Malware Analysis Report

2024-11-13 13:51

Sample ID 240406-jyx6paeg54
Target https://bing.com
Tags
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://bing.com was found to be: Likely malicious.

Malicious Activity Summary


Downloads MZ/PE file

Executes dropped EXE

Legitimate hosting services abused for malware hosting/C2

Checks SCSI registry key(s)

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Modifies data under HKEY_USERS

Enumerates system info in registry

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: GetForegroundWindowSpam

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-06 08:05

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-06 08:05

Reported

2024-04-06 08:14

Platform

win10v2004-20231215-en

Max time kernel

501s

Max time network

501s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://bing.com

Signatures

Downloads MZ/PE file

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133568643509420904" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Rensen.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3184 wrote to memory of 3148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 3148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 3668 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 3668 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3184 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://bing.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffed2ea9758,0x7ffed2ea9768,0x7ffed2ea9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1628 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2088 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2164 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2892 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2900 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3968 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4792 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4984 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5112 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3240 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4632 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5036 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4904 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3340 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5160 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5712 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5912 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5964 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5472 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5440 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5624 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\Rensen.exe

"C:\Users\Admin\Downloads\Rensen.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Users\Admin\Downloads\Rensen.exe

"C:\Users\Admin\Downloads\Rensen.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffed2ea9758,0x7ffed2ea9768,0x7ffed2ea9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3056 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5732 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4992 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5264 --field-trial-handle=1848,i,4062379375956556845,12153122758061855625,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 bing.com udp
US 13.107.21.200:443 bing.com tcp
GB 2.23.92.203:443 www.bing.com tcp
US 8.8.8.8:53 r.bing.com udp
US 8.8.8.8:53 aefd.nelreports.net udp
GB 2.23.92.203:443 r.bing.com udp
GB 96.17.178.188:443 aefd.nelreports.net tcp
GB 2.23.92.217:443 r.bing.com tcp
GB 2.23.92.217:443 r.bing.com udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 200.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 203.92.23.2.in-addr.arpa udp
US 8.8.8.8:53 202.74.250.142.in-addr.arpa udp
GB 96.17.178.188:443 aefd.nelreports.net udp
US 8.8.8.8:53 assets.msn.com udp
GB 23.48.165.28:443 assets.msn.com tcp
US 8.8.8.8:53 188.178.17.96.in-addr.arpa udp
US 8.8.8.8:53 217.92.23.2.in-addr.arpa udp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 40.126.32.138:443 login.microsoftonline.com tcp
US 8.8.8.8:53 aadcdn.msftauth.net udp
US 8.8.8.8:53 28.165.48.23.in-addr.arpa udp
US 8.8.8.8:53 79.121.231.20.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 68.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 89.33.18.104.in-addr.arpa udp
US 152.199.23.37:443 aadcdn.msftauth.net tcp
US 8.8.8.8:53 37.23.199.152.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 239.249.30.184.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 88.65.42.20.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
DE 140.82.121.3:443 github.com tcp
DE 140.82.121.3:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.110.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
GB 2.23.92.217:443 www.bing.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 3.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
DE 142.250.184.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 api.github.com udp
US 140.82.112.22:443 collector.github.com tcp
US 140.82.112.22:443 collector.github.com tcp
DE 140.82.121.6:443 api.github.com tcp
DE 140.82.121.6:443 api.github.com tcp
US 8.8.8.8:53 202.184.250.142.in-addr.arpa udp
US 8.8.8.8:53 6.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 22.112.82.140.in-addr.arpa udp
DE 142.250.184.202:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 8.8.8.8:53 api.github.com udp
DE 140.82.121.5:443 api.github.com tcp
US 8.8.8.8:53 www.google.com udp
DE 172.217.16.196:443 www.google.com tcp
US 8.8.8.8:53 apis.google.com udp
DE 142.250.186.110:443 apis.google.com tcp
US 8.8.8.8:53 5.121.82.140.in-addr.arpa udp
US 8.8.8.8:53 67.185.250.142.in-addr.arpa udp
US 8.8.8.8:53 196.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 110.186.250.142.in-addr.arpa udp

Files

\??\pipe\crashpad_3184_UTQPAATOGHPIWFGM

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2a2ce28c193b65fad19ae295dfc0a121
SHA1 12524711e05855b6df7513e9d82b2db6ecdbfe44
SHA256 5fc36712218be8a20cc21614e942566f4c4dfedc9f8ec8cc51bc33a64c8f8b79
SHA512 15672d3ac7b136d82e6348a7f7370cabd266dd620925b765637b4da18793a285645dc41373bd1eba03bcfd384cea6b980d3fca3cea53cef1cc2c24112a0d45fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e83a85ab35b9df2ac8b861af36de64ae
SHA1 eef34888e47c1a6852728fa54bd9424f73f82520
SHA256 6b25d2d466d44f6512abc669a475a43b7c7e04f1af7730d1ee4df4b7a7a8235e
SHA512 5c0941e67e7825bd89d10abd86ebf4a92679da339ab8998a1ed881c7570943ba53cd99247a11fc04a08adbb0ce9f71e9c5e6ada25c6c4bbc406fb062141c5eb3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\7e450e06-3acd-4516-8d29-e7bf66f24450.tmp

MD5 1a1c9549d4bf43f985398aa45cf48494
SHA1 11ca03cb9f6012b78d3f0e5fd1b9eca637a64eba
SHA256 2d5f4025cb0d1ac952034bb0faf14d1f3a7427ff6e7296fd914bb40c9501f5ab
SHA512 e2cb8d2429f95b5eb6d33e8fbb784bdf0f725da633f8346788546951615fe95991c13404735acd4ebbaa2ac187f749e1c14644eee7826a772106f3ceeec28809

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4fb90921e128003c6747e5fd2557d8e0
SHA1 5196e96a16d9972e5eb21a5a02d044c461633dcd
SHA256 29414470bfb086c0e391f8d93a13ead10e24f17f4d9ba11e9e66919793839075
SHA512 7797b3a416a55c7f6cb61a9a827733e2445a0c81706b98047235f52a83a00530f7a708d19a8814a985057f72e17e1ff2eb6837f94b45cdad404d8b1e7a9690be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b8b3e53e08db3c2a86afe078ffe7414b
SHA1 5e71407624caef43cf819176ce658507e68b8211
SHA256 0516fcd9d554f624680174a7d807645a2614d5b6eb5c41afc921a059beeb0b2b
SHA512 7fe6560e3492f7c469d9f323d35be0a6058f93784f22745decd8d9623f9de9b65a3d2556d987490063112d24da2ed6920a93bce8c56a2d197ab3b9160879a4cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a70e9a02af747784ed7b275c9cfb4cd4
SHA1 a6d92ebc1ba0c645faf2f8da542fe2a3fe92f5f7
SHA256 f67e72914cc89a0d6239827ce349acfa8b539b72c36a9037c9e19b0cb7c95f39
SHA512 72007f2543cf70233d1d552b03d672268b11fdb0de5c3164ea04b4c31ebc66156c1676bbbf95504b361543f3d0f0ce8134db9cdc34652262c0a8d5a34eed4901

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 fccbb894dd51cd667b9b07d9d3808753
SHA1 e0a24675ba9d9fa730a5f13d7336e48787a04661
SHA256 56883c8dbfe60346dde1e70ee7fa308815bf990ea09c880c8cd6d70789635809
SHA512 22f3fcac49770bcefb707466edcf6a4d79c11077ac2bd648bab74775bec20ded792d34609ca0c689546982790fbcdeedfb123f6e39d904f11f0cbead6d6728f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5d7c95.TMP

MD5 f3ec5b32d52fd73ce1c98995541c9f6b
SHA1 d4db8a8b480a8433f0a3c84eeffbbf618e2fa10d
SHA256 4d0c50c14479a20fbef6f954e884ff6bb37baf5887d7b411643ec801685faeec
SHA512 61790a5b4244fa4fe2ba8b702e7a576fdf048fc2339b51efff4f500615de1c5a89b3eb94bbaadf055a44ab20c709348959d90a7dbd18e79c1670a14c0fdc82df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4709fbc0eba41df9209c1b294e78e9b3
SHA1 1b6af3d6ebb60a8be29020b353f75a8fb9dd846c
SHA256 1e2c3bf7db6c31c8cbd407d30906a6c110ba696b0b882fa689210c9b1896676d
SHA512 e6e2123864ebc97c7e8d3932e0466eafe87a433bb696fad720d5af6383fc466cc64bc1c7bacfd5423c4a3869dea5103a73974885ca65714477b1063a9361883f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 30677eb6f60681f2ea83d7025360c296
SHA1 856c96cdde353792502083efc894b3ce1c97296f
SHA256 486dc6e0e1b657f441889ffd4822ecde7e5197ae4950ef807817c87ab334d585
SHA512 dcd39ef2cb2e12d96ca5f6394cd09b3060f2a769391f50f6f944e93a4908918b15114341fee60206a697ac31f67a01766f186c891ac87f2fb9c4cc55a8e636c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 24078b4b6e6df776c2326e5ea51660d6
SHA1 3eae685fbde53ff9a5c1ce82265b19a9111942d4
SHA256 0f3e8281938e51b0bfe5696fe9a07204fbdfe43fb748c37e7a714326c4bc44f3
SHA512 f24b72d0fbde9a261c540a2e72f977727a1df3f0c585410d815decb17a0f92392f95faf8369a7fdedc4a56ba82c902ec268c99885d089955777e5b7b920e0411

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 e1f8c1a199ca38a7811716335fb94d43
SHA1 e35ea248cba54eb9830c06268004848400461164
SHA256 78f0f79cdd0e79a9fba9b367697255425b78da4364dc522bc59a3ce65fe95a6c
SHA512 12310f32ee77701c1e3491325a843d938c792f42bfdbbc599fe4b2f6703f5fe6588fbcd58a6a2d519050fc9ef53619e2e35dfadcbda4b218df8a912a59a5381a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 8edf1178fbf41e750ab75fa410368a9c
SHA1 3104a4867ab00cdee8f4e5427b2a691cde97e1a0
SHA256 717088880d26775f3bccaea18ccb54cef604f9b28dfb357efaaa60d44476a9d4
SHA512 dbdab4ff33ee8fc08f9c0fa8ddea2be03e47fff2645d484ff045b420d421915ba91284e5d8f55cbf523f0b041c3d1f813d1e5ddd6dc0c7e073d566f05ea77e76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 e1831f8fadccd3ffa076214089522cea
SHA1 10acd26c218ff1bbbe6ac785eab5485045f61881
SHA256 9b9a4a9191b023df1aa66258eb19fc64ae5356cfc97a9dda258c6cc8ba1059ac
SHA512 372c486ac381358cc301f32cd89b7a05da7380c03fa524147c2ddf3f5e23f9b57c17485aaedc85b413461a879afc42e729547b0c96c26c49bbdb7301cd064298

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 f650e6b6cae5279e4c89126960b6b090
SHA1 9f79318b36cc53712c3e7e0cf6e9ef91f62811e9
SHA256 86781350321e19d398b5a3760fd4c0af43764862c8c37e319b8b743f15c559c0
SHA512 eff8025498be7773e063c43137946382c408cb886272ac4c9f8cdc6b2447b8e4d4c559351bcec842b7436b3d7be96c51da967637c8e99ed48822876ded0cb2df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 939b17598242605d4cda089e4c40e52a
SHA1 cb7e96bbb89879ab97002ef7764e868d8536fdbd
SHA256 14d0a9ba41b036d7702963b2f0048a670f138372fbc3644ec4f009cd3184e041
SHA512 d62140ff22453508964a7fc40602adc68b2ceea883eb7e77206a84569b2cb6ffad4b0796371ca28ce1a7110adf58786b374854d5fb1dc53a42588d61c79143e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 8b2813296f6e3577e9ac2eb518ac437e
SHA1 6c8066353b4d463018aa1e4e9bb9bf2e9a7d9a86
SHA256 befb3b0471067ac66b93fcdba75c11d743f70a02bb9f5eef7501fa874686319d
SHA512 a1ed4d23dfbe981bf749c2008ab55a3d76e8f41801a09475e7e0109600f288aa20036273940e8ba70a172dec57eec56fe7c567cb941ba71edae080f2fdcc1e0c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 ee752d1511d5545228d0884d3859bcaa
SHA1 101ff34567dde76dc3ca539954a2544001302c3e
SHA256 49ffd1f840f11ef95c7d9f348d4535c3fde175414d94ea2182124bae245c345b
SHA512 6bb03d3b16f0ff19a8b054dd7187bd65ac15a752b56de110eb30205ea9e2701fd78e4cfb1daa5f020ca076efa1c02677ea99dde0788aaf69bc20a4d4b15eda8e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 063fe934b18300c766e7279114db4b67
SHA1 d7e71855cf6e8d1e7fbaa763223857f50cd1d4bd
SHA256 8745914e0214bcd9d2e6a841f0679a81084ef3fc3d99125876bee26653f4253e
SHA512 9d0dfc21306b3a56c2ecdf1265392271969e3765e161e117c8765125b34793e24458217cf6514b364f351f47e65baaaf5856be0d13406a789f844d6ba8c7075f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 840a2dc1618ad9c55fd310a7fa99defa
SHA1 758a611114db290b4657e0a250cfa3e9039f98d8
SHA256 88b068b725836f11c74f18cc8baf4aebc5ce09f0b418535a1b624b1efbf003a7
SHA512 8f9a61608131e2176a2b4caa2b120a0d66b23d6f52df555ba467ce315f4dc62e4dd282305e42442e1717bdb811550daa636334b269932d38ea3f49773b877ecb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a16d31bab19e0a3f5a8d007816b0f7e2
SHA1 1cc397590d6c17a7cf2460b07716786960f49ba6
SHA256 2b91ca06db19a88f1770fa1872d83ac64f52ff31b1381329c8833f56f3edc21a
SHA512 c58b8fd0623e653e092c0a40d4976f0677981d9c6d03d5d4effc4ca829452f6bf251813a6be27c3ce8ca5521ffb8c3e0697c593bcf4049dd730e7c80e95bd624

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 802985b9dd5037c3b0a9132d81f645ca
SHA1 cf037d38af1a8b3b74682e62577af1e9ee4a76b6
SHA256 6c908ebf136e4ac421f3e32e8ab10b51e6ba998b419edbeed170b3865951398e
SHA512 7a6215c11ccf08aa57caa34caa837235bd8e9e437729088a7deb33badf8475b8a446f41a643e0a4758af581c860d72b457ed7dc8f98010bfa8a26d7b196632bb

C:\Users\Admin\Downloads\Rensen.exe

MD5 e19ebda4ea362c8421ba3e51dfe9186c
SHA1 df86f196d1b669f84d08433d003c61c70d91440d
SHA256 0f08c5a7f6201cc07f7e68047ee764f2f3ef5809ce1779518000b0c71192d6b3
SHA512 878c5a1fea207c120d021d71b4d71f39b212eaf11903af3d423472cfa118ec260885badfc2ea32aa8e01a13bfd2bd9c128cd889d0ed125ed4aad9c71a9a888b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1469809b71df9c8f05946f65fce0d5eb
SHA1 47d7328bc0c217ce7279557b3d5e2f1d4008f5e9
SHA256 fb23ab8c6045927684eeaa148a91afe6cf03643056b6792c2b64423748d32fbb
SHA512 37432d0ff844aea2139cb46b51af6cd5a6bdfa13ca17f9b2cfed695d013755d08b776a40e0b5603e2cd7b5eee99a49cc21f21bda64d31067129d7ad1bafab64c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 23e96f10438551c1b4ca2aca7d225624
SHA1 2df0076b5106b5c64768aa290f324064fcd2c200
SHA256 55c145870158fb8ccf45921317709e0f2a4acd0824a63142dff34befd62d8c7a
SHA512 d479ace08f86f92eb2483b7e8c38c652b6da4eb413e33eb331dbe2766c6a3a61ab61f22cbc80fa219832713798ab4e963c457b097be55e8ba034b8f54961a1ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 1e057bda5bcb5ea8b9e0b9f2e3d0dfea
SHA1 8539a31011c43b6d0271d3b0c180cef54a3b2148
SHA256 b43066c9be8a36e602264e3024fc4f5e789d3999c6f702d6dca19e732e29a79e
SHA512 fad282afdd29c3b698c2f3def26250dcb8f43097755fa5f3114e3a7a91d1cc8341233c9acf5888edf72917effe5e68653101fcc50aa747c2ff4e7d5349d2ee7e

C:\Users\Admin\Downloads\Rensen.cfg

MD5 35230636c7f6f045b3f20055ddf15d2f
SHA1 2aa372c9ba3f03895544ce77185de774f4c0dccc
SHA256 379367ea19cde6d52b658a8292794a50ba8040edbb6a638c5260fb8acf21120f
SHA512 d6abc7fe2feb6ff98b23cd811357f11b28d72f10b1f80ba3c7608243a73c06d811565198206f520ca2f951302c887df083758592325aef507353ab0a1bf12a5e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8a63a25a08e1471638cd5f79a4238980
SHA1 2f4a8922e666c02908534bbff38bd01320d30144
SHA256 16bdf984fa94960cf2d4bdf879c7a894d20374200b045169700f686dbf14cc23
SHA512 a2ca2b37229b4413de013f9739690a69fadfd219fa21e37cdca696c561ae56a70cc95b210f61fb6379ce81fa70156bc7fb3f402aca37757f872f4958924d321d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2dd2f26b3cacbc30d83a70e9bbcf8794
SHA1 3318e6f1280fbf0c1c6097abe8029718a64f1814
SHA256 a624a42ab8a9a6b5e1bda8f284833cc858e1717206c59372b38180f0548c80ac
SHA512 94559c74520e35641798809899fe777f3f06a107dab0d639a6337a4d97c5d7297e5ca741bd8cee372956f2c0d5fe2f9a5db54e4ce72577e710633a95f7f6932d

memory/2612-767-0x00000243A7230000-0x00000243A7231000-memory.dmp

memory/2612-768-0x00000243A7230000-0x00000243A7231000-memory.dmp

memory/2612-769-0x00000243A7230000-0x00000243A7231000-memory.dmp

memory/2612-779-0x00000243A7230000-0x00000243A7231000-memory.dmp

memory/2612-778-0x00000243A7230000-0x00000243A7231000-memory.dmp

memory/2612-777-0x00000243A7230000-0x00000243A7231000-memory.dmp

memory/2612-776-0x00000243A7230000-0x00000243A7231000-memory.dmp

memory/2612-775-0x00000243A7230000-0x00000243A7231000-memory.dmp

memory/2612-773-0x00000243A7230000-0x00000243A7231000-memory.dmp

memory/2612-774-0x00000243A7230000-0x00000243A7231000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 bc16ebe41a9fc2938c4060992a92b0af
SHA1 1719af3e339b187d984a76437eb80cae5dc50e6f
SHA256 5874dbe9583546eb24cfb2b237d58f97ef186cd72866dd224df82e62817744ae
SHA512 c78d4be86a3f35ae07375b37fd39f869d317a6ec6699d7673731e6f9b255d7bcbfacf58ca71c3f51baac1e2b2bbee7da58603efa5bd51a31162c481aab7a912c