 | b2d6b0d1babc365dcf7fe66d6ad958e2 |
| SHA1 | 79776e8df4ce1f4d79b3fad67da3a4c2665fadca |
| SHA256 | deed075831932d463d5111d9222d52943f2f887f2e060a40dfce7be881b837d0 |
| SHA512 | a3ec921919d40823f03a651aa7defd32a5244efc4fec2f8e2fa2d45c7e8e95ad3964eca723532e12e0b430eb829d7c7c17e367319ddd5ba0bd903931916aedd1 |
C:\Users\Admin\Downloads\roblox.7z
| MD5 | f1ad59b5a1119bc5386ad42c85d23269 |
| SHA1 | 18eefc02cc5401a7ab005afd40872547328c7ef6 |
| SHA256 | a67bf5edd4719a7d0079c410e164f962efddbb308206baab5aa07666a0dce4c3 |
| SHA512 | 2afe38dc8aac35edcc24f23d4740ec4498165b185fb390d8704ad119fb05d19308c23c74c8db8f2bc4df0f380f3218d1fadc43a0293f3db711b96b9f6fb86ca2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3996ce5435649fa0afc05eb87e9e9397 |
| SHA1 | 52ada8006cb0e844a94474751649bc5194dd8fec |
| SHA256 | 9a411cfc8dc799b96c1889cbb6d1322c78e973817572e997e9053e704e97e52a |
| SHA512 | 922653dde4e53c629fede7aece855aef00461edbc1020eec5dee4d681945aac2659d34fc70b2011af212ff6d13488b5bae636a8a27e7bbce6148b9d0dcb8ab7c |