Malware Analysis Report

2024-10-18 22:19

Sample ID 240423-mxl9ksfe6s
Target poster copy.jpg
SHA256 59a5632736ce0a74810969b57eedc5b27d24b7867393cb92c37d1b1591b6be81
Tags
qr link wannacry discovery persistence ransomware spyware stealer worm
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

59a5632736ce0a74810969b57eedc5b27d24b7867393cb92c37d1b1591b6be81

Threat Level: Known bad

The file poster copy.jpg was found to be: Known bad.

Malicious Activity Summary

qr link wannacry discovery persistence ransomware spyware stealer worm

Wannacry

Deletes shadow copies

Downloads MZ/PE file

Drops startup file

Loads dropped DLL

Executes dropped EXE

Reads user/profile data of web browsers

Modifies file permissions

Legitimate hosting services abused for malware hosting/C2

Adds Run key to start application

Sets desktop wallpaper using registry

Enumerates physical storage devices

One or more HTTP URLs in qr code identified

Opens file in notepad (likely ransom note)

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Views/modifies file attributes

Suspicious behavior: EnumeratesProcesses

Modifies data under HKEY_USERS

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of AdjustPrivilegeToken

Suspicious use of SetWindowsHookEx

Modifies registry class

Suspicious use of FindShellTrayWindow

Checks processor information in registry

Enumerates system info in registry

Suspicious use of WriteProcessMemory

Uses Volume Shadow Copy service COM API

Checks SCSI registry key(s)

Modifies registry key

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-23 10:50

Signatures

One or more HTTP URLs in qr code identified

qr link

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-23 10:50

Reported

2024-04-23 11:08

Platform

win10v2004-20240412-en

Max time kernel

1042s

Max time network

1044s

Command Line

cmd /c "C:\Users\Admin\AppData\Local\Temp\poster copy.jpg"

Signatures

Wannacry

ransomware worm wannacry

Deletes shadow copies

ransomware

Downloads MZ/PE file

Drops startup file

Description Indicator Process Target
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~SD1D26.tmp C:\Users\Admin\AppData\Local\Temp\7zO084B9434\WannaCrypt0r.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\~SD1D2D.tmp C:\Users\Admin\AppData\Local\Temp\7zO084B9434\WannaCrypt0r.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\BonziSetup.EXE N/A
N/A N/A C:\Users\Admin\Downloads\BonziSetup.EXE N/A
N/A N/A C:\Users\Admin\Downloads\BonziSetup.EXE N/A
N/A N/A C:\Users\Admin\Downloads\BonziSetup.EXE N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\WannaCrypt0r.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskdl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\TaskData\Tor\taskhsvc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskdl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskse.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskdl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskse.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskdl.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskse.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskse.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected] N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskdl.exe N/A

Modifies file permissions

discovery
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A

Reads user/profile data of web browsers

spyware stealer

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\dalefbvdgc332 = "\"C:\\Users\\Admin\\AppData\\Local\\Temp\\7zO084B9434\\tasksche.exe\"" C:\Windows\SysWOW64\reg.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A drive.google.com N/A N/A
N/A drive.google.com N/A N/A
N/A drive.google.com N/A N/A

Sets desktop wallpaper using registry

ransomware
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-259785868-298165991-4178590326-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" C:\Users\Admin\AppData\Local\Temp\7zO084B9434\WannaCrypt0r.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-259785868-298165991-4178590326-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected] N/A

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Windows\system32\taskmgr.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133583430907826691" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-259785868-298165991-4178590326-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\SpotifyAB.SpotifyMusic_zpdnekdrzrea0\Spotify\UserEnabledStartupOnce = "0" C:\Windows\system32\taskmgr.exe N/A
Key created \REGISTRY\USER\S-1-5-21-259785868-298165991-4178590326-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-259785868-298165991-4178590326-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Users\Admin\Downloads\BonziSetup.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-259785868-298165991-4178590326-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Users\Admin\Downloads\BonziSetup.EXE N/A
Key created \REGISTRY\USER\S-1-5-21-259785868-298165991-4178590326-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\SpotifyAB.SpotifyMusic_zpdnekdrzrea0\Spotify C:\Windows\system32\taskmgr.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-259785868-298165991-4178590326-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\SystemAppData\SpotifyAB.SpotifyMusic_zpdnekdrzrea0\Spotify\State = "0" C:\Windows\system32\taskmgr.exe N/A

Modifies registry key

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\reg.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\TaskData\Tor\taskhsvc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\TaskData\Tor\taskhsvc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\TaskData\Tor\taskhsvc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\TaskData\Tor\taskhsvc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\TaskData\Tor\taskhsvc.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\7zO084B9434\TaskData\Tor\taskhsvc.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\BonziSetup.EXE N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4292 wrote to memory of 3020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 3020 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 4124 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 3624 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4292 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Volume Shadow Copy service COM API

ransomware

Views/modifies file attributes

evasion
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\attrib.exe N/A
N/A N/A C:\Windows\SysWOW64\attrib.exe N/A

Processes

C:\Windows\system32\cmd.exe

cmd /c "C:\Users\Admin\AppData\Local\Temp\poster copy.jpg"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fffe845ab58,0x7fffe845ab68,0x7fffe845ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2220 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3092 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3116 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4212 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4440 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4488 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4624 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4800 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4508 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4512 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3180 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3204 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4872 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5020 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4848 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4244 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4336 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3400 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5160 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=1556 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5160 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5416 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4376 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5588 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=4972 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5248 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4808 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5928 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=4396 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6032 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=1852 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5888 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3392 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=5976 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=5760 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=3368 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=5656 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6100 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=5844 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=5904 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=5744 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=4060 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=4640 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=5288 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=3364 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=5684 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=5860 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=1472 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2712 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=5504 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=4428 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=6360 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=6260 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=5944 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5356 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=5860 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --mojo-platform-channel-handle=4380 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=61 --mojo-platform-channel-handle=5812 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=4848 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=63 --mojo-platform-channel-handle=5872 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=64 --mojo-platform-channel-handle=6748 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=7080 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=7096 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=4428 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=6496 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=1728 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=6708 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4492 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6616 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5240 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=5128 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=75 --mojo-platform-channel-handle=6984 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6704 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4992 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5548 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6956 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Users\Admin\Downloads\BonziSetup.EXE

"C:\Users\Admin\Downloads\BonziSetup.EXE"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=6184 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5240 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Security Terms.txt

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\BonziSetup.EXE

"C:\Users\Admin\Downloads\BonziSetup.EXE"

C:\Users\Admin\Downloads\BonziSetup.EXE

"C:\Users\Admin\Downloads\BonziSetup.EXE"

C:\Users\Admin\Downloads\BonziSetup.EXE

"C:\Users\Admin\Downloads\BonziSetup.EXE"

C:\Users\Admin\AppData\Local\Temp\Temp1_BonziBUDDY64.zip\BonziBuddy\bonzibuddy.exe

"C:\Users\Admin\AppData\Local\Temp\Temp1_BonziBUDDY64.zip\BonziBuddy\bonzibuddy.exe"

C:\Users\Admin\Documents\BonziBUDDY64\BonziBuddy\bonzibuddy.exe

"C:\Users\Admin\Documents\BonziBUDDY64\BonziBuddy\bonzibuddy.exe"

C:\Users\Admin\Documents\BonziBUDDY64\BonziBuddy\bonzibuddy.exe

"C:\Users\Admin\Documents\BonziBUDDY64\BonziBuddy\bonzibuddy.exe" --type=gpu-process --user-data-dir="C:\Users\Admin\AppData\Roaming\bonzibuddy" --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1640 --field-trial-handle=1756,i,6140338467495980425,8324376421587539822,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:2

C:\Users\Admin\Documents\BonziBUDDY64\BonziBuddy\bonzibuddy.exe

"C:\Users\Admin\Documents\BonziBUDDY64\BonziBuddy\bonzibuddy.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --user-data-dir="C:\Users\Admin\AppData\Roaming\bonzibuddy" --mojo-platform-channel-handle=2116 --field-trial-handle=1756,i,6140338467495980425,8324376421587539822,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8

C:\Users\Admin\Documents\BonziBUDDY64\BonziBuddy\bonzibuddy.exe

"C:\Users\Admin\Documents\BonziBUDDY64\BonziBuddy\bonzibuddy.exe" --type=renderer --user-data-dir="C:\Users\Admin\AppData\Roaming\bonzibuddy" --app-path="C:\Users\Admin\Documents\BonziBUDDY64\BonziBuddy\resources\app" --no-sandbox --no-zygote --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=4 --mojo-platform-channel-handle=2500 --field-trial-handle=1756,i,6140338467495980425,8324376421587539822,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:1

C:\Users\Admin\Documents\BonziBUDDY64\BonziBuddy\bonzibuddy.exe

"C:\Users\Admin\Documents\BonziBUDDY64\BonziBuddy\bonzibuddy.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --user-data-dir="C:\Users\Admin\AppData\Roaming\bonzibuddy" --mojo-platform-channel-handle=2924 --field-trial-handle=1756,i,6140338467495980425,8324376421587539822,131072 --disable-features=SpareRendererForSitePerProcess,WinRetrieveSuggestionsOnlyOnDemand /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x4bc 0x45c

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /7

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=5140 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5904 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6152 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\WannaCry.7z"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=6336 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=1876 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=6196 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=7340 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=6176 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7552 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=7700 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=7784 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6172 --field-trial-handle=1932,i,6182843880851632609,14340456657595913768,131072 /prefetch:8

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\Password.txt

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\WannaCrypt0r.exe

"C:\Users\Admin\AppData\Local\Temp\7zO084B9434\WannaCrypt0r.exe"

C:\Windows\SysWOW64\attrib.exe

attrib +h .

C:\Windows\SysWOW64\icacls.exe

icacls . /grant Everyone:F /T /C /Q

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskdl.exe

taskdl.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c 200161713870381.bat

C:\Windows\SysWOW64\cscript.exe

cscript.exe //nologo m.vbs

C:\Windows\SysWOW64\attrib.exe

attrib +h +s F:\$RECYCLE

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected]

@[email protected] co

C:\Windows\SysWOW64\cmd.exe

cmd.exe /c start /b @[email protected] vs

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected]

@[email protected] vs

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\TaskData\Tor\taskhsvc.exe

TaskData\Tor\taskhsvc.exe

C:\Windows\SysWOW64\cmd.exe

cmd.exe /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet

C:\Windows\SysWOW64\Wbem\WMIC.exe

wmic shadowcopy delete

C:\Windows\system32\vssvc.exe

C:\Windows\system32\vssvc.exe

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskdl.exe

taskdl.exe

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskse.exe

taskse.exe C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected]

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected]

@[email protected]

C:\Windows\SysWOW64\cmd.exe

cmd.exe /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "dalefbvdgc332" /t REG_SZ /d "\"C:\Users\Admin\AppData\Local\Temp\7zO084B9434\tasksche.exe\"" /f

C:\Windows\SysWOW64\reg.exe

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "dalefbvdgc332" /t REG_SZ /d "\"C:\Users\Admin\AppData\Local\Temp\7zO084B9434\tasksche.exe\"" /f

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskdl.exe

taskdl.exe

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskse.exe

taskse.exe C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected]

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected]

@[email protected]

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskdl.exe

taskdl.exe

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskse.exe

taskse.exe C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected]

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected]

@[email protected]

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskse.exe

taskse.exe C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected]

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected]

@[email protected]

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\taskdl.exe

taskdl.exe

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 72.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
US 8.8.8.8:53 241.154.82.20.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 67.32.209.4.in-addr.arpa udp
US 8.8.8.8:53 21.114.53.23.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 216.58.213.4:443 www.google.com udp
GB 216.58.213.4:443 www.google.com tcp
BE 2.17.196.163:443 www.bing.com tcp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 227.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 4.213.58.216.in-addr.arpa udp
GB 142.250.180.14:443 apis.google.com udp
US 8.8.8.8:53 163.196.17.2.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 216.58.212.206:443 clients2.google.com udp
N/A 224.0.0.251:5353 udp
GB 216.58.212.206:443 clients2.google.com tcp
US 8.8.8.8:53 206.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 18.31.95.13.in-addr.arpa udp
US 8.8.8.8:53 119.110.54.20.in-addr.arpa udp
US 8.8.8.8:53 166.17.21.2.in-addr.arpa udp
US 8.8.8.8:53 134.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 35.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.201.118:443 i.ytimg.com tcp
GB 216.58.201.118:443 i.ytimg.com tcp
GB 216.58.201.118:443 i.ytimg.com tcp
US 8.8.8.8:53 118.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com tcp
GB 216.58.201.118:443 i.ytimg.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.6:443 static.doubleclick.net tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 6.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
GB 216.58.204.78:443 encrypted-vtbn0.gstatic.com tcp
US 8.8.8.8:53 78.204.58.216.in-addr.arpa udp
GB 216.58.204.78:443 encrypted-vtbn0.gstatic.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.178.14:443 play.google.com tcp
GB 142.250.178.14:443 play.google.com udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.112.21:443 collector.github.com tcp
US 140.82.112.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 140.82.112.21:443 collector.github.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 21.112.82.140.in-addr.arpa udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.108.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 repository-images.githubusercontent.com udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 49.15.97.104.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
GB 142.250.179.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 163.49.178.192.in-addr.arpa udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
GB 216.58.213.4:443 www.google.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 id.google.com udp
GB 216.58.201.118:443 i.ytimg.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
GB 20.26.156.215:443 github.com tcp
GB 216.58.213.4:443 www.google.com udp
GB 142.250.179.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
GB 216.58.213.4:443 www.google.com udp
US 8.8.8.8:53 78.239.69.13.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 bonzibuddy.netlify.com udp
DE 3.70.101.28:443 bonzibuddy.netlify.com tcp
DE 3.70.101.28:443 bonzibuddy.netlify.com tcp
US 8.8.8.8:53 bonzibuddy.netlify.app udp
DE 18.192.94.96:443 bonzibuddy.netlify.app tcp
US 8.8.8.8:53 28.101.70.3.in-addr.arpa udp
US 8.8.8.8:53 96.94.192.18.in-addr.arpa udp
US 8.8.8.8:53 discordapp.com udp
US 162.159.129.233:443 discordapp.com tcp
DE 18.192.94.96:443 bonzibuddy.netlify.app tcp
US 8.8.8.8:53 233.129.159.162.in-addr.arpa udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.google.com udp
GB 216.58.213.4:443 www.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.201.118:443 i.ytimg.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
GB 216.58.213.4:443 www.google.com udp
GB 142.250.179.238:443 www.youtube.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
GB 142.250.200.6:443 static.doubleclick.net udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 bonzi.link udp
FR 151.106.4.82:443 bonzi.link tcp
FR 151.106.4.82:443 bonzi.link tcp
FR 151.106.4.82:443 bonzi.link tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.3:80 www.gstatic.com tcp
GB 142.250.178.14:443 play.google.com udp
FR 151.106.4.82:443 bonzi.link tcp
FR 151.106.4.82:443 bonzi.link tcp
FR 151.106.4.82:443 bonzi.link tcp
FR 151.106.4.82:443 bonzi.link tcp
US 8.8.8.8:53 ogs.google.com udp
GB 216.58.212.238:443 ogs.google.com tcp
GB 216.58.201.118:443 i.ytimg.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
US 8.8.8.8:53 238.212.58.216.in-addr.arpa udp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.reddit.com udp
US 151.101.1.140:443 www.reddit.com tcp
US 151.101.1.140:443 www.reddit.com tcp
US 8.8.8.8:53 w3-reporting-nel.reddit.com udp
US 151.101.1.140:443 w3-reporting-nel.reddit.com tcp
US 8.8.8.8:53 e2c77.gcp.gvt2.com udp
IL 34.0.72.251:443 e2c77.gcp.gvt2.com tcp
US 8.8.8.8:53 www.redditstatic.com udp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 8.8.8.8:53 beacons.gvt2.com udp
US 151.101.1.140:443 www.redditstatic.com tcp
US 192.178.48.227:443 beacons.gvt2.com tcp
US 8.8.8.8:53 140.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 251.72.0.34.in-addr.arpa udp
US 8.8.8.8:53 w3-reporting.reddit.com udp
US 8.8.8.8:53 e2c25.gcp.gvt2.com udp
FR 34.155.84.81:443 e2c25.gcp.gvt2.com tcp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 142.251.40.163:443 beacons2.gvt2.com tcp
US 8.8.8.8:53 227.48.178.192.in-addr.arpa udp
US 8.8.8.8:53 81.84.155.34.in-addr.arpa udp
US 8.8.8.8:53 163.40.251.142.in-addr.arpa udp
FR 151.106.4.82:443 bonzi.link tcp
FR 151.106.4.82:443 bonzi.link tcp
FR 151.106.4.82:443 bonzi.link tcp
US 8.8.8.8:53 b.thumbs.redditmedia.com udp
US 151.101.1.140:443 b.thumbs.redditmedia.com tcp
US 8.8.8.8:53 preview.redd.it udp
US 151.101.1.140:443 preview.redd.it tcp
US 8.8.8.8:53 styles.redditmedia.com udp
US 151.101.1.140:443 styles.redditmedia.com tcp
US 8.8.8.8:53 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com udp
NL 173.194.69.84:443 accounts.google.com udp
US 8.8.8.8:53 84.69.194.173.in-addr.arpa udp
US 8.8.8.8:53 ad-delivery.net udp
US 172.67.69.19:443 ad-delivery.net tcp
US 8.8.8.8:53 alb.reddit.com udp
US 8.8.8.8:53 external-preview.redd.it udp
US 172.67.69.19:443 ad-delivery.net tcp
US 8.8.8.8:53 19.69.67.172.in-addr.arpa udp
US 8.8.8.8:53 bonzibuddy.org udp
US 198.187.29.31:80 bonzibuddy.org tcp
US 198.187.29.31:80 bonzibuddy.org tcp
US 198.187.29.31:443 bonzibuddy.org tcp
US 8.8.8.8:53 31.29.187.198.in-addr.arpa udp
GB 142.250.178.14:443 play.google.com udp
GB 142.250.178.14:443 play.google.com udp
GB 142.250.178.14:443 play.google.com tcp
FR 151.106.4.82:443 bonzi.link tcp
FR 151.106.4.82:443 bonzi.link tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
US 142.251.40.163:443 beacons2.gvt2.com udp
GB 216.58.212.206:443 clients2.google.com udp
GB 216.58.213.3:443 beacons3.gvt2.com udp
GB 216.58.212.206:443 clients2.google.com tcp
US 198.187.29.31:80 bonzibuddy.org tcp
US 198.187.29.31:443 bonzibuddy.org tcp
US 8.8.8.8:53 www.bonzi.link udp
FR 151.106.4.82:80 www.bonzi.link tcp
FR 151.106.4.82:80 www.bonzi.link tcp
FR 151.106.4.82:80 www.bonzi.link tcp
US 198.187.29.31:80 bonzibuddy.org tcp
US 198.187.29.31:443 bonzibuddy.org tcp
FR 151.106.4.82:80 www.bonzi.link tcp
FR 151.106.4.82:80 www.bonzi.link tcp
FR 151.106.4.82:80 www.bonzi.link tcp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 electus-studio.itch.io udp
US 173.255.250.29:443 electus-studio.itch.io tcp
US 173.255.250.29:443 electus-studio.itch.io tcp
US 8.8.8.8:53 29.250.255.173.in-addr.arpa udp
GB 216.58.213.3:443 beacons3.gvt2.com udp
US 8.8.8.8:53 static.itch.io udp
US 172.67.69.99:443 static.itch.io tcp
US 172.67.69.99:443 static.itch.io tcp
US 172.67.69.99:443 static.itch.io tcp
US 172.67.69.99:443 static.itch.io tcp
US 172.67.69.99:443 static.itch.io tcp
US 8.8.8.8:53 99.69.67.172.in-addr.arpa udp
US 8.8.8.8:53 img.itch.zone udp
US 172.67.69.99:443 static.itch.io tcp
IE 2.18.24.18:443 img.itch.zone tcp
IE 2.18.24.18:443 img.itch.zone tcp
IE 2.18.24.18:443 img.itch.zone tcp
IE 2.18.24.18:443 img.itch.zone tcp
IE 2.18.24.18:443 img.itch.zone tcp
IE 2.18.24.18:443 img.itch.zone tcp
US 173.255.250.29:443 electus-studio.itch.io tcp
US 173.255.250.29:443 electus-studio.itch.io tcp
US 173.255.250.29:443 electus-studio.itch.io tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.16.246:443 i.ytimg.com udp
US 173.255.250.29:443 electus-studio.itch.io tcp
US 8.8.8.8:53 18.24.18.2.in-addr.arpa udp
US 8.8.8.8:53 246.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 40.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 js.stripe.com udp
US 151.101.0.176:443 js.stripe.com tcp
GB 142.250.200.42:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 m.stripe.network udp
US 8.8.8.8:53 m.stripe.com udp
US 44.235.71.62:443 m.stripe.com tcp
US 8.8.8.8:53 176.0.101.151.in-addr.arpa udp
US 173.255.250.29:443 electus-studio.itch.io tcp
US 8.8.8.8:53 62.71.235.44.in-addr.arpa udp
US 8.8.8.8:53 itchio-mirror.cb031a832f44726753d6267436f3b414.r2.cloudflarestorage.com udp
US 104.18.8.90:443 itchio-mirror.cb031a832f44726753d6267436f3b414.r2.cloudflarestorage.com tcp
US 8.8.8.8:53 itch.io udp
GB 216.58.201.98:443 googleads.g.doubleclick.net udp
US 173.255.250.29:443 itch.io tcp
US 173.255.250.29:443 itch.io tcp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 90.8.18.104.in-addr.arpa udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
GB 142.250.180.1:443 tpc.googlesyndication.com tcp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
GB 142.250.180.1:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 www.google.com udp
GB 216.58.213.4:443 www.google.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 192.178.48.227:443 beacons.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 140.71.91.104.in-addr.arpa udp
US 8.8.8.8:53 dns.google udp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:443 dns.google tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 172.217.169.66:443 googleads.g.doubleclick.net udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 66.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 8.8.8.8:53 22.113.82.140.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 drive.google.com udp
GB 172.217.169.46:443 drive.google.com tcp
GB 172.217.169.46:443 drive.google.com tcp
US 8.8.8.8:53 drive.usercontent.google.com udp
GB 142.250.178.1:443 drive.usercontent.google.com tcp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 1.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 tiny.cc udp
US 157.245.113.153:443 tiny.cc tcp
US 157.245.113.153:443 tiny.cc tcp
GB 172.217.169.46:443 drive.google.com udp
US 8.8.8.8:53 153.113.245.157.in-addr.arpa udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 apis.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.180.14:443 apis.google.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 142.250.178.14:443 play.google.com udp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 content.googleapis.com udp
NL 173.194.69.84:443 accounts.google.com udp
GB 216.58.201.106:443 content.googleapis.com tcp
GB 216.58.204.74:443 content.googleapis.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 www.google.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
GB 216.58.213.4:443 www.google.com udp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 lh3.googleusercontent.com udp
GB 142.250.180.1:443 lh3.googleusercontent.com udp
US 8.8.8.8:53 peoplestackwebexperiments-pa.clients6.google.com udp
GB 142.250.178.1:443 drive.usercontent.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
GB 142.250.178.14:443 play.google.com udp
N/A 127.0.0.1:9050 tcp
DE 185.21.100.50:9001 tcp
US 128.31.0.39:9101 tcp
N/A 127.0.0.1:49509 tcp
NL 146.185.177.103:9030 tcp
FR 212.47.229.2:9001 tcp
US 8.8.8.8:53 2.229.47.212.in-addr.arpa udp
FI 95.216.33.58:443 tcp
US 8.8.8.8:53 58.33.216.95.in-addr.arpa udp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
NL 173.194.69.84:443 accounts.google.com udp
GB 142.250.180.14:443 apis.google.com udp
GB 142.250.180.14:443 apis.google.com tcp
GB 142.250.178.14:443 play.google.com udp
N/A 127.0.0.1:9050 tcp
N/A 127.0.0.1:9050 tcp
N/A 127.0.0.1:9050 tcp
N/A 127.0.0.1:9050 tcp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com udp
NL 173.194.69.84:443 accounts.google.com udp
GB 142.250.180.14:443 apis.google.com udp
N/A 127.0.0.1:9050 tcp
N/A 127.0.0.1:9050 tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a87bf07e763da41a928eb1b548b1759a
SHA1 c97fe9022cf09bf4beb5a15ba3665d28715cca60
SHA256 0a382b76a5db92bc934ecb87289c0459e172bdd052df95063e1d27b5a58c4389
SHA512 0652cae94a09f07ee77ef65b31bb8b2511604d79d1d6dca8c49743793ed3767f9c83e940810c224be98f005d8c7b9ab89fda6c2b4f539758c02e9dd99f2b3241

\??\pipe\crashpad_4292_HPLNIOUZLGJJKGVC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 038d8339c7f8c3ffee8d53e92892f134
SHA1 707407d819a839b3e5d10bdf5591761a226e3cf0
SHA256 88ff77ef54696cf87555e290ec469dc4b56eee2c32bc124df98698bd6524e7fc
SHA512 484e92bab63185e9535fe753747711050b8e2f284727d39a27f3dcb44c00ec5be786b6b4e47e8c835ee45bc1f28201e297e59a4231184bdf4863c97a9d9cb9b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ccb639d17504b51b5f61fdf37c6f5710
SHA1 a8fcbdaf9cdb09d70294c24a663abd2d31560657
SHA256 20c8e5b302f43b2b2f41184a706adcf60b2a8e680ba839ae9d5bcafa138a6fc4
SHA512 65ae660441602d79a3e5ff5453a74b0fa3175c2a69900a25a4bf1d8db70ea00b92e09deb456aaaeadaae503598e03469a626f3fbebce631d8ac92e5891079c9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 95992c51f89ba4aa6a9ffae3fe51b06c
SHA1 b86b21c7c93b60de090179fcfc6d396ccc16d1bc
SHA256 56d4bff66333633724c7a37201526f93dcd30d058f7dc30c23ab26bd9b94e95c
SHA512 b30646ce2433b677d7624efea5ee9b49887f8815085dd77dadc07b333f0a4085021974e227d1e3d1c43133d24298f488b3d8e02ed01022379c406c31e6410609

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\8ba51c28-aa95-41d6-b6b0-361e44bb1bb9.tmp

MD5 40a9cf7b5d6dca753d7f44a8c3b236ef
SHA1 fbe1127b5177d74d146f2ab37259f30903b37cda
SHA256 82dc10ee30c8ad777a4fdc542548dec8d7b7deb46b09cc9046717eda009df30a
SHA512 35a4ec628cbbce35b0c49d7af256325863f7bfd65697f50a814c6685597937a85fe4b44c56a3582c6c1ada00bff1b41f73932849c7545b27080a687bcbe90b25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57b8e0.TMP

MD5 da788a560ac70108d7a8335475a6df24
SHA1 bd3f48e62339fde0075c6e5e96f1e7f91f4db7f5
SHA256 95dc0721e80d95fd0a8c621c2103d191a048eee50c10adc9bb6f4b6a70f02607
SHA512 e2ce11981fe24287d276167968b11455811032fd5aaa2aa0abdf3ad1e8c6f8f1e753cebb7fa1f84b0d597f1028f5e24aa125734b3b93292af5fcbfe3fe4a914a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ae1bccd6831ebfe5ad03b482ee266e4f
SHA1 01f4179f48f1af383b275d7ee338dd160b6f558a
SHA256 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649
SHA512 baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 360c122075b8edfb9d5084b0d948e819
SHA1 cd5253482392a9859bd228680b98fbfe80a2bba0
SHA256 469975388164579dd13c7252a579440576d92b449440b682febbe952bbaa3558
SHA512 bc62e1ed28b1f67984787549b53312dbbe4c9a3ae958a682d0654108001762de9a7002e890f5c07d43084773410f55f34a6eaa5fb1f25990a230d31646ce8606

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 afdd9b7150569c0a55c55d32aaeb7e08
SHA1 a6b74eb0c1741fc9a389196fcee7ea058d5e10d6
SHA256 7aea203293dd09823c4a07e0f036481956b6e7a80847c502dc5e66aee22769ad
SHA512 b7cfe36e2b22e4f2e179e69176ccd8205aaeff24e11bb0f94d5b68cbab52ac59e5ef645172214218095266397c749eb00bf506c9c22d8f0621f66ed1779a297b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 f73eef3a9f1deaf084abe83b0057cbd8
SHA1 303fd07adf5496aaff37882ecb480bc47820a8ef
SHA256 fb67d4bbead57e71e3867dcffe4a0d1e56290cc99a3a2688572828c3915e07f5
SHA512 4b5fcd90d321d3905c2492dad41f8bba62c658fb74175e7ba632047a00e419730988b237a3139b24b5544958c10f9fd432d8eae045586cf32ce02f6339a045ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58053b.TMP

MD5 2959ee29666e182eb2241e0973566b61
SHA1 28fc984539a5d29ff9a959eb366806ba52dba25c
SHA256 066e7e855655914dbb101fbf59f2d6b15280e8fb492090848ef061e90bbe3c00
SHA512 c3d20dea1ae38ac2ddae659e90e9107e2e73350f695ebb03e68ed66bc152ae9c86cff22d031dbc1a5c3207fb140b5c1b1e65b60351117cf5f432a2e265849bf6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 51684153f459acc1bed611dff4b5cc93
SHA1 cda5c140f915282102b49f9751c194e922e5784a
SHA256 92191df55ae0511232803fa8901cb86b7d14aeab16ba042a5a103705765d742b
SHA512 fcba3d402b35086e8952cf1099bdd603d36d8a89540ddadad0a7a1deab079e382c5fae4b6291948c9088ae4a1386a68f2966de1d30353c0b7d263f9624a18469

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 874180488f5ee6be9fce07aa4913920b
SHA1 3ff65ca4cdf9fd9affab4ac1e6d235b1b70815b0
SHA256 735a3a1d4b9dd11ce2a803d7552adb8b12e8987065860cdebb1166e497d944b0
SHA512 804e8ccf4bfdf7a177644b917082e44d92087c00bce2a4d6a0e97f522e14653478fd04dfbebcbb4df513158a431804e8c23d1960d175fad39e90cfaa0dcc3990

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 476edf535a180f8c09bb1cfc591c45d2
SHA1 378384f7c08b762fb6307aa787ff6957e74e02eb
SHA256 7a755231e7ce3043bf090199e1f2f22340117ad1bc22361e26211f62a743d3a2
SHA512 f1b88631d0ca4aa0d10102d5c575fead676f6f1e7fa651443402f650e2a8c3605af5bb4549e7392dc7c9ec7ad2f363b01b0a85921591e3e9daaed13d9c647a60

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 70285358a8b1710d2924637f2afcd923
SHA1 86c2d1640e7eddef8045354b1fcb674fcfadb423
SHA256 8e5f865e360b4a45fda9dfb80b62339c9ba081714d05186af307355dff4f7810
SHA512 6f6eabfa626840abafc373500efd63d4c15a5ec5e74812f04b04d95968373e4fbe49d8b086e91f748042a01cd00b9a05a9156cf695915d27348dd3afe5a52e69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a7236aeefa518e59709f597fc570b074
SHA1 c386bcf36b051014f09900ef77830adab350657c
SHA256 0bb20a273902dd13391604e2c40d30921fcf92c3096bfe86569b0ca51f721ed6
SHA512 195d167d022785b1510421422106ef52fd3327c2cd9f3b0d61a7ba48e64f710e1d55240cd4376f1c31eba478081e736459ae3368a4bb65b7d772bdd21bf0ab77

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 12d93c1a55eba680ae3340fad349cbf1
SHA1 fe205d963b9087fedcd0c4f168e7094141ad6b0c
SHA256 e9d90b1a75bb3cc2e323b65916fe55abc80339b333e3c25e4fb01fda21ce5660
SHA512 dc9833322e9f80c6cf0fa104fcd2d3ca838906a37cdd3ffbe1eb08ab151cdbc7bdf2c8d93ebccde9a7ef440fd8ba272576766a7381a4e9d86ed8acf3c8c76f9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 afd950a3af933a89de5c603a31a39e14
SHA1 6fac2ef306515542c9b2c77c719da783328d4362
SHA256 558565dd085a6560f6734a3f4e63d2a8f01abe77926836924c09846ebb275a98
SHA512 6574aad5850a439e7e12f03a4acde5c7b1e46238b3ab0afd3adefa3df7811d4d327fc13881ae3b69a7021197f47c32a40ecb5896e94b228de76af8164c588d6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 707086954839d4f47068a44b808d1738
SHA1 c03d46d4120220a11c43c1b0958202d9772ca96e
SHA256 dd4ee66b814d9d126f42b531f5209d99830a537f0bf032fe9a8c0bf10200e9af
SHA512 2b23dca1899e8734e3f2328a8e0b9d51f29c0996e0e1a94ce170efe154d10267521dfc50919af6f221440a7656578bb65d055a833c9cfb8b98e4d97c59bebc6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ced551f65398175f66fde3dcb3d87b38
SHA1 e60fe5875f1fc70661f1c1179418954bb89b498e
SHA256 8ff131b5957454f07735aa42da699d89936310fb168cc3a7a00509fb03279555
SHA512 9c378c22bd51b0eda9a52655cfecdb0252f043e3fe2ee3be231fb9dae6ed6ba498abb5d1e7bf6a2fbcf8c9f6960ba3a7786413bd063234f8abea0c3b6626548f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 138f542c875c907875cdda3f5696b4ed
SHA1 58bd11282b77da9c78dcce87a77156d0256ead43
SHA256 97580f49a3dd0b0c9ae396bd83377f15a3026410d9fb0356727253f8972f201a
SHA512 6d151b57f59bc14dd61df8af4ddc8600875f2539d3d4817ba12d0214ae5e3723f8e4d43934f2b5aaf8c391d5faa06d9fec4228bde56b3b47a786da1d12fb7c1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cee6753ced045dbbd2bc851d562e1ce7
SHA1 ec6db81b1af2852422d43e82bc39ade79ecdbc22
SHA256 71f2753a5148dd6f163b0cadcfd4c746f8fab86d073eae8bdd6e8a497c46b96f
SHA512 95e15a76b24c0c6e30c10a788df05ab6109dc3dffc5e948568525d4b66b57ddf3779e34ac2306fdd888ddf3fe14d4edf4e77548989d1c607ba3ecb7403da7b7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0b2c6c24a52ddbb0feb582572580c658
SHA1 39f6671355dd7f7c69819f8f2f38a64778571c50
SHA256 0aa7678f4b67a2e2db44a39e89a9192bc349333fb1193540d6b182b5cb05bdca
SHA512 da98c057e91e617ac06d3fc18d2bd611e8a5f79215421e62c66a6bef38a429d5dc0441e61ecc265d03d70f87926547e464be0d458d1445f46964fdc3c65f372e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 2b312fee4bff7fb9b399aa619ae1811d
SHA1 cf5e3270ef62ea6ce023f9475dbf7ed67e10527c
SHA256 fd5fb41882dfe849ea47547bf38b9abc435683d7473703b4cb37e8c28b1de4cb
SHA512 3a42c3a12da46656d8dca9b54651027873f42d2ec2e6e706a41b4b520d387f0c3c0388e3d117bd49174d7074079f3404c00b6141c8dd22d38ef1a257f52a9791

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 e1f8c1a199ca38a7811716335fb94d43
SHA1 e35ea248cba54eb9830c06268004848400461164
SHA256 78f0f79cdd0e79a9fba9b367697255425b78da4364dc522bc59a3ce65fe95a6c
SHA512 12310f32ee77701c1e3491325a843d938c792f42bfdbbc599fe4b2f6703f5fe6588fbcd58a6a2d519050fc9ef53619e2e35dfadcbda4b218df8a912a59a5381a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 e1831f8fadccd3ffa076214089522cea
SHA1 10acd26c218ff1bbbe6ac785eab5485045f61881
SHA256 9b9a4a9191b023df1aa66258eb19fc64ae5356cfc97a9dda258c6cc8ba1059ac
SHA512 372c486ac381358cc301f32cd89b7a05da7380c03fa524147c2ddf3f5e23f9b57c17485aaedc85b413461a879afc42e729547b0c96c26c49bbdb7301cd064298

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

MD5 e9a5315fe482aa6a84b4cd461a41a5cc
SHA1 06833b57adceda1c91eaa2072d368c54fe4995b0
SHA256 6a00fd28670b7ddc6725260bf6cf4c345762edcc5e74e4eb77367b4969efa9c9
SHA512 86dcee3ad5c69dfb9bf6f0e8246b1bf2f95a27188c17e1cab7b9270774c37b8d0e6b2acfd33f144ba74d17c849299a9c750dab9c8f1bff09147befb7876421c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b314a6eb04238a0b419baaea426e6c8e
SHA1 7b54200d6158310b3007bb6fb9d13876fc5d86c0
SHA256 72d1d7b5da9d65fcde612c4f9558e0f9e31482793813af2367e14bd0d9eb8945
SHA512 86865706bc7092bcd37f7f632a242e3e2c9ea731243634c53dc4629290bba7be40beaa36457bbcf3f1ae3cd8abbb98b4750c751b9d791ffc3b9006847e047922

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9f5239c061b1f0b61470342cbd4ac8ef
SHA1 5523d5a03810645d159b058e2182646e2fc14eb5
SHA256 2c38f8e363b8b6b1707a1594e2eef3810736ae54a290c73aab4835b079cc3b68
SHA512 9b3b1cb4e35af7313dd684aa2ffd64c10096fd205977c4aa4e10e37a2ed867f0d844552d2633ad0a074444995860b36474b66c980d75d1bea59262c0b3da6f4f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e44bcbb5b2237d418327e0363ee47157
SHA1 7a716e174a0d2206e63eeb3a03d088a6b2930747
SHA256 49d5e853e1bc5a1331fa988f157ad98d7bd90b7232a76328b4ca6b2fe1b9a0b2
SHA512 e893fcf62e0d153e595a3ffd2e4b09c768752d19d5637c21692e6fa16d5081153aa45852339264d1573922db9d4a7c1e159b64b1c9c499f12477b43806ed35af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 9b603992d96c764cbd57766940845236
SHA1 4f081f843a1ae0bbd5df265e00826af6c580cfe7
SHA256 520408fec7c6d419184ec68ad3d3f35f452d83bd75546aa5d171ffc7fe72cb2b
SHA512 abd88ee09909c116db1f424f2d1cbc0795dbc855fef81f0587d9a4e1a8d90de693fa72841259cf4a80e0e41d9f3e1f4bf3a78c4801264e3e9c7d9635bb79ccf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 5ce7bdeeea547dc5e395554f1de0b179
SHA1 3dba53fa4da7c828a468d17abc09b265b664078a
SHA256 675cd5fdfe3c14504b7af2d1012c921ab0b5af2ab93bf4dfbfe6505cae8b79a9
SHA512 0bf3e39c11cfefbd4de7ec60f2adaacfba14eac0a4bf8e4d2bc80c4cf1e9d173035c068d8488436c4cf9840ae5c7cfccbefddf9d184e60cab78d1043dc3b9c4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9d158f8a0f54a34195de40765f15b8df
SHA1 edaebaba4773ac05c5cd38a2aba0d772bb7e9c20
SHA256 105dd1963495f2cf2935a147262d586eda225dc9cbe4ab0df9f6c95c43fc8f17
SHA512 1fb5e100a4fe838abbe7195566f9f36c65cc9d9b1385558e244a25cd93c57cc2fbcbf68f9466bea6045160a0f29d2c38720de11f65a00eed92a4ff9153bdc423

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bbb42302f79809badead25c6592aaec1
SHA1 30f0005cd7958a9e59fb4457d7924908b0633e35
SHA256 24041a5dc7983312a614abd6868d8c60241cd7edc709cddef61f767975bbcb6c
SHA512 c8f2568d4d443689ca451057865ca14d75e74b9877ea3ca17cb34a792c339e058a1e32364bf7a748061442cbb6801e8dcbe611485f18fab41efd1f15a5bc579d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 002f79eb89286275481a4d60d99bb826
SHA1 f1a077798b36c094add0ceba107355fc6f9e0402
SHA256 55a890e73a5098637ab3776a174c0345b8d6a66dd434b65a37e8e4957e0bf419
SHA512 c9672f3207b9d33eaa5215dd69cba8bda9fdf2fa5d937ba28d61e83507bfbfb1cdffd89b8a0003186b3d1bedbdc82364412a5ed5496b62cb81bcb714beca8ac0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 54cccce6a5d38bbabb82ecea5709a199
SHA1 2baf6df5e0a73a5541a32b4d4a02bd5358e510ed
SHA256 4d6a81d06ca766377c136ddf1ce0a35643cf2d6d77ffbb6f6d48dada2d78a702
SHA512 bde95909005e01d0245cc035fa1b8c998315a04073d886bc8d2aff696b507b0f3364fdb42c305251310dc5f5c9d4ad75b8b983741b964ec086a05f58b80982cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 b1dd8aa78afcae5fde91823378c09c40
SHA1 cc16660e8f0e24c3554269cb3d22a0994d5171c3
SHA256 9e6cbe23b7d1edd8e30aada555e7011e800c744b69b0b3e4318c97e405013c6c
SHA512 2cf516188dc657615d1284fd3c6cd49775958ddaa2869c8c193d89d9d3e10514b8d29b9931f68c4e03b13c850fb4a8ed6c0557a7e97c75a609b3271d8cfa6496

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 86862d3b5609f6ca70783528d7962690
SHA1 886d4b35290775ceadf576b3bb5654f3a481baf3
SHA256 19e1a1ad6c54fc29a402c10c551fa6e70022cefca6162a10640ee7d9b85783ed
SHA512 f0746c23a06effd14e1e31b0ea7d12156ff92b1f80445aa46e1a4c65cf5df4bc94f6dabe7aead01f1bd6a6c7b851b577a11697a186426a2c8dca897c48515ef0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 b5a7fbf278408797de08687d5badcafa
SHA1 091c88063d84057a533398e637ba218fcab135e0
SHA256 3bd38bfaac511788fc123c441600a7ed62bfe2f63faeb584ad354f45139705e7
SHA512 dfea4cc176189dc79c22c25e35a4149ad899706062b3be5c120c6c390ed4762e36d7f4a4dc5def3d0ca9e3101e7421a365b7bb63054f72a28fedef1bbeb6a526

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

MD5 7739350f11f36ec3a07b82584b42ab38
SHA1 d97e0e76a362e5fce9c47b7b01dab53db50963d8
SHA256 d84e9971e8c344b9ff5a5968e7252270757f211f0d408e26c12693729068ed75
SHA512 2cb436985e382ec17390a1f8a7c112bdf18206c66d845934a14f9c84781200828e05c57cef5d4128a9d9b96778042ecb7ba2c031563c78ee9b8ec41accf8a537

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 063fe934b18300c766e7279114db4b67
SHA1 d7e71855cf6e8d1e7fbaa763223857f50cd1d4bd
SHA256 8745914e0214bcd9d2e6a841f0679a81084ef3fc3d99125876bee26653f4253e
SHA512 9d0dfc21306b3a56c2ecdf1265392271969e3765e161e117c8765125b34793e24458217cf6514b364f351f47e65baaaf5856be0d13406a789f844d6ba8c7075f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 c82fbaa7e5113d3ed2902a3500ec8631
SHA1 c9b4889980899c0f2aea9ac8d0bae28b59e6add3
SHA256 4f4e25ef0961b656039ed8628951b5ff6c0a197f8866374b5937e182b12ff278
SHA512 fc3227c51b9bdcf0917b040aeaa925795e153c7a78469b7e1c87717c1664f46208e5fc3e413f93724ef0fa94aea655db55f04c5a61dda0df737c25b75393136d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 ebc633a368f3fac0b50f7a240f5c9b9e
SHA1 8e6931ee9534a5df409e6781500de861d1901051
SHA256 8213ca3eccc92b35c7cebec3680fb15cc6e77a1929dd50fd4de0f94da1ccdc18
SHA512 96df3569e12d2c0ed7e8292d0f65e87503fa0adef302d944fe5c60afc8877938bce64e81506f4c716c0a5df0f490e43f115811a721d59d6258738f45c3151fc5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 8b2813296f6e3577e9ac2eb518ac437e
SHA1 6c8066353b4d463018aa1e4e9bb9bf2e9a7d9a86
SHA256 befb3b0471067ac66b93fcdba75c11d743f70a02bb9f5eef7501fa874686319d
SHA512 a1ed4d23dfbe981bf749c2008ab55a3d76e8f41801a09475e7e0109600f288aa20036273940e8ba70a172dec57eec56fe7c567cb941ba71edae080f2fdcc1e0c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 8278023fac368f67d8b83512b48cf0f9
SHA1 cfbb90dea9e8a9df721806c7d49eff44166b2197
SHA256 1e62f0399a3c5a499b3c93622608d15d3948c3c335359bc695bf3522b03fd48d
SHA512 e04ba7a9402379c064bf5707a5fbe3e5ea6de978b1ad50d38f9b30bef47dbb761f0f8461de8cfaf7c33779dbb47fcf4df7fe387d12fbbf899f7530f6f63a340d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5712712d40e2edff77d91b49a6798888
SHA1 2d993d3a0919f1067399480875a7ec3113c1752f
SHA256 bbd6e4adfc66641685e62217af475a809a1e9942cf98863fa8089269832dc108
SHA512 661db906610d318f7e5621ced06042ad3db4bb5017c82cb6014b25d62fd68910233ae2076458f04243df5f19e5335f3502082025f1f765564d7232ae4ffb6be2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 132bc159488ae3fbfa6398778c1b4670
SHA1 90c63e91b3ab07d1bbf653c34fa3bcd232a24c41
SHA256 82b47230fa2f329c77d832eafc0d60eb7477d6c720662f8c17be3d779fa52d4f
SHA512 72004fb369028b314202350ac43c5601a155db73313a023e7888631fa9681fede28044ae06f2a449e7c988f25a0497c94b9112d1be2d6f2a472424f4df91ccb2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b02dad192b0ed3c13a02ea0fcf406121
SHA1 e8366fcbee0bd815c8762a0235a96b959f7c9b89
SHA256 d00918f547603a6d32bf286264979d764c2d3e441659366dbfcd4bd57f78c5ae
SHA512 9ab8a641dc51cfd7fa07981c023dc03c579b2433cc1300ceb62aef94ef988f5b89c7e2befa73e7e15844fc909a9de42f7ffcc8ee7a09b4d2c1fe46cd87122a17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 a364f9c28c22eb638cb259f087aea21a
SHA1 07d55c264c80a5c15cc5d4e7cfc9cde39447bedb
SHA256 cd4dc7ba3d0f248f88bcf2e13c5b767b10e36ed812a88fc4b7d07eca3435d232
SHA512 a0ca17844e666dded4fe0b31944a407a7de1b9939342543182be28bda083f909e3c83f2128fc84baeaaf63d142c4fea5a774c543fc0b3648d04c78a81876d280

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 af9b099fced6f3745d61b673868974bc
SHA1 cd72b8fdbf0fca552ffc08a5c9d9f809f5844c22
SHA256 2eed1b33c207a7feb01cf2a0d72e893c0d1ff32599a394f42edff9f9df668b11
SHA512 28aa5be3263cd10ab4e8a4fae071ed302725a52c69e85f29b4912108a5341a0ebaf779d8b79e1edf44413875e4312661bd1787f83d5a1cacc599e2b58f138e30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f5ebfddcc610c5eb3fd52073bff4b192
SHA1 21508ccf994d4a96dad90d871a76f45a80e36384
SHA256 1a9949a67835cc3803cfbae85d1f0859e592ec892f408d953654f61ecab3d506
SHA512 a357c298a25e75885a276f816c7c195748603b761291bd301d0579314e7e4acb2deb40ee2b2c776c507011bbe12f374de618d64689f14cc1a7d9118eac0cd7a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6cbf41a31e5dd3a862d0835966e01ce8
SHA1 4c7eed78e23736aff7b107b1f6fb764f1daa2ab7
SHA256 78f2ee6f4de0b4cc40ab52cda874385c342f79bd6fdf9f712b94863347bc2736
SHA512 9b6a473c8a6649a8b9a29f9ae8c5f76a3f53adad0b8a13ee4093856eaaafcf4048911563547544f0e252d2887d8bb0b8051d5dba7e5ccae1ecfba57cba489af6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 622b667bf33bf47d541557be5c0e465c
SHA1 1b5b41b06eff0eb23e5bc88212050fbc57829e86
SHA256 f046a78d5df8e86fcd90e1bd782094c27543d8cb09f38dbc421a4e946624cb8f
SHA512 c981825297752ca794433c360ccbe67f63f20c3f737eff9620c17f0dd9ce14a44ca0e0c35ff21638abd8f3e1e6354684f9c55193c95f6fcac588c63040cb8650

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9fcf7bb2f0b434e965b01b79b495b509
SHA1 c1a577931a3072876a25eea14a5c2dad99f22d93
SHA256 384eb00b9c4108e85c5c335d4659910078cf1325e11d85b5448866dffe7f8d9b
SHA512 2f48f41bfd7bebee6d7662d76b654129a19e192fd04e43ea09eb3adb136389606b78d4182c412f46a24e749e514ead6386b0af5677c6140bf58963ca82abeb74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6be4c073178e191631641639d9d3c1c6
SHA1 8627bf88a21d214a374746cdb1800299fa2ec119
SHA256 4bf2d333b9191aa3af06ab6a79fcb4bea945720a82964e97ffb18bad5733556c
SHA512 165038ef10c1a901560e38c0643e046dfb7cb687b89a589b48929871f78bb26b63187e9fb05852e3fae7fa0bf6bb1cdd6b012cd4a2333774b2c735be9d3739c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 450092d409ea8bde7e3ca1247fc0de4a
SHA1 f021476a1ce1a12f956b79635e5d5f36c2d2a4b9
SHA256 ca89da096c19ce02a68a898f6107765e7e4f005843d72d8447098c38d18e73a7
SHA512 d8d879b863ed265eded8c2af06151f3685c2345c17c568c119adc3e435be020232c731930083d3bc1f93ef1efb65670b70dc0e8c5fcc507aa972d45f016d388e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\e6aec5f1-d742-4350-965c-89f742075c56.tmp

MD5 fd7b882ca0da427deff0d012244b2ce5
SHA1 e2bc4f7edbfbc21e741d7f601ef7da6aad4b9315
SHA256 504f0c94bdbd68b4afd3ef7b92afffb53c92e1e8be40a3579c51e7a7ff7e26f8
SHA512 4107bf687bcdd13d89dd4d36f54ec46853895eea2723f6adbe425c914b4780d59e6bb71c61c958f98cb70db1bb52077b1c4e527edadc37758c627a9a3ba6f3c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 78ed87c05f3d3f74c1b9ca3fe34ba833
SHA1 a2377a77c83a71bb8a3833f74a6d3521dfe78dee
SHA256 d7eace1fffaa844711eae8856b1852f0729fd8120a0f7c50bb2179ea6e1f3860
SHA512 7b8f26e2e23132e3383332dabf1079acce583933e76fc21e2b9a5a3ae7f57766bd428f9c8f61c6e5046d0813cd9762c3fd4e5c1a02e57fc555f4c2e2e83e2382

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\5c5f3dce-5ddf-481a-91c3-72430fed7432.tmp

MD5 d1af3345be953a9ca32119c670793443
SHA1 8bcc249feb469ba4d0d6f5212cd087b42638d1e1
SHA256 7864b215ae52ba8812dc898b7240e9918df5d9f8278e8edde8c9fc758465231b
SHA512 3a490c9e56032ccfef0b7cfa1d1e43ae115c86b731561681cf2e545cc5bb9ce6911642656542a6383eec16d5ad071c59209eb8664d0046df372f4b5a83a52a43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041

MD5 622a31c6676a48e0e1d567d90600a61d
SHA1 a7b7041e78faba9e2e293f01f3931939883d1e3e
SHA256 cbf9374f1063b1d73132f96d3d2c30fa447957fa8e27be55cbfdaa6e1e333ba5
SHA512 ff64db46d8cb07cce4b52595fdd953dd6226eb72fee702e7aa0b47bdfb3e390d7224c39b1508827d55ce5aa8a6a5f7241908dd0c5712d5e9c3feb3153b75d1b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1417bac8dcc89056_0

MD5 ef54bfbd9394cc96c114369ca71f79ed
SHA1 221ac2d8847ba4527d5d6f90320d24283c92ca71
SHA256 20c05ccdb0425839885df809d3eda752cba140567e56ed6939c73a29f194dc01
SHA512 e3fe86d4b6665c89ceb855bea053feb0a296cb9f7f891d5715dba6a6dcee4b15b855999a9ae9d5002170fb6497e422dc990dbdeba068449f86b9728b858e6f96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\47ef0f4ae089122c_0

MD5 c1dddea44a1d9de5d3ff5ae62abcf31e
SHA1 7506a56f6116ee232627cac66f24989118df85ea
SHA256 cd8f00ced121470c9acee298257ec3353fb440328602f3d08436a0223a037f8b
SHA512 319e39fae4a00c2d560cc72655683c8937a9701da6176255dfa6a59c3568e3b09018df19e5d199b1799e82d7983a5019ce066fcaa4d2e04b74c0eece55192e3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d8481ec53ceecee1_0

MD5 c083e0b135a67e90a4ebbb543a26f171
SHA1 adf36a4e7211df0921d4eb11c1ad54234b9248d9
SHA256 53baeb270691a66e111d9d2e002ff6a47f9be419fdaabe1aa259feda3a4caa52
SHA512 b2983913e3759c0a7c7a4d649c23ae27b083c041bc6b84f48371f583830dc8388871da41de1102768322134cea512dd901b2038c70efa5e67d62065ad0ea40f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c1a1e2130736baa8_0

MD5 b18f790b90d318d34ed83e7f1e9bfb56
SHA1 0aa6e95864f02fd42c268e151a8eb63ab9c3fbc6
SHA256 c36992c1cd5c4faea3a614f750faf10c166ffa2c6a2e383258618b8f1b750438
SHA512 93c3f45ed1dfaa66488c0fbf7499aa7b408de2ece79752c69b5add30ff3a31a9c22d67060d7507055fdf9c80d1c218b02242bba30c21561d4fc413e13e912e58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4e46c80b3df578ffc8ea5eecab6f3f1a
SHA1 b97edc6ce5dbdbc917abf2dfcf7940fb61d4e949
SHA256 e5cb917d9c396d6d2620d4803ea79ff0634b2b8613177019b5a63efb91fc0403
SHA512 a86139bd7948175b4542abea788b2d2c04d8aa03a38815ee02e8f12d30bcc8684082509ad7e16130fe0bd4766205cc4619385abdbceff14d392bdc20234cec04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6529c3b875288b797b3745abf7434381
SHA1 d62809ad6f82f1fcdd4cc8f7641738994939fd86
SHA256 6497bb36f15f548b51c13c713892bc4d893d2126d142f7fea15f2f4e5cc016e6
SHA512 908fbcd8522ecc7085019cb0343878bf28bbe3d129ebc2cedea6f0bf5340ddc969f4cdc5140236f8bb59f19801a788ac2381f0b8cda36c4b8bbbf2d019bfd362

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f268f5f3bd91eb67_0

MD5 c37d95d10d8786f1a0909a5668f2f150
SHA1 5a868195e039e747210e338eb6c4628fcbf81990
SHA256 dd79ee9b81929724b269fc7005c9a319f727edc2b70a4d51f332703564c1108c
SHA512 69ca80f4f7c14b561807effcf774413c2f99284487dd2a240a1a0be20f22fc98441edc68e556f1d55683c369c85bb3d2694676dbe7c87a1a242666ab83fe0237

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b

MD5 2e9c591db940057da3789fb3834b34ea
SHA1 da7b33d26882520b594481ea434bf600a6c01151
SHA256 3fae0adeabaada385a16c902377afe7efe640eb84d937abae81b2f7e3d9944e9
SHA512 5f14d5339d75f5d8a315a29c2950dce276f31d617f90103c0d18b9538bdd5c35ee1746b863f0b0b8982e6a54168eb8dc88340abf56a1d9ed4339811617eaccce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

MD5 a7a7ca950d4d410c9574817eba85c027
SHA1 f485d36c12ad24c9dc4c9f21f53497e3f71234f7
SHA256 8cb3b0932fe49c708bddcf0c525eea2b20d3d55b92566f29e6ba38085ab898ce
SHA512 2b762542c88962e0bfdb9286e3bbab96d041ca9157d6a640537ccb7fcb6502fd2b7868849c6240a116a986a64b367dac5098755543fe8ad7434c6580064ab1e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 2deb5ef717c657c1bfd8755df8e502a7
SHA1 b02d67cc69bebd059cd8bb69123c4908e4622518
SHA256 ecd41ab7aff830ea293125f124b62f4e383717fc54026e17604d9eaf411962bf
SHA512 ba0fdda9234d9384bd0676d50cad971b90593326b6cdd2625bc8411275fd366120f72f98a2309e704ce0566aef1ddeb3f433d5070724319e10b1933923074294

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2dbd2c56741feccd044321ca845c73c6
SHA1 28de29c076ab61aac7b8789ec3379e83706e8777
SHA256 dd05fa17a28b34112bf612760f535000059f25705126872c7bd41c0a2556794b
SHA512 327658dbb72ce9c519b6660209b78666df8d031e9a8fc613f716f2d3e19904be03d80b6020adf7bb71fa1a18f94f791b26ca1639885366e2a9d4e14de2fd4515

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c86853c0de72a64da9c05079a29031d7
SHA1 4c75bbd63ef0fa203144812ef666655f4b0573d7
SHA256 96e3ecd2b0a82c5f66cf6c05eeb34950c546a28aebfcc776a9c844b173cb414e
SHA512 36bd1b4b2f8c71a6ae374fcbbe7f983eebce994eb1ddaffbd138de9e50b9fbe06a80fd5e8ec2c083247d64f3b9491c07b2c8b4161bdeb8ea06f446b6fb8d3262

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 bc9637b0842fa9f5fd1291d0ed935072
SHA1 385aea369157bc1a9df33637cebbc5e088fecd74
SHA256 c630b0e47726e5e45095a1495f30f0c9149dafaa7c20d3ce20346e713c0ea910
SHA512 ce6664fef135c8c0168a1a9cf1f8fa27cc079e753962a3b542c6e0c2af549c7bff5d4c23083666202833dc2166f7e045fe7c86cc3f3323f9156076c149d632d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5f8640e92971c4cd4b7c3f1130787f9e
SHA1 dd79d305e82c0709fdd8b8c9e812850168e137b5
SHA256 2190b2d96180a44e5b53d7474e1d2357a98d841f04f15c25c903aa8b48d175fc
SHA512 c79e054358139c13e9c26db0f43ecb1c89756f0a4860c2546addd8de7e373296ce06d9aae7502e51dee109b475eed8afc363fe57ecf7c964e2a711788c12ed6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7b0971fdeee3292f7796a736e366aa2c
SHA1 b3745a2ef9cd8d7a7cc6124bf2af5ebd06765e47
SHA256 b09cf0a84916b9d7d972d92d47e099986f040494b9263be0edd19fdf503418fb
SHA512 3e3f7cd0948837ff7b91abd8adf34468a2062531034e0d30520c83cba9f64856e00940684de612fb9505780a019e404dcf4a57820607e0343fc68cfaa7019fbc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d187e920cb2eb278ec795dc76f331550
SHA1 140edf27f2cc1e20ee9a621ccb41753dd09de305
SHA256 79e1439abb8f6e3d82fcf8e2abe695d1aa9f9103661550f85b282ca4f71bf9d3
SHA512 fc4297354b29e36abae5bb8147ac5c7f356d02530ca358e56142db9cbcdacca0ee7d64f6446e43b96a2d2ffa665f2a15a12e79f71b5084af3e8a3e2caf703674

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 9de1291df56a99613898ecb5d98ccfe7
SHA1 03e85a1df1caf4227b99e9b7f6bfe10ccffa6a21
SHA256 e6d5d79bff7fd30c3c11bae592189c041d2b03ff33acb7a46704f6de01516a3f
SHA512 eac5f6027df3dedc17ebce918400a79da93dec7fa836de6fca95b6c79c2302c7e3d3bd27340c9ae3bb711dea90b2176322a28de729c2cef8f3e7e09f2dd379d7

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 ede48f549aaf75a0c56554d6e5b6a293
SHA1 fd6d976fe24caa1b84c899f6c3f7e8cc3bc53c3f
SHA256 476a1624cc8487a7c7cc8fb77438ef42eaae0421d3e49782a63990e724b472a5
SHA512 45ec8dcae526e9ce71bb5ece1db66b635b2fc7f1715a77f961afe0c7104785e36561b759c8ceace1402d7b9dfa1c062cb89ef70b0ed0bd83eb48386c89fec969

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 52004823cb6a29bd8b071ca0b7415330
SHA1 fb80d9f391003f4a763dac6f09c1600cf35dec08
SHA256 e26e176effef98c67bd74f0b0925aaa8628380a5167f61e33553c6f3adfc3342
SHA512 5bc2120caccc9396d7bc3b9d093ff0e73aa1cc9252beb76e1f2f63f31b3ca18bc5e4fc90321ded73b9da2b88054974a9203f77cadfb15c1003c6cbeb7560aa84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b32fcf32522c68a2fa983f7be91e2182
SHA1 5ab71bf2edb2807c6e28bd8c99a2e14304330911
SHA256 51446e4ea8d75ba511837e1d4913f2a3ed12c9a70ec89d623311d78e69ccfd19
SHA512 3625350e3859cf9996563b0ddf8078e2ad645e2c00c1b08019655c61daa2182e4cc7f244fd4456be95cff6f5932c38297736d1c314933fcef8f54ca856216d40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ea00f86c7bb9c2cd9008e7784b248720
SHA1 a06b63da252a59f45e93f20e25cc867b5e85b474
SHA256 51d706836474cf3c0d5e4bf88c29de177312c3b1bee34d90e2674be6405a6f28
SHA512 43fb86d2c6594ac0ae960c4f7a204cd145cbd6200e5f3c6676bf53157f46cee179e00a2f300e46cb75def9927145c72b421d48b304a3e75f75a9de9e25781de2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 9229e96eb3008cb0a054c915d22ecc4d
SHA1 1da0594105298bd48dfd082d508a0482b0d1f55c
SHA256 c93410c53640bca12532d9091c5b244f1ecce760790c4eabac028bffb6afd527
SHA512 f1d9e50f69301dbe2b530ab1ad9cb5ea116cb1d80359972d24e24e11e96688c0432012e881d1e9bc838a30c3a7dd6c9b0123229e521e051d6d1b0a8ab242d2a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ed809260fc7eb2f0_0

MD5 9c5365c763f2c328d164fa2de2dc2c6d
SHA1 bc2fbefaeb87ac4d14dd76b0cb594c4f8fe905d9
SHA256 582e610f19ca86f193e9d7f96bd78d72f5a91a77fa5312590867ef5ad18581aa
SHA512 a00ecc08861eacadb48375af3b04917c7bebdbb609164cf402962a27808e16e09c6648bf6ca03650e40437940d304c480e206039be2da8034d7442b399fee26e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\31b167ab474d443a_0

MD5 d2f4d34d341502998037394ebb9c3b07
SHA1 5c9924725b18ed241ba8a361fa3c937efbab8cf1
SHA256 e49017d7d6a590bd5ba3694f90848b7b9d63b7530a4bd2aa0af9cd31646ddb28
SHA512 162e2994292056a57ea71343058df9cc3006adadb14fd263d724f8112f3704574cd0614567da40a16231177d209fb446e4df5a858d4c608a47a5add6fdec502f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 25a3382f20db29dda373559248dbc605
SHA1 3275d485bb1b9fb16e423216b57fbad011eb2104
SHA256 e4e6e0dbf1603234e5fdfd97e5d7446d4c512b5b24866af96167a421886d2eb1
SHA512 bd76ff19ad7fd5cba66e6f6b46503e61e147b242028f6f8c435e500ed9c0f78c9ff849f2daff4f10787cebc712bac116eb12a4c973447c0523c9dfe367ddac5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 24edf43fe24e0e2e7352dbf325da6d4f
SHA1 26b8244d8366e748da623305c3640f7067c3c22a
SHA256 26d41b24cbbeb3c94bcbb52078ba4604564b15244e1f7a519d835a46101a7db9
SHA512 9660c8e0aac4c9061c535ffc8058d999b614e891b00bb60de16ba80a4910c79525538875174c7a6cdf430676fdb403ae63be39d2cba81518bb82e48cccf4af64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

MD5 9710cde3d38a76df56cf9adece440563
SHA1 c679ea5750f01cdd1053919abd92ec25f9d1deb4
SHA256 a207f15e10cae584107f842ee848e13c5b20eaa91e37d12226640736206bfabc
SHA512 7bcad923486cf8bda05ec2bc81c161f27bd9c018f61cbad680e6c1b7a3806837eb2323dd06cb525ad332b217bd958d51676c40e4d89ada4670f6755c670b7ec1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000031

MD5 9dc7cc2e3937c67cb86ba20f2caba765
SHA1 b74cca12f74c08825ac701ea415f649c6468c94d
SHA256 63cdac15cad02a96ac9c3631764f41817197a2201ae2cfea8cb1596f792f5446
SHA512 6ae992b75da3bde6db3c5129fe6b1fc6b99b9d22cd4897a8f6ddd3c5490ec1ef3a7dc74c2c96cde36b54df0f0aecd79fdcaeac68fde316e7cb4e4d3c34ad9657

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 ed928afd595667ca0c2e222074643c7b
SHA1 eb65ff0930b350185db21bf8108141ec5426d086
SHA256 24034a9242fb7396709cfdfbf716986ddaf1316d2a72968ac9d6cc44a419db26
SHA512 8694414b56039669e1b4195fb1f0c4ff09dc23a1123abac9cd21fc5f8130c7b4f64f5364505cb04034fae1b564634dc91bfa9fe82002b63ff175f4affe612c66

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 7e932c178a1a2bbf09e8d3484b16d8c6
SHA1 be542e31d940563daf1b8530e076fd5d99ef2bb3
SHA256 05d0e53d62deba543a6847e8ac7a6dbc7c6d60b05e27eb1860f098bd26b33ff1
SHA512 31cb094efde12da21482828c0a577b6536b475a958c485dda9c54f46876befb790a24f1311399cdc1164fdff9989121e4fade3ab473df2d7c2c222bdb0391e53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000033

MD5 c47cc95fcb6264eabc40a6f36a9d9c6f
SHA1 01f2f446ab8575d07fe75b0c6ed53f8e89378267
SHA256 8b607ec01cd668734d551d8e9c53f4a7337a0035308ee4f8efbd643897741d52
SHA512 6c578b08a8588e0f2a48b778584ea4ff86bfd4d3c94d5e8aac54afe0d852a2c1e0bf14ab96f131a71805dbbd2f1016bfdc3a29e1ddeeb7a08ab394848d6f9b97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032

MD5 227dbbba8424c549e6ea3287fd824b12
SHA1 bb1d4acf70dcc8bc4b879dbf9f268d49bceea1e4
SHA256 d31cdd0aa74bd8a93456303f90022888530fa328e92d30ffd9c804800462662d
SHA512 a6f55e1169f4b40e334aadfbc00d8aa46a150ddd1a06f171d6879169352df01a0209e16eee544021e263a7ec8023bc0779a99b7ce473767ef8b76a45cc23fc03

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 7df4db6cad8e834d79568d975dc6fe36
SHA1 69024f7bda88e74699bbfe6c9903b9c33a3f51ba
SHA256 ccff6d3629c6ddf19101273c5e29053d08a8db79c214594b20a782b1fc3101a1
SHA512 c10251f88930014025939ab973d650819a7196614a3f1d0befb9b630af14bac6b768d8ad47ea96bac4d2c862f1c74934224d01c2b8b87019b7cb7dfe24107fcc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 a4c226d5bac8343eac0fa246b6e811b7
SHA1 d6f8d9633a59196175d977292bf1d506f4b827b4
SHA256 ba0bc36b759b6fff74654baa95f03d82c56bb6cd4a60c12b651ff6340d22c479
SHA512 c8d8dc026214e4650d10b10f125f824e29923984d25dde97af162e9fe28aa8767c24108d5e1e006775d9c885db6d29d830b242447bc7d1b9be023981d8d0d8eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a7358afd1b18140261185607d7465fb6
SHA1 1ce9bb02864c5eacd89e90f7de0f62e10d23aa14
SHA256 716d4104d8f0d550871d5fcb98f9603f4497fba2bea7272207f6c52b03d83b3f
SHA512 37789194520f888d511d856e49ff1d4c9387e4ea1f836ca466046abe2bfe74647a523d43485dcbd7c30124d1b46f41297bb61ef97cb2920013a847a05016aab0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old

MD5 e35832a5490a5a4711c64b481c3c954b
SHA1 f103ac3764fd667a0b436750921e875471cee017
SHA256 05cc92514aa63fbe7b013454d779dbedbbd13125018fcfaddcfec846c00a33e8
SHA512 31aa6d2672796b6025803bbfc32c342e5574e664ac33c92ac19fe78428abb976d3ba589fc86393aa65b621983679af2af7246e280bc0148c0554817916f74bb4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old~RFe5cdb35.TMP

MD5 e973187a49c7548d096852bfeb2051e6
SHA1 5c299e0ea7dc254474395e6612a64d1ca9549e73
SHA256 094317417214f502fbf9651e94b7b4b6535db837c0e46fcdf79c2d6e5101dc03
SHA512 e90c63526178e09ff3461b299fc434bde69df1c3de7397026cc1abb205d1878fccc9a0c46e5d3ba41671b847d31aefd73c9460ad9817101850c62091ca7953af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c558fd3fb181e2ce154b40ca6ebc0052
SHA1 ab81d72fcca689af2f547bdd6b6358002c8ed93e
SHA256 228220e3772dbfa675e00d8fad3aa76f4c47f7acd2fca4165c2a652b31e44bb0
SHA512 f7fce187deefa8ff118d1d28cedf0b3f5befdd3fe1dd9cad64c57b77cbbf987d181c03d65fdda2bb850e71f29cd39dbe15385e4e37fcc9682007e7a40415f7d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 606c8e1a428c1620bff313a61fa406d1
SHA1 ec60530fe5154ebd4048e29ec2271b8322c63e56
SHA256 bf4374120a2c3dbfa4761fc42e895dad2fdf6b95f01705d3ee4f8306eb13f12c
SHA512 8ae2f71e87f5e0e63412c0e01b5990ade95f93ee75f8e2c657b1e0831898b0577a07db5daf693c2941662499e7d13346bd1144860192dda95a3f1a9929455306

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eff683a9066b9a2c4c27df36ee852b26
SHA1 dacc0f27266384ca3ebc1b3ca1ef69469ad0e003
SHA256 7537702e7abac135cf4464ef24da9c89f6d728dc3f628152662b3173446de54e
SHA512 5e0b88fdcbaf68f5ef33fdcc28281dc05614e3ff11cade7b3f336bfeec3392d36bd58e18e080f97bb36457d342e2292a3611bb708ff5c8563eb7df6b83666eb2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d0aed16611540d7a5b56dbf55bdaa545
SHA1 dd4970b6e38166edcf74fa64f6f96de9b9179b6d
SHA256 da27ec769f5e4b99b2fed5c205abbcda6929d7c758fe52bfc1c2d5da073cb870
SHA512 27bb48ee5b0be73fcd25da78fd5c59ff2ededd6bf2dfd7d15c5ca9187aed2d1f3cd1b779f6ad05138ed6e3552b3956b98f084fb1b214ce6dd0cf978309451ca0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000003.log

MD5 6851e0b25e0b247020833041ed16be33
SHA1 c6ae140af5af7f6e6c7a8810967c3055fd042480
SHA256 97ba9d8ed0eb93a9a0af641a127717ec34f620b773ec5f0d9bb332c72ef6f855
SHA512 4d7bc59b8454b8e991c9addbd9c14a7217279a0c4cea185f7125c366d324588beb001df3b775e6c2b700dc701e967fa58d31afb831ba4480d45ed47b1b1ba8a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5045b5e825017a568f25ef4d7a857a67
SHA1 29e52fd36d30dae43c59ff0d0c704688050bf403
SHA256 1d150a3627dd7f537a38375f6dd5a8a919dc82e03a26c425a9dc36d0e6b5ffa4
SHA512 fb91f5d789a2351d2360074db280c4d85819bfbb024edf89e5bd19a3a3245fa1629dc54e7b356c722760733ea0ece137c6052bd0f2caa57111a4bc2373b1824e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 cb9c7909603df546e7887a23de4cd246
SHA1 8fe6d45c89ac9a4dba96a4bdca29311151dd33e7
SHA256 9528809673bcd1da05c2c1c7381109b0f7947da091fd2e5845fc99c6b03b82cc
SHA512 86e9df079c302dce56047f9be1e7737696a6e0118a49e990af5024ba05c6c63396bc8d5dacba2bffded30bec1dbab4f6bb6c5c308e43513d4e6814ac4767ed44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ed1c207654eea0ce81514de4f407f4a3
SHA1 17db56cab3a4e088425a86e988778fa5103fa8ad
SHA256 6e05767fe5a0bbd10dd7bab832c496c635dbb7f695cc27411a3371092ae85c71
SHA512 820c659e1a9e58db13e9b5d3749f9b3c2a05beeaa890de88c888ef0cb54ff3218fa909e8ff7dda8f5afad82dd4ac40800c594211f4f5aff0c839f55ad095e04b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\LOG.old

MD5 b364d5fd74ab7b9d65da3de77025f442
SHA1 0552508a6565254a2ced3539c3eebdf4453df542
SHA256 5c626875cfcd65f15fe4ca4910d2854c8c80765101f68bebdc56beb4e876a103
SHA512 32fa464cb4f7d893298a5e2ab41501df5ab497f1ce41b1960d5456a89fd0408659797ebf784ea3bbf1a4882f9aefd9b10314ebab11be6fcabc2d4b172649356d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 56416619219333b003251cba88b4d71b
SHA1 f2d28d2c196582f0a6126df8c7fc50f5e0e293d2
SHA256 4483866bbae80f0418449f19f70f0f57f9325efa3b9eca3b2b20831f10ce3e53
SHA512 bf54c5fe05e7aad7dd1ebfdae7f3e2139454ecfe9aadac861fc393f47a9014badaba6ed0d05941d063598ad493d44d7b0822d66c32a6d8e5c485e1790fe57412

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0a4a63415dece2a99021cce91c38acf9
SHA1 31f8b71f185baa875f9def6725a8c70434ba65f7
SHA256 f7d305110a93deac961acd1d05b01592c83db418266bd4038ac69bc65f3199d2
SHA512 6b3e900d1a5b378e0b079dd5ca2edc4a4fd0b69ce5b5d2d8fb521a2b84bdc721dfe1bc516dfc3177749835cc1c8a3a18c7b420572449457e7d9f931f4f985efe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006a

MD5 f5bc40498b73af1cc23f51ea60130601
SHA1 44de2c184cf4e0a2b9106756fc860df9ed584666
SHA256 c11b6273f0c5f039dfef3bf5d8efe45a2ecf65966e89eeb1a6c2277d712ae9fb
SHA512 9c993ef3ec746cbe937bbe32735410257f94ceb6f734d75e401fb78dc2e3ab3b7d83c086086f0e1230dc8dafd5328f9af664341eb781c72e67c4d84d1f6c1112

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0e81f57ba01116d6ebd60791eb4d1966
SHA1 ec2551b988b1735ee0dc1e7eba9b7805b836c5c4
SHA256 045ff3f8662b12638a6cf0c60ffbb6abb57a4d680e5d64b8284fd8e91cbfe694
SHA512 4f67ce8116a010c71b0827c8df2598d1c66489af94ef76b58424d183d0e892067b3c62abb17beabdede9a41dacded4a39ea03c3dec44b371e95b3362eaeb20b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 fc04295113e1a65f221b996f03c61f8d
SHA1 17e4f785e12b109ff9d0a41f91aedf206fcd9e8d
SHA256 bfbda5275c71538160f78450d341cb703cff77caef410c4018601dd58746015f
SHA512 4594988b15a89272f5cf96cd75fdb38b861ddeb89e0fe95ddcfd20e12b0366dcd83ac985513d6bac6bbfdc709a05f6b60a8e9facea63c72d50e5dfa4e546708f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 72960c2e999c95c46f448049b4dbc560
SHA1 54066eb3ef0e243b1609105ecb7e697439afd4f7
SHA256 82afddf87f6ecb7fc3f84725cf8fb5c107310453e12fc603e31200d0d80b6b66
SHA512 a65724bea189e611cce0d008c6944677a598570dc0eebc94675c54fe6ca9e1ab97a98d471600f2adaa4caa7ced899c1e1871dbd3f81f76f423c05c236c7ede88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7c3c7d6748c9ff5224c0369f4838fe32
SHA1 01e48c563a3e28febb52f262e037d1278073d09f
SHA256 8142e77df5ecb91bb8ae1373262ca13ac184e3278ed004dbe957dbf31bda7e18
SHA512 4150d9a2d60917a82ba12d3e051d04f7df513d5dd0f90a10ecc43b9116607c912b23a366adcd5c958d4e7d1922f5f9e5a753e3959d11734cf7630e72989b52ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5e1d88.TMP

MD5 7dee6d13e7b275b9503b2ce697524336
SHA1 2f1be17130dd92d41adaa1a435399442f9f23cc7
SHA256 7050d5bdf7667d11fc96cddb223301d952cf95c8e8700c1b3cc3e2864bb82cd6
SHA512 0a9601cf40e302c5e56ec83ab740ac5d602995db7ab081d254c1a3e3e535332ad711381c80867a3914dc380df88b651519f5aaf624817e2d574c3a83e297c722

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 99cb6039ac94a59f1a736d8a0bdffad9
SHA1 dc042333bbc3493b7b6c877b84cb77dc5c4cdcd1
SHA256 13538ed67ea93d1828867e66639b7bc6d00c454986ec8a0776c13ac43e580aa4
SHA512 308655aa1da24b33d9df1404b2c2247b98936b9f1538ad45a177f48b4ae41dfde162e94097a1d35b4fdb8ee9fa33f09215511f6545866e6243480f6e045679bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00006e

MD5 b7834ae987a248e3181fd3dab35e244f
SHA1 f09aa8b471fc9d3f02b18abc02f6bbff272e5423
SHA256 eecc688ed2db900401f394d85b64befae7ced6319af49678d5b104e1ee34f7d0
SHA512 67a89a3e7214119d14a9038f6e2b4930622d72c4e2f78c62df2c817f56334fe9f599e2d03698b63ae01b10d1709e966dbb7d081d7786e8a7fdeb5b15e2342fd3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b62ad683267903fac08acbb3369714f9
SHA1 176e0e6a8dc0f055908163e59919bac1381a3e2d
SHA256 d617313ad4ef152e2f587ebf0c7121de590c71cc68fef3ac9680550047de037d
SHA512 2532740a4fc4dcf0b077ab1d9741d7c1e69f19b2f974e3e9000d0bfc1a5ac8590618757a5b45d4995f60281ab23a4526dd6c9aaa3329ec367f78908819e9db18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3f8eb0eff578dcffd2dbf92f56eabe80
SHA1 2e613dc07dd9918f0517ec44db36fc0d69246a03
SHA256 a0a57344ec70a5adfa16fb70a9462f7a9cd86d3f4df7e95d47664f26d04e98a0
SHA512 e8f6245e61789c41cf07523c8c00917c4fe2eb8dc8bb7a50840103ad03d5e495f155b17993c65da78a99d70a7b506ccbf783790cd220f736335683a709ff0f19

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 d20c299b488b8d643b45da8d09a9d242
SHA1 deaab046f9bb1effcd4481825bafea30334456b3
SHA256 b83357ee7dc99adcf12236081087038f565978c3581e30ca551c25710a52d8d4
SHA512 32727954ee581b7e6954a31a1edc52594a07b8abe455d69f212bb1cad31a660b6bd47171bf497908d5a9b82f940dcb60f4f586521e62f72482901d57d99ff54c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 35117d2875d47f8cc38114113bc9466f
SHA1 d605c59162c01776d4f3c9b29b15ae4be6ddbf33
SHA256 5c2bef91a84d56afdcda0bdd8333815649e10248746d78da307a37bb1e70afb6
SHA512 2d32d74b6ba2a9370e392643c0d07109394e480aa85c798d9ef145211072e570b1a4c706bb136df39427beab6053a40c830c4e4763042c8e775179d7e48b4dfa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\68991a6d-a184-4799-b3e9-8ceada2f0e02.tmp

MD5 d9bc26f8687994dbb939808efb9976d6
SHA1 09a99b46b233c3caa37dc9d25bb65f6aa6b60010
SHA256 e549dc61151e78422b48e8d111a3401a37c80561eb87006b79f1768ce929fac5
SHA512 88d9354706970caa5f3abb9d55ee2ee53af957353de91cd7a24d09b7b1f6f0287f35e1f3340d1e11ebc3d133b508bee82f38775acde274357405a8cb786b8fac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 50d6c870135653c5bde7f5d1376278bf
SHA1 7808784cc7628c69efa2512dc8747fc3a179d772
SHA256 1ba14ad25049b6123abdf676e693e83f79e7ccf36a834eede837db8d7fc6c061
SHA512 4640a01e11f69ebbdb57eb6bb10011883067ed2a6e472559cd0f366660ed576bbddfe8f96b5013827100f925114634d18470ed5d2da50e232453df73e4337d1f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dfe2ae62ddbbd74420a215b9df742b6d
SHA1 d936485933c607620f2314591f120d424d685cf3
SHA256 503bd0389a24d210ef89454571bd52c63ed8aec2bb6530d7e240ed5f079f9eae
SHA512 7e54829cb0b7a1ee7b87bd7535c176acf5be3116eb9ac206c88ed8e90c8b69124bdee22c4df30fb0d7f36a28faa0862a8a215d2ab5cd687ed2e7736660b39242

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d7abde4b5d5df6dea0a29ae0b7f9e35e
SHA1 ddb637f0188f8413d35cc5d2e7cf45d3afebdfb6
SHA256 60f2b7207d6bf94851051d272820a321d7a34d207940e5bc8b8a7406f7a95b19
SHA512 0f9dd102c52cd29ca7ce703b186005418f339462162562a6b9e005363fb0b95d4c45c21f58576e7e1ddddb4eea05c0f1bc04dc8e9cd5ac46d6c21dc5273da075

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7536b3366c1a8ab3e95601f8627b8b64
SHA1 7ac2575cc744b61111e03a82cfbe0441bf4ffb6d
SHA256 a81cf7eef2afc9708d4e164cde154b02d2e1c0e077f5253c46c5edc0ee3653d4
SHA512 86902a23d06c6a2eb51a5f16e8bb213ad06a000cf8bb9fd2324c185b135e10b88a4887bac5f0ca21ec7e226c7eadf86be4884c24fd25918746b10d71f553fcd3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 5951998ebd5943bf376ae901027a67ef
SHA1 3f05aab74b904d15f5b1e1b1c45fe14839dbc6c4
SHA256 93a3bfe17b615ade9abb6b89794e3f3fa2da9d08adcb62dac2002765a9c04a7a
SHA512 34c8adf80b5c3bc8de7a4f3991d4a87917fcf9944985a5edfc54578f1537aabd3429fb5083359505ed848f501eb7ea23f0fe00d73952814d780c3260c0d6d806

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b4015cb7dad565285de47de2c36e859b
SHA1 cb23a80f3c56cff2e62bffb6be048628ee67383b
SHA256 a60838797a72d5d2895b639a86f88dee7a20f6c049805ddd8fb1d71795719672
SHA512 1dec8adc0737a633e72da208515de9d62c1354dbbdba4641d09d43f340860ec0d72dad262b34b381b86e2241bf8250bd47154d7bbc3d302199b398b8e7fcf54b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f546e127e93587bb65587bbb2e790f8e
SHA1 330f8f9e6a862c4d1abb369cf118ed59e4320288
SHA256 4a7e27d55e6665d69e67b6b9d40fbc28794b67cd8f53c45c4f9c9065fdbe5f55
SHA512 84c522862e08923fa3181c02f6c2b5becbf16781a11f7fb112f7b75922623622cef8fb276aae38e6842cfb66f648a7396c23df8c56e20e52f57bb18fea3f8b04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7fe2775bc93f0247fbf016968f9ca14a
SHA1 fd8d349e31ea9ae43a857f86dc6fea80fb194130
SHA256 4ba293136ede8854d9c7c181627167c00921229ec15550ce55a8c363f5200aa7
SHA512 014205bd71537d5d994d700d3886e8a979140e3370973507fc128fb613ba1bb576235150bdf61f195635162c38a7027e7814387cdbcce6f6a58b457a538f1422

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4a32f3e58d9c2857faed49161c271520
SHA1 d741afd5d60136c464b0a518ccf04d1af4725f93
SHA256 3fe6bec340f51e8ebbd9d9f482b02b19b5211cfa72ae20181ca84ddbe76c8238
SHA512 1f179f02637140d216a8f74a03a51a2d8399af238ad9bac31e332e313fab3be9a9f3c24cc791377c18d31a78dc6806e424a9e6382e25f375749674c5256022b6

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 48b0b3aaa5862b91b510621b7d6a28b3
SHA1 4df8ad9461e9ee41110f555bd10cea70f631a8d9
SHA256 0d9f864743ae6af672ab56fb4eb1087747ed0f00f9d90e2652b77f06340454e0
SHA512 a92f453cf845bffc7857897353ce3113868b3a9021c1cfb8352088acd07b948d5882a4360a0228aae031aa0f8da0c20fe7f3da6747ea335162f022fd44a77664

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fd9ec02bc57c9d4fb2df5b900962ec45
SHA1 f86956d146b65d8ecf76236a6ae2ca42636299a7
SHA256 502a5244fdc9548e7a520b3e5c44cf3b5326a8430444b7f4a5d12de12fdf8344
SHA512 1475df1c81fa4b9d2fcd8ad465c70af2358fdf20b3f360db82fb5e017d006c972d80fe0fe6b7d0850a3b41b82acaeacbf32aae7f48513ebc5b2a1df11e7344b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 79d7b6a4c3f553b00c77a223148788f3
SHA1 dfdedd9973f0f5a4e03240280a08cd49c385b016
SHA256 854b3998a59265120aa109d1055587049a76468e52c466387a5889a52cb2ea5e
SHA512 b1f883f537471afcda530c1a725d71af75134d48789075e772ab07ca0c10a7b209d495af0b76edf01b9e87a52e2c8c4a600c8f83369847ede0cb7af41e56b49c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3fb22cab24384a1b05be1ca681880d57
SHA1 22a197dd8f17d83f368a2520cdce77ed1e3b16a8
SHA256 e747188b30ee98568030d0767846d8d0164e8aaecd22dd6a11111f26f1160ad1
SHA512 86fef21febdf6ddf15f25a8e126a4c624ebe3dc416fb3d74859d50253de99a11629471fd3ec1e085790ee14cee24360bc4a73a42e323d007ea692757f8f68ecd

C:\Users\Admin\Downloads\BonziSetup.EXE

MD5 f275f72b431dc3d3f066a4892d62de09
SHA1 6b246a62699697d0a11bb6e3a11fc85e9f1731b6
SHA256 f7167f506ddd2d76329f7a8d77f235491bb75ca5825fa5176e8a5cf612b0e053
SHA512 078b06ea93e6eb307894b2df577442240d900426832a2333c80f4b0d45fd97d28a471d67ef8126f8cd07cdc4829a13646cb105954d5a283aeebdbe5458b5ba5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fd77410d205c9b75c35bbd806a32d647
SHA1 6d38446e31b092b5f4baef85a3f111e436e8c611
SHA256 bb24019f30da0cfc94347712884419926284dbafca2af2bda43330211420786e
SHA512 619d98cf0bd2edfaa4caecef0fc7215c987a31f53c2c9c1617d0f6475f3bf1b96abed184ad9c3d9ee6ed576486921a57399b9eff6f1dd223a437b1c3fdc46911

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 7e9f8e12e09bbc1e80c3ab0bd619acb9
SHA1 d68e0053ed8f28ead70aed668bb5f54e0cda4862
SHA256 d0f37a9db693088efeb12ffa0685c91a41331cf1e0d12514f1e71ae09430cb1b
SHA512 95e178771428bfce510f068b68f6307b31a9630469894bc48de6b27a9052a64a602d71aef6cd5f5a3271097602ece9fa57fe78161dad2f9bbeb5a07232528e28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ab3e831dbcc4bacbbae548752f3d59d2
SHA1 52167463bbcc3c07d03e2ca0a609d4a43478c795
SHA256 8623ace02949184d561f04ef9e73ce4f4f22b4ba5282cce85107872960c90b7e
SHA512 efa803e60d687c8de20a40d673ba2a6a22adf878d7bbf54d9488c9bc6b5345227a1bd9eedf26df7015611a3aa0684d71e8d8391dff665b7d7f574d4e8eed6b44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6d6b4b404ea0692118fcc454e6d508b2
SHA1 f41f3d7cbb3385c2215fa5ecb2b68b731e8acef6
SHA256 de42f3429bd2d71d8a6f0e3f28c1d78aa60249dc3ec701e26a02b8b6e8cd99ac
SHA512 f0fe8eec2792cb8c704472c5b04a80d398d7f64ea331de2d5d36fd695d825eb32a3b2b8dfce84337741719df9133bc753e26dcd4230c5d54e32b0b94007d5e04

C:\Users\Admin\Downloads\Security Terms.txt

MD5 38686f4e4480b225cdb5e2b686b81948
SHA1 3479f46ab9dfb5864c9cee1d7c7062d6d1b16ea5
SHA256 b444de6c7d9ff3b1d90100b757045b3331ae7024cce13cef46e952d2fb2151ca
SHA512 1cd5b966759115a7176e513f4ecc7ab9e127450634a55ce2a702a745b4d2d4229b585b604251c90c0592b7b34f63fbbc4087cd1d92ce29c4a1683392d7ecb843

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9681505165240e72a5194da5609f5aaf
SHA1 d17ab78a1d9f95ca7c5ed35711551e18135cd0d7
SHA256 072d84a41fba6f6c9ea953c6291a67458dc4fc6617a821bcb39c108f5d08fd4a
SHA512 e71a7a63068635a0012164834d9c9f6e7084718ee7550b339e7bd3a63b4d41ccc1ed049da140ed01619e0c197f3d6e02be7feadd7682324c302164ab968beff0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 cbba1363bf43cb304612460cb75525af
SHA1 b3004cbe9d03e525299c9f9bcf382b620ba3ed86
SHA256 9bf8d364ae26d84d270639216cd71e55261131b1dcdc13eb4339276fc9a2ddd7
SHA512 1792c875e3c0be106bf98b9f906ecb54ca4ae762f7c59a7c1aa28ebda2895d90e2c3c512a6edb3c7606a9bd812db31362dccd30722f0dd69c7e81ea36d254d20

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 476676868bd4d7e269e7c847752b521b
SHA1 d5964bc9dee668b1d97fddbe39f5a7a248180dd1
SHA256 2715b222c673fb194b90471b59faa754732e59c9ccb5e4d94e91504199659717
SHA512 3d5df3819a741286d405e8b26c00b42873e1da93be263b473d68fd957e0aef2a3acd1f5e0c8947faeda6d64dc4ca786260d4d3d7de37c1cfde5870f80a919fce

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

memory/212-2811-0x000001C0AC480000-0x000001C0AC481000-memory.dmp

memory/212-2813-0x000001C0AC480000-0x000001C0AC481000-memory.dmp

memory/212-2812-0x000001C0AC480000-0x000001C0AC481000-memory.dmp

memory/212-2817-0x000001C0AC480000-0x000001C0AC481000-memory.dmp

memory/212-2818-0x000001C0AC480000-0x000001C0AC481000-memory.dmp

memory/212-2823-0x000001C0AC480000-0x000001C0AC481000-memory.dmp

memory/212-2822-0x000001C0AC480000-0x000001C0AC481000-memory.dmp

memory/212-2821-0x000001C0AC480000-0x000001C0AC481000-memory.dmp

memory/212-2820-0x000001C0AC480000-0x000001C0AC481000-memory.dmp

memory/212-2819-0x000001C0AC480000-0x000001C0AC481000-memory.dmp

C:\Users\Admin\AppData\Roaming\bonzibuddy\Network\Network Persistent State

MD5 987801635fd964b5518ad9a61fa2e903
SHA1 aaa57bd563ef9c7eeebde78c0b25b292eca28d0c
SHA256 4504fb7f8453e7d15c6fb60bc155cdbeff0e293a7433c526b6df5e06b7cf3318
SHA512 f2f067acc26fa85bc8d9d1d5d769471d40ef6f062ca9b465f5dd6f4e465e436a571509adc7e64b0e1fa055f9177d1f7092cd2e8d3a84803d35d0cf9183887fdd

C:\Users\Admin\AppData\Roaming\bonzibuddy\Network\Network Persistent State~RFe63b6d2.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Roaming\bonzibuddy\GPUCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Roaming\bonzibuddy\GPUCache\data_1

MD5 2b5464bf18e69643fd1b59f8c15e6099
SHA1 47d8b1e53ba10ff02ce79c3bcc35fd3ee7833905
SHA256 fedc8c7a519eac4228a3081b078e31b0e69a64c8465ec212e30ec3f00b61a715
SHA512 a42cb4589b68043c894608c3f750d018589c500ad792f21eb416952ba3adbedb34f8a322590e4afe1085a6df910cea8cd7da9995d8340b071d96d17e9c1aad4a

C:\Users\Admin\AppData\Roaming\bonzibuddy\GPUCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Roaming\bonzibuddy\GPUCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Roaming\bonzibuddy\Session Storage\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d1cc3082edc63908c5edf81208cf5eb2
SHA1 6bb9d1247a645b0dae935147c913d173b7697c6d
SHA256 70f68c65e25c45ba3bd330959f2497f7ce0eb0917a1831b36ef70dde3f598433
SHA512 4a0c5db9134993d5c1e9da47aa2a4cf1565025d86f29afce9a2f95f21bed6b78afe9bc18bfe99b06f19e43e8bc46d4fd16a3a640a6f9d2585d45693ab03ff280

C:\Users\Admin\Downloads\WannaCry.7z

MD5 3d578d30f8947a0e4ca0b6e340c6f9d7
SHA1 d581d6caec9ebe4aef2e0d365c8163116d18383d
SHA256 6d8e3047582dfcece9e3284538ff46a16e1809de18b1a7543e2082ad0a009237
SHA512 ccca55db5214f271d94a6d24596f74ae08e0d5ab053b9fedce6670d817ca0cf9065a5db76216362045e0133e6644139e73c72129c165c337898594c5d385da37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4136960eede81b7d542c4f6639d8d98e
SHA1 27c3e72eeb72c3b58a5960116e654a0c739a0642
SHA256 dbe9655171d0490465f24228190afe28de69d6c25f9963614d41a819a8ab6129
SHA512 d4298d2ac98a444778e1adcf10bdea4bebcd13c89e08d2cae9e7ef8cc8171c84157de5927a69a3036bc57a59ab7ef7cd052539026514cfa09f7fb5920e060525

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 1068f3f977f1045f740e56acea6bb69a
SHA1 704a6f98b737c377b54674417c51492b96dfc157
SHA256 b7d653558c30c5793e190940aaf2c3ab832263828d003b599fbc50f618d396c0
SHA512 a7198b4c2e8a2bc7fc35774d7dff9bcba01703d5e55d493bd09d99996c7514beb87adc7395550ef107f2d1089aec3a3cc2bf1197293e2c59d1a249d270bc4e32

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f811a28c6977bf570230281ad84ed166
SHA1 38350a22f16bce21d51a15537b67794ec673b570
SHA256 1b11fb530caec03b2fc4d9a8bb633725ea3cdd5dfa45072373d72a03d2beac6d
SHA512 0405b84dd62f08399fc1dd96e4fe9cf4b961da7289cb92ed5fab4235de3a3177c49fa8b9471dc8e0f0eaf0a9250e67ecd3f74323aa49e17b2ad23b6ff78a90a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00009b

MD5 c15d33a9508923be839d315a999ab9c7
SHA1 d17f6e786a1464e13d4ec8e842f4eb121b103842
SHA256 65c99d3b9f1a1b905046e30d00a97f2d4d605e565c32917e7a89a35926e04b98
SHA512 959490e7ae26d4821170482d302e8772dd641ffbbe08cfee47f3aa2d7b1126dccd6dec5f1448ca71a4a8602981966ef8790ae0077429857367a33718b5097d06

C:\Users\Admin\Downloads\Password.txt

MD5 8c83214f1aaffc859430aba52265e564
SHA1 eb4e1de092bac5f908c0d2d3ea77c9c89f42ee5a
SHA256 b558f726038648032d89359abb03b53fd97057dd317a037e93080b00d174abd7
SHA512 2a627027874589a4447a6f5f6896558a2b63c6985dd585e0754aea4328b769b130b4bb35d6ad7b816e9ed973a74bdd85f6926aee2b75774dd891659e29998614

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dc5388b78d0541b25b1aa2953de31c1a
SHA1 1510052c1f98f7b9faa1442e234798be4b1802f7
SHA256 2345bb6d82975ccc8e27573044dbdb4bed2839317d3aad4547e2993053d1d558
SHA512 9d2149e5dce17ddf7f2e6bfa22475862f6fa4d0d61cc848cde01d3fbd4e4baeca1d22c116aa9b289ddab4d855f767b747dc4fe5ccee8e7dca11df77d9b8e78f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 04b143333e46504ae360f27e231ddf01
SHA1 a02afcf0434f97b148488c97f0bf058599f182d0
SHA256 0db12c12659fd26995bbf005f0d1872007d3872048f71fada3a21c8cea727b00
SHA512 addfc91908a5932a0052e1e02ce86262857e7c0e0358505129610f37ebf087148c28d1da42c2d230c16929ddb3197bf336aa19d87e34ce5ac79a29e3d194429e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9cb66506aad2cacba5ca41dff00cb151
SHA1 9a4b66df4befcf34eb3fa8020ba0809be4037443
SHA256 a4011b4a742042b2276b621354f9c6669130a91bea640c919efd82b95dda9874
SHA512 541dc2da000a1945671beeb0690cc57ef07ccefe285eee1574362b6f1dfc54d54d39f9bf3690b75243b4ca4102ea9be6f41f6bfb8472426f32dd597db548d27f

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\WannaCrypt0r.exe

MD5 84c82835a5d21bbcf75a61706d8ab549
SHA1 5ff465afaabcbf0150d1a3ab2c2e74f3a4426467
SHA256 ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa
SHA512 90723a50c20ba3643d625595fd6be8dcf88d70ff7f4b4719a88f055d5b3149a4231018ea30d375171507a147e59f73478c0c27948590794554d031e7d54b7244

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\msg\m_finnish.wnry

MD5 35c2f97eea8819b1caebd23fee732d8f
SHA1 e354d1cc43d6a39d9732adea5d3b0f57284255d2
SHA256 1adfee058b98206cb4fbe1a46d3ed62a11e1dee2c7ff521c1eef7c706e6a700e
SHA512 908149a6f5238fcccd86f7c374986d486590a0991ef5243f0cd9e63cc8e208158a9a812665233b09c3a478233d30f21e3d355b94f36b83644795556f147345bf

memory/4032-3133-0x0000000010000000-0x0000000010010000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 7dee743713309d8fdf1e6b33beac5e14
SHA1 6173f97e14f9c00173e1b17149901b46940a3cb4
SHA256 e8e1d1a5378b55742674857c2c9b582efde167ec2aa55cb2cebdbe0e896035a3
SHA512 9589c882a02f200939256bd200bb36438cb65ab593933564f22f98c7ac35752afaca69da464372a891d790120edd427e65a7e85491dda78df352142231bc449b

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected]

MD5 7bf2b57f2a205768755c07f238fb32cc
SHA1 45356a9dd616ed7161a3b9192e2f318d0ab5ad10
SHA256 b9c5d4339809e0ad9a00d4d3dd26fdf44a32819a54abf846bb9b560d81391c25
SHA512 91a39e919296cb5c6eccba710b780519d90035175aa460ec6dbe631324e5e5753bd8d87f395b5481bcd7e1ad623b31a34382d81faae06bef60ec28b49c3122a9

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\@[email protected]

MD5 f97d2e6f8d820dbd3b66f21137de4f09
SHA1 596799b75b5d60aa9cd45646f68e9c0bd06df252
SHA256 0e5ece918132a2b1a190906e74becb8e4ced36eec9f9d1c70f5da72ac4c6b92a
SHA512 efda21d83464a6a32fdeef93152ffd32a648130754fdd3635f7ff61cc1664f7fc050900f0f871b0ddd3a3846222bf62ab5df8eed42610a76be66fff5f7b4c4c0

C:\Users\Admin\AppData\Roaming\@[email protected]

MD5 23b45411367df7f539f3fa190c848276
SHA1 c40bdf1ff6ed6704a56d5fb24b44cb879100f2f0
SHA256 614760af221c643020a75c7e4b803e2e1debed2e2d4a220dec522a9283f36070
SHA512 426ded2544e21d48d86dcfcad3159d25b4202507cf6b3a14597e5d9939247c99cae0b8c352d9d47386573a10587bff798ea2a3f0096b962124ca472305ac990f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d3dfc3fb5361a5cd6c1ed354aa983e33
SHA1 0fc390a9b9f85a8852147342f69be2faaa98ecbe
SHA256 52f560cf6829ca24c81b143c1270759f6e1d7ad67c447f6a25f47a9da346a382
SHA512 23d5d1198729f574af030d74fc9ca6ba892d744da3d4cb5944e7fdb26afb8a5f203338dd06c23c93f83be8d67c5e9bd0b11e12d1d789e2fdb9a95062ec08295e

C:\Users\Default\Desktop\@[email protected]

MD5 c17170262312f3be7027bc2ca825bf0c
SHA1 f19eceda82973239a1fdc5826bce7691e5dcb4fb
SHA256 d5e0e8694ddc0548d8e6b87c83d50f4ab85c1debadb106d6a6a794c3e746f4fa
SHA512 c6160fd03ad659c8dd9cf2a83f9fdcd34f2db4f8f27f33c5afd52aced49dfa9ce4909211c221a0479dbbb6e6c985385557c495fc04d3400ff21a0fbbae42ee7c

C:\Users\Admin\AppData\Local\Temp\7zO084B9434\TaskData\Tor\tor.exe

MD5 fe7eb54691ad6e6af77f8a9a0b6de26d
SHA1 53912d33bec3375153b7e4e68b78d66dab62671a
SHA256 e48673680746fbe027e8982f62a83c298d6fb46ad9243de8e79b7e5a24dcd4eb
SHA512 8ac6dc5bb016afc869fcbb713f6a14d3692e866b94f4f1ee83b09a7506a8cb58768bd47e081cf6e97b2dacf9f9a6a8ca240d7d20d0b67dbd33238cc861deae8f

memory/5796-5351-0x0000000074370000-0x000000007458C000-memory.dmp

memory/5796-5350-0x00000000745B0000-0x0000000074632000-memory.dmp

memory/5796-5352-0x00000000745B0000-0x0000000074632000-memory.dmp

memory/5796-5354-0x0000000074370000-0x000000007458C000-memory.dmp

memory/5796-5355-0x00000000742C0000-0x00000000742E2000-memory.dmp

memory/5796-5353-0x0000000074230000-0x00000000742B2000-memory.dmp

memory/5796-5357-0x0000000000430000-0x000000000072E000-memory.dmp

memory/5796-5358-0x0000000074230000-0x00000000742B2000-memory.dmp

memory/5796-5359-0x00000000742C0000-0x00000000742E2000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 655069fbf8d7477ea5948c12c30cf4fb
SHA1 4749e937a4146140f53c62597275ababba098aa2
SHA256 d6d55a53b7df3afed4975ed20415f2a798a29786097b5ff220bf66b698341bf3
SHA512 115e16165be79cbecc39ba2a61f620a34132d59a892accae520a53034e89de9b9a86eea91e6b18ae503b656e558a7c7636bf92fb56f3487ab9cc0dd47a7f1d26

memory/5796-5371-0x0000000000430000-0x000000000072E000-memory.dmp

memory/5796-5372-0x00000000745B0000-0x0000000074632000-memory.dmp

memory/5796-5373-0x0000000074590000-0x00000000745AC000-memory.dmp

memory/5796-5377-0x0000000074230000-0x00000000742B2000-memory.dmp

memory/5796-5375-0x00000000742F0000-0x0000000074367000-memory.dmp

memory/5796-5374-0x0000000074370000-0x000000007458C000-memory.dmp

C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new

MD5 4340a1034ac15897858ff458e171b95b
SHA1 e050fa1cfefe3625d05fe80e4749f93989746c2f
SHA256 89f89d5fa001d72a200b2b59026f9c2149fd8fbde4b7402e006147f2bcd3f033
SHA512 dfbfd54ac56d7b3e0d6db7a8831a193d6a36903baaf973317439cd430edda2a9f80cfb4d8a00eb6742cadd198dfbf2baeccbd6739b083e2ff5956ec4871e65a3

memory/5796-5392-0x0000000074370000-0x000000007458C000-memory.dmp

memory/5796-5404-0x0000000000430000-0x000000000072E000-memory.dmp

memory/5796-5411-0x0000000000430000-0x000000000072E000-memory.dmp

memory/5796-5412-0x0000000000430000-0x000000000072E000-memory.dmp

memory/5796-5415-0x0000000074370000-0x000000007458C000-memory.dmp

memory/5796-5420-0x0000000000430000-0x000000000072E000-memory.dmp

memory/5796-5423-0x0000000074370000-0x000000007458C000-memory.dmp

memory/5796-5668-0x0000000000430000-0x000000000072E000-memory.dmp

memory/5796-5686-0x0000000000430000-0x000000000072E000-memory.dmp

memory/5796-5694-0x0000000000430000-0x000000000072E000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e92bfa97950458189c0910a032f98b42
SHA1 683094484a1652f8f40ccce7302588aa20f14001
SHA256 f3e497beacd17044b28888629624acd38bec7272a4e7718dac735cedeb80acde
SHA512 350df287b54da8073911683f57cfbbb9e35d4513ea70cc4edb906900f8d72d656f2faf97b26ce114cb70b9c053fe92cf8ca7c4701ec0ce22c2c4e1cc7f35eb43