Analysis Overview
SHA256
93c4bdda249ddc80ed634c8f4656872fe2fe4083fbd7c8341fc094474ac69af8
Threat Level: Known bad
The file C11Setup.exe was found to be: Known bad.
Malicious Activity Summary
Asyncrat family
AsyncRat
Async RAT payload
Drops file in System32 directory
Drops file in Windows directory
Unsigned PE
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Modifies data under HKEY_USERS
Checks SCSI registry key(s)
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-18 21:11
Signatures
Async RAT payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Asyncrat family
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-18 21:11
Reported
2024-04-18 21:41
Platform
win7-20231129-en
Max time kernel
1558s
Max time network
1558s
Command Line
Signatures
AsyncRat
Suspicious use of AdjustPrivilegeToken
Processes
C:\Users\Admin\AppData\Local\Temp\C11Setup.exe
"C:\Users\Admin\AppData\Local\Temp\C11Setup.exe"
Network
Files
memory/1404-0-0x0000000001330000-0x0000000001374000-memory.dmp
memory/1404-2-0x000007FEF5B50000-0x000007FEF653C000-memory.dmp
memory/1404-3-0x000000001AEC0000-0x000000001AF40000-memory.dmp
memory/1404-4-0x000007FEF5B50000-0x000007FEF653C000-memory.dmp
Analysis: behavioral2
Detonation Overview
Submitted
2024-04-18 21:11
Reported
2024-04-18 21:18
Platform
win10v2004-20240412-en
Max time kernel
432s
Max time network
437s
Command Line
Signatures
AsyncRat
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\system32\devmgmt.msc | C:\Windows\system32\mmc.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\INF\c_swcomponent.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_volume.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\xusb22.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsinfrastructure.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscontentscreener.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_mcx.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_diskdrive.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_media.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_extension.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_cashdrawer.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_sslaccel.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsreplication.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_monitor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_barcodescanner.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fssystem.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscontinuousbackup.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscompression.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsvirtualization.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_apo.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\rawsilo.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsencryption.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fssecurityenhancer.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_firmware.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_proximity.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsactivitymonitor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_computeaccelerator.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\oposdrv.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\rdcameradriver.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\wsdprint.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\digitalmediadevice.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_camera.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\remoteposdrv.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_receiptprinter.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_smrvolume.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_netdriver.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscopyprotection.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_ucm.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_display.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_processor.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\ts_generic.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\dc1-controller.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_magneticstripereader.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsphysicalquotamgmt.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fscfsmetadataserver.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\miradisp.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsopenfilebackup.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fssystemrecovery.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_scmvolume.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\PerceptionSimulationSixDof.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_linedisplay.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsantivirus.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_smrdisk.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_scmdisk.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsquotamgmt.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fshsm.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_holographic.PNF | C:\Windows\system32\mmc.exe | N/A |
| File created | C:\Windows\INF\c_fsundelete.PNF | C:\Windows\system32\mmc.exe | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000001 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_MSFT&PROD_VIRTUAL_DVD-ROM\2&1F4ADFFE&0&000002 | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CDROM&VEN_QEMU&PROD_QEMU_DVD-ROM\4&215468A5&0&010000 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\ConfigFlags | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_QEMU&Prod_QEMU_DVD-ROM\4&215468a5&0&010000\ConfigFlags | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Phantom | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\DISK&VEN_DADY&PROD_HARDDISK\4&215468A5&0&000000 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000001\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\FriendlyName | C:\Windows\system32\mmc.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{cf73bb51-3abf-44a2-85e0-9a3dc7a12132}\0006 | C:\Windows\system32\mmc.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\CdRom&Ven_Msft&Prod_Virtual_DVD-ROM\2&1f4adffe&0&000002\Properties\{83da6326-97a6-4088-9453-a1923f573b29}\000A\ | C:\Windows\system32\mmc.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133579483267961909" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\C11Setup.exe
"C:\Users\Admin\AppData\Local\Temp\C11Setup.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff88daaab58,0x7ff88daaab68,0x7ff88daaab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1368 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2012 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2304 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3020 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3028 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4376 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4512 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4640 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4776 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4036 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4704 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5076 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5096 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4056 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1608 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4704 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4900 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3388 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultd2389092h3f25h4620h99d2h55bbffb1dbe4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff87b5046f8,0x7ff87b504708,0x7ff87b504718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2076,18079977599248434376,6722300165665804649,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2172 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2076,18079977599248434376,6722300165665804649,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2076,18079977599248434376,6722300165665804649,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2916 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe" C:\Windows\system32\devmgmt.msc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=2760 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=3028 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4880 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5344 --field-trial-handle=1952,i,4851085449875246719,5594868440671931894,131072 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 67.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.154.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 249.197.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.114.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 121.118.77.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| LU | 31.216.144.5:443 | mega.nz | tcp |
| LU | 31.216.144.5:443 | mega.nz | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | eu.static.mega.co.nz | udp |
| LU | 31.216.144.5:443 | mega.nz | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| LU | 89.44.169.132:443 | eu.static.mega.co.nz | tcp |
| LU | 89.44.169.132:443 | eu.static.mega.co.nz | tcp |
| US | 8.8.8.8:53 | g.api.mega.co.nz | udp |
| LU | 66.203.125.16:443 | g.api.mega.co.nz | tcp |
| US | 8.8.8.8:53 | 5.144.216.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.169.44.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 16.125.203.66.in-addr.arpa | udp |
| LU | 89.44.169.132:443 | eu.static.mega.co.nz | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| BE | 104.68.66.114:443 | cxcs.microsoft.net | tcp |
| NL | 23.62.61.129:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 129.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 114.66.68.104.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 192.178.48.227:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 227.48.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.whatsmyip.org | udp |
| US | 208.79.209.138:443 | www.whatsmyip.org | tcp |
| US | 208.79.209.138:443 | www.whatsmyip.org | tcp |
| US | 208.79.209.138:443 | www.whatsmyip.org | tcp |
| US | 208.79.209.138:443 | www.whatsmyip.org | tcp |
| US | 208.79.209.138:443 | www.whatsmyip.org | tcp |
| US | 8.8.8.8:53 | 138.209.79.208.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| GB | 142.250.179.226:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | adclick.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | planful.com | udp |
| GB | 216.58.201.98:443 | adclick.g.doubleclick.net | tcp |
| US | 99.83.231.61:443 | planful.com | tcp |
| US | 99.83.231.61:443 | planful.com | tcp |
| US | 8.8.8.8:53 | monitor.clickcease.com | udp |
| IE | 20.234.104.33:443 | monitor.clickcease.com | tcp |
| US | 8.8.8.8:53 | reactgatsby.planful.com | udp |
| US | 54.202.139.132:443 | reactgatsby.planful.com | tcp |
| US | 54.202.139.132:443 | reactgatsby.planful.com | tcp |
| US | 54.202.139.132:443 | reactgatsby.planful.com | tcp |
| US | 54.202.139.132:443 | reactgatsby.planful.com | tcp |
| US | 54.202.139.132:443 | reactgatsby.planful.com | tcp |
| US | 54.202.139.132:443 | reactgatsby.planful.com | tcp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 61.231.83.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 33.104.234.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | j.6sc.co | udp |
| US | 8.8.8.8:53 | snap.licdn.com | udp |
| US | 8.8.8.8:53 | static.hotjar.com | udp |
| US | 8.8.8.8:53 | bat.bing.com | udp |
| US | 8.8.8.8:53 | connect.facebook.net | udp |
| US | 8.8.8.8:53 | munchkin.marketo.net | udp |
| US | 8.8.8.8:53 | tracking.g2crowd.com | udp |
| US | 8.8.8.8:53 | static.ads-twitter.com | udp |
| NL | 23.62.61.152:443 | j.6sc.co | tcp |
| NL | 23.62.61.152:443 | j.6sc.co | tcp |
| US | 204.79.197.237:443 | bat.bing.com | tcp |
| US | 2.17.251.40:443 | snap.licdn.com | tcp |
| GB | 13.224.245.89:443 | static.hotjar.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| BE | 104.68.89.134:443 | munchkin.marketo.net | tcp |
| US | 104.18.43.31:443 | tracking.g2crowd.com | tcp |
| GB | 199.232.56.157:443 | static.ads-twitter.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 152.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.245.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 132.139.202.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.89.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.251.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.56.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 31.43.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.metadata.io | udp |
| GB | 13.224.132.10:443 | cdn.metadata.io | tcp |
| US | 8.8.8.8:53 | analytics.google.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 216.239.32.181:443 | analytics.google.com | tcp |
| BE | 64.233.166.156:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | epsilon.6sense.com | udp |
| US | 8.8.8.8:53 | 10.132.224.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 181.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 156.166.233.64.in-addr.arpa | udp |
| US | 13.248.142.121:443 | epsilon.6sense.com | tcp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | c.6sc.co | udp |
| US | 8.8.8.8:53 | ipv6.6sc.co | udp |
| US | 8.8.8.8:53 | script.hotjar.com | udp |
| US | 13.248.142.121:443 | epsilon.6sense.com | tcp |
| US | 8.8.8.8:53 | t.co | udp |
| US | 8.8.8.8:53 | analytics.twitter.com | udp |
| US | 8.8.8.8:53 | b.6sc.co | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| NL | 185.89.211.84:443 | secure.adnxs.com | tcp |
| GB | 18.245.253.22:443 | script.hotjar.com | tcp |
| US | 104.244.42.67:443 | analytics.twitter.com | tcp |
| NL | 23.62.61.155:443 | b.6sc.co | tcp |
| US | 104.244.42.197:443 | t.co | tcp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| US | 216.239.32.181:443 | analytics.google.com | udp |
| BE | 64.233.166.156:443 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 323-ltc-321.mktoresp.com | udp |
| US | 192.28.147.68:443 | 323-ltc-321.mktoresp.com | tcp |
| US | 192.28.147.68:443 | 323-ltc-321.mktoresp.com | tcp |
| US | 8.8.8.8:53 | 121.142.248.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.211.89.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.253.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 197.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.42.244.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 68.147.28.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | vc.hotjar.io | udp |
| US | 8.8.8.8:53 | www.linkedin.com | udp |
| US | 8.8.8.8:53 | data.hockeystack.com | udp |
| GB | 99.84.9.107:443 | vc.hotjar.io | tcp |
| DE | 18.196.170.251:443 | data.hockeystack.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | www.facebook.com | udp |
| DE | 18.196.170.251:443 | data.hockeystack.com | tcp |
| GB | 157.240.221.35:443 | www.facebook.com | tcp |
| US | 8.8.8.8:53 | 107.9.84.99.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 251.170.196.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.221.240.157.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cdn.cookielaw.org | udp |
| US | 104.19.178.52:443 | cdn.cookielaw.org | tcp |
| US | 8.8.8.8:53 | 52.178.19.104.in-addr.arpa | udp |
Files
memory/1964-0-0x00000000000C0000-0x0000000000104000-memory.dmp
memory/1964-1-0x00007FF87DE60000-0x00007FF87E921000-memory.dmp
memory/1964-3-0x0000000000AB0000-0x0000000000AC0000-memory.dmp
memory/1964-4-0x00007FF87DE60000-0x00007FF87E921000-memory.dmp
\??\pipe\crashpad_3076_GLLVNMZRIFUGGTYN
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f1074882b5d362a5034551c4aea4c8b4 |
| SHA1 | faf808253fee32c9662f3f113f43b5eefab85804 |
| SHA256 | 550b7931c3ee88d76e81726119f9a0cccdba813a6c3653e007e7822c8b22e1be |
| SHA512 | edfd7a2e631f6c23d1ff201d65874537978a240463a30080c475b1f7c77f44e43c71f3f7eef0328b25d573115082af6a1196cbb37ede4e72f1bce70437eadee8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8b26f0d0fce240691d4db794741cdcde |
| SHA1 | 13f01d7355d3189f41ef58da30b6538127692972 |
| SHA256 | 47f5d4c8d13e6b83a80a9b68ac6c7d4c63a0c2a23db195602b495297613edf9e |
| SHA512 | 56d0084414732daaff510cd82aecbff99f3934ec2557f56b539d05697651ef5e3d9ec0cb5cc50aea57cf465158042a1523cf82edb4b000937ba715b3ba52f443 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 32a14843208de7b4669d28bbe95d03af |
| SHA1 | 408f81a2772fc060b88c8e403fbf4b85876ca89f |
| SHA256 | 8ea5e674579dd9afb31d8d9fdb26b69ddb024d424c3a7f5bc8970e9a7d2c2cc1 |
| SHA512 | 66f1272eaef57011445c2923b387fac9b7560fa898f3fd311ec606c7142448d9a20e755bd2def17aea425848c9406c077337a4d32b1621a1ed632b339687f583 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 08fcc8052ecb6d0b90a9cb3496d105b8 |
| SHA1 | 35198ae503378f9aebc4eb7fec207e3eb24f1014 |
| SHA256 | 30e6fd8e22589d9afb400ad5dccc81eaaeb45871d31a1a79ac9576f72833bec9 |
| SHA512 | 84dc0e0b19c0ad876253fbd1aec6a23ea8e7b102eac6e5dc0ebfc95a559656cf85ac8835f6cab91b02ed3d82a741033756a4a643380f9eae63485409d7e6b7c8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 31304dc814dd9f94561104acb9f1ddce |
| SHA1 | 586bd8a10e26af304c33ef01a0027eb4e1359b8b |
| SHA256 | 28a9e76fd56eee8763ccd9fea11b959aba28717045becbd9f0618062a1fc244d |
| SHA512 | ae28befa7958ba0707f137668ed8a61b7718757210a6aaadeb7f63a10beb43fbff0da5afcafc1dbaf9f566eb2bfe88a377e8db2df26ee35d8e7749331949c5b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 80242851ca4d4a01d83cf92846d1225c |
| SHA1 | 2a16159ed0ba336e3e74f85fd5d2a4203451e667 |
| SHA256 | b249cb6f4a5aa1f4363d0a2de96dc263e12b9d2578656abc406b1cd6b6ab0c12 |
| SHA512 | 5d3e5d605206e70eb57d0b9402d9707657fac77b8a89206ed82889fbbd6a62f217f748a8e2a5f75926b78844da15cbe53246b91e8fd11ad534927d55d116493c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1de71ea81d7b3baf5fcb309d7d9d792f |
| SHA1 | 6ce630d24badf210ef8ca4e6425b8c9c8e497e46 |
| SHA256 | a98557c761b7a5be838e0bc0fdab77767a81857ef5a6fcf94e6cedfeb097feda |
| SHA512 | 8f090d99437819996943f1b1da30078604d591ac378f128a8f2fd13930c79b83f01a17975af458a4ca956007e7abf262cecbb8cd69bcdc1c44d66c7aa8b31216 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 1015e880fbf85d275ef4ee6568d4a1fa |
| SHA1 | 38916edaed5faa1c4836a13dc73dcde89a126094 |
| SHA256 | 93c0f702a06038a3d72b9667f35a7f86d922ec104287b9b7c196071e8c76cc17 |
| SHA512 | 2aa0ffae4adf4572b32d8dd3fdd98e0f2c96e5329078bb89a2dc02cc3c33b9aca7d3e22a8e503f3d177219293f150bf18cb052ba748e2bae403d4f6dcfa14d79 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | b68f29d982b0d1ee8ed80c3efec75b91 |
| SHA1 | 278c88572574efc6475dec938c9dbbfc9a625d47 |
| SHA256 | 28693730c4f2638f310e52306d9fa88d01e7bc52b877b3783f5102136b5bf96f |
| SHA512 | de8e50bba989bccc8ea3d4750effd719c2ecbfbcc4c4429e56586afcbba5da90111e5dac6e164a6b7bd47302f87f51f5eb704eb29396917e7fcc781a024509c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5be309.TMP
| MD5 | 8e95e174ed3b60d47dde7d848b678e4d |
| SHA1 | ebff6797d289328574875bb653c0332f1b724103 |
| SHA256 | 6fc99070721da27423f7d8a59f009d2b7df31c5d9fc43f211df5871789198c6b |
| SHA512 | b259ee1ded2b80a56fec4d5079097a9f04b17516c17f8acd9b163b649c8223dd1efe2a0ac51daa37ad083f3c12470070806ad67cfce482573595cc64f203ffbe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cbe63b08b875dc3678289d2fa67a1051 |
| SHA1 | 6bfad468a84e9bcab60d674b0502ea68afaa37da |
| SHA256 | 97c9fdc90cc388e8e4c059bd0ea866d12d84be335bb558e70823f098b3de1e48 |
| SHA512 | 5afbde3bee4b72f13092ba08b1ceeb3503f90f88957b451353c203661d26784902c88eac8b2893246d5758234af21362b160ccd25d7050ffd863c3b158135436 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b7b896eec01eedc04d6a692af0f0ee0c |
| SHA1 | 5ff7bbd64ed042d17bf44a17ac93cc0f8e04fc6f |
| SHA256 | 01ee92b5b9b7d7cdebf7583b08c8231cef3f55180b6cb42a27c1532675de2fd5 |
| SHA512 | 8914f98e7b4f34bcd4696f9c1e8629289ec8249418fe5e9309639a16521794c41d106ff111893c263088ce8423c396a510df15110c6071403dfc7b45a3844ffb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 62677bdc196e22a7b4c8a595efb130cd |
| SHA1 | bd2adf18caf764c8f034c08b6269d9693875f3c8 |
| SHA256 | b540616d7e73ff22642f4fbe2bea0f9daa2f1166391e76cf817b2a93e0bd41d6 |
| SHA512 | d23c3b9662eea6a75382242fb8e8084abc1127afbd2632f161df71a2aefaf223621511e1bf6229cf7e86313101a8d9dfe2f20e1c0bd481066e1969cd6fa75e32 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | aaa1d3eb1025cc611db02ff4f055fda7 |
| SHA1 | 9bf5e61eeca3f84941df37a1c5bc22dca3b3adea |
| SHA256 | 8d0dc80589e5ad171f1c6f40615679797f2363a30ae2465726b426f61874ea52 |
| SHA512 | 379debc0edc82e1683628bf945d5f063647f66ab1ea66d3d9f9db3b70d748ef390973da5dbac9b3e9025b17ec7300734c8f20ffc79cb7f6cb575743d4210d57e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | c6d49612a61386756fc9d56252a2c0cd |
| SHA1 | df15c1cc16ef199e492a5193372d56faf53b268d |
| SHA256 | 4b4d6592acc5c19d7442d7c64d04b2eec6a0d310a53b9fe0c8cb43d3273c13be |
| SHA512 | d5666c7d5e0e0491bba4e77d695c70466656d49992f12763ca1685b3ba0db87803d982696ef928de74d720d1eed99181dc95c273e5d54b2b1f7494300e44052e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | ed68780504d833f70f813694a3bd7160 |
| SHA1 | f2491674a7aff066b60bd9e758fd1c3b909f6bda |
| SHA256 | bd93fd4e94e7bda18594e5054e0d18466e161d525d62466f92fb818af47e5b26 |
| SHA512 | a1fb083195d5fe353a818aa592dc5e6d819984ff4b65f249802a2e41459fcd5529557e8e6b19cdb43b3b46ee17c4346e9c04f7ad0fa4ad4663e3c76576c74280 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b0c0abe7ed533caa0d3507b034cb8347 |
| SHA1 | a7d536fe018824a185b5d8e2383473faceb64c24 |
| SHA256 | da9484e4b335ad8623403db4341c4787d8655efac0e74ed940de4d1f640617f8 |
| SHA512 | e7f245cbacc5c176741aea7f0cd999b890a16a2756717bf97fe732760b53fff7fe1e404a76f2873d4fab75d0304f7da05bbeb1b1975995fc820bfc6795104cf9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c052bd480afec50a4fd2864dcc63ae84 |
| SHA1 | b2dc2eb743a6cbfe994569d3416d2f15d4b58ed1 |
| SHA256 | 361e4da8121c5a964e9dd440c8a763defc72a41e9e53fc7b3f10940061acf9a3 |
| SHA512 | d8295ddf3c05b75289eb1d077eec818907c4b0ea4ba88a0a978cc7ef2fb4ab00164fa782987efdfed5b50fa5e17c509b88b43898c4d612fded0977ae19a1ec5d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3861c32d0f86cebc081dc0818d59e729 |
| SHA1 | bfbc8163659e59dcc7fd52c75be5534b26a0ce47 |
| SHA256 | d7da66c78e820d4ccf14d9528c9e9612098a2fceb635ec78adeb8cc827388567 |
| SHA512 | 20da328ba12da3b89041a258a4277c22025bdccf438fad6a1166d021d6c723e4f9e80f04f5d0c14a4f7394ef7ae4ef5ed0918a8675e7b911821dd57d3e3aaade |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 36b8a76df7fd4f258dc4904d04492890 |
| SHA1 | faa485c10a6715e932d67a5bd35869fdea44c96e |
| SHA256 | bfde5793fa927d81a95160165e214169c5a56c72156e608e9a0aacf734a55f2d |
| SHA512 | 75e84fb3fe07108bd7e59d5fb1de90ae1ec6b6316126abfea6702face47335c3e5b2d3a53efe79ceadafb07bbbcf14c6f646015a0e4fae6669da9b5717961d21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5d52e5.TMP
| MD5 | 98ad4e84f2413196afff1c99ed9b297c |
| SHA1 | 406bbc953bf06e3882827a841ab453a0f4414cd3 |
| SHA256 | 100e9c1f44bffa4b63d7c503f0b1aab4b6e29f1d64c2f4930f4ebc1986890a14 |
| SHA512 | e1e9a7a423769450ccffefbb46dd946a69f5f22ac8d784f5c04b2da068ccec01de37c79e59e8e96bc19c38843815bd0312f4a88436b3cbf5736b484ba02fc9dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8510892a7000e2f016e000627736f8b2 |
| SHA1 | cae315d4195b833993424afde31c77dfc952d1cb |
| SHA256 | 9eb9a9da2d4ef75feee0168e906c0be7a255aac613d17d3b06ce470b79377445 |
| SHA512 | ddd25a95d55e99b1442acc5f662315df7de6ca9cc0578ce92cef1498edca17125c7b05eb0787fad8ea935e8a07be6fe1c2a67a1383c214e92ffd22a887508222 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 8156dffb78f372d039473183dc59f027 |
| SHA1 | b412dc4134c1f199edde4ea29b4b79cfb69de2c2 |
| SHA256 | 7c82166d4df8d015b0cda3d42466f758bf49015193441c2a347910b206d9cb88 |
| SHA512 | 15b15325693cc658cb6c7fb55d92760ff48c905261e62b22c34702f900f644c70cb80830f84dcb990930a158a5d857d1690eb9ae45b037f66c57de25b1278aa1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | e1ce8dfa860950df17e6e5003cebb030 |
| SHA1 | ea5c9bc8453a46f60e0b4ae214cb256285989d67 |
| SHA256 | a1ececf9f35a5a70ababa6e5003ed07310bdb01b7c802dd03ed2db3ec26bea8a |
| SHA512 | 990df139452bb4a4130571417b84ab72d84d1caf5a11bf36174c3b0b7bda175ddf934c9a8457c1cefa279920e0b61941e5a1fc310beb88a5093a22df354d79b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ef4cb0f62b5505d269090a66b1039161 |
| SHA1 | e5fd7670aa72156ced5f3f3490ea7f36a7c6e732 |
| SHA256 | 20d8a5fccfb8c58a5e8e6d05490bbe22f908902df45a23389929eacaae40e065 |
| SHA512 | 41e8936e6d36f50fd962706b2f975a4e35bca768dabd47c8a9ef4291ac183ebd4627a5ce4dee6105c3685d04647ee5148b149261e464fb5475ea418c1ab402be |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f7ab22284c507b388c08c6601a187ac1 |
| SHA1 | 2383a62e0e49a8f6640604332bc7d81743b5583d |
| SHA256 | a8647d9d73f5a40603d9cd1f89c89b6e67fd64df67340ae2c144d3649caebd96 |
| SHA512 | 0eb9d9a4d9a9393a8a98bf48645687a826afa16c5413facbe13b9e6efe2f84eb61949d1f196a13dfaa6c8a9c55eb81ec192a687958f2c79791e786e52ce1646c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c4237d8f5cb5817f85eb7e1452fdb843 |
| SHA1 | c4f79361f44b13fa6886cea6fa30150a66034e28 |
| SHA256 | a483a74449e85b27b33673e301b4189131c30a8be1055806c06ac60374cd1524 |
| SHA512 | a2215ed51fdfe3e2688d497d1d686692153f5bac348cfe10c6919e5615c91c0e81d1f82d25b55ed15041862134296cb5e5afa530c948c5393b3cec4e306f0b8c |