Malware Analysis Report

2024-10-18 22:19

Sample ID 240423-nc5qvsff5t
Target poster copy.jpg
SHA256 59a5632736ce0a74810969b57eedc5b27d24b7867393cb92c37d1b1591b6be81
Tags
qr link
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

SHA256

59a5632736ce0a74810969b57eedc5b27d24b7867393cb92c37d1b1591b6be81

Threat Level: Shows suspicious behavior

The file poster copy.jpg was found to be: Shows suspicious behavior.

Malicious Activity Summary

qr link

Legitimate hosting services abused for malware hosting/C2

Enumerates physical storage devices

One or more HTTP URLs in qr code identified

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Modifies data under HKEY_USERS

NTFS ADS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-04-23 11:16

Signatures

One or more HTTP URLs in qr code identified

qr link

Analysis: behavioral1

Detonation Overview

Submitted

2024-04-23 11:16

Reported

2024-04-23 11:46

Platform

win11-20240412-en

Max time kernel

1487s

Max time network

1498s

Command Line

cmd /c "C:\Users\Admin\AppData\Local\Temp\poster copy.jpg"

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A drive.google.com N/A N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133583445883150005" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\BUG32.rar:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\BUG32 (1).rar:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3132 wrote to memory of 5040 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 5040 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 3832 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 1556 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 1556 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3132 wrote to memory of 2496 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\cmd.exe

cmd /c "C:\Users\Admin\AppData\Local\Temp\poster copy.jpg"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffb99ddab58,0x7ffb99ddab68,0x7ffb99ddab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1508 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2176 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3028 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3148 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4168 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4172 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4460 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4532 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4708 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4752 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4720 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4836 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3500 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4720 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4828 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4828 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5232 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5408 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=2764 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5772 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5860 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5988 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=4212 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=1200 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=4468 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5088 --field-trial-handle=1800,i,2317836693814460692,17087524644237368404,131072 /prefetch:2

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

Network

Country Destination Domain Proto
GB 216.58.213.4:443 www.google.com udp
GB 216.58.213.4:443 www.google.com tcp
GB 142.250.180.14:443 www.youtube.com udp
US 8.8.8.8:53 4.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
GB 216.58.212.206:443 www.youtube.com udp
GB 216.58.212.206:443 www.youtube.com tcp
GB 172.217.16.246:443 i.ytimg.com tcp
GB 172.217.16.246:443 i.ytimg.com tcp
GB 172.217.16.246:443 i.ytimg.com tcp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.16.246:443 i.ytimg.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
GB 142.250.200.6:443 static.doubleclick.net tcp
GB 142.250.179.226:443 googleads.g.doubleclick.net tcp
GB 142.250.200.10:443 content.googleapis.com tcp
GB 142.250.200.10:443 content.googleapis.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.108.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 6.200.250.142.in-addr.arpa udp
US 140.82.113.22:443 collector.github.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 185.199.108.133:443 user-images.githubusercontent.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 142.250.178.1:443 drive.usercontent.google.com tcp
US 157.245.113.153:443 tiny.cc tcp
US 157.245.113.153:443 tiny.cc tcp
GB 172.217.169.46:443 www.youtube.com udp
GB 142.250.178.14:443 play.google.com tcp
GB 142.250.200.3:443 ssl.gstatic.com tcp
GB 142.250.200.3:443 ssl.gstatic.com tcp
NL 173.194.69.84:443 accounts.google.com udp
GB 172.217.16.234:443 content.googleapis.com tcp
GB 172.217.16.234:443 content.googleapis.com udp
GB 142.250.187.202:443 content.googleapis.com udp
GB 142.250.178.14:443 play.google.com udp
GB 216.58.204.74:443 content.googleapis.com tcp
GB 216.58.204.74:443 content.googleapis.com tcp
GB 142.250.180.1:443 lh3.googleusercontent.com udp
GB 216.58.204.74:443 content.googleapis.com udp
GB 142.250.187.206:443 docs.google.com tcp
GB 142.250.178.14:443 play.google.com udp
NL 173.194.69.84:443 accounts.google.com udp
GB 172.217.16.234:443 content.googleapis.com udp
GB 216.58.204.74:443 content.googleapis.com udp
US 192.178.49.163:443 beacons.gcp.gvt2.com tcp
US 192.178.49.163:443 beacons.gcp.gvt2.com udp
ID 142.251.221.131:443 beacons2.gvt2.com tcp
ID 142.251.221.131:443 beacons2.gvt2.com tcp
ID 142.251.221.131:443 beacons2.gvt2.com udp
NL 173.194.69.84:443 accounts.google.com udp
GB 142.250.180.14:443 www.youtube.com udp
GB 142.250.179.238:443 google.com tcp
GB 142.250.180.14:443 www.youtube.com tcp
NL 173.194.69.84:443 accounts.google.com tcp
US 34.161.115.43:443 e2c65.gcp.gvt2.com tcp
BE 35.240.1.200:443 e2c14.gcp.gvt2.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 172.217.169.46:443 www.youtube.com udp
GB 142.250.178.1:443 drive.usercontent.google.com udp
GB 142.250.200.3:443 ssl.gstatic.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 192.178.48.227:443 beacons.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 192.178.48.227:443 beacons.gvt2.com udp
GB 20.26.156.210:443 api.github.com tcp
GB 142.250.178.14:443 play.google.com udp
NL 23.62.61.88:443 www.bing.com tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 54.120.234.20.in-addr.arpa udp

Files

\??\pipe\crashpad_3132_ERVGDAIFOEGHXICM

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 26d2f7c0d6ba4f1b118e036c74208578
SHA1 bab7346036c08e5fe994463ecc63cd55275a8150
SHA256 4e0c14a16a08f8cad745d26daab8c0864d0c1040ce19dc0c631c99b4e4d9c1cb
SHA512 bc2d2a418a3f64cc8b5006637f281a7ca39a7264aea18e65b68dc0abf9014d2422c66b73b9830fbc8157751b8dfa8222013bd4f2efc52adc6073412ff51b6305

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3c724e232eb601ef9802e49b26983bda
SHA1 6e6647b1c834e16d1dc6fc84183fcc92cf202448
SHA256 6638041f0efeb1dd58c18973b953ab4e19e6f7fbb0953789d5818ea1299d9155
SHA512 994ca5106d38aaa492a732a448a6ab8584f1909348cc04d090c62a90b0a4ce22ba1b3bc26954834b50028336555c552a9365bcadbd087ca19c0698eb1bb921ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a076eee502514d8782c3b8162c802e23
SHA1 431c15009f7eb1d8050f2cd5b7f23a8ed46891c1
SHA256 02297a199d1b4183f216efe62a59a2473992615a668e90d6036a69b4df941807
SHA512 b09296fe9fdfab1d98784826cd0088714ef98c1cc07fc84ea45d967d17c66fed9f93657f34f9390bf87600d53d3700f11a4cd5acba3067ed623c31c0b1be52f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 ba7c13c16e47d6e899be94582cc73ee9
SHA1 9482856a3c320c18379189ee685c6fbbd22662e6
SHA256 590581dc1e32e6f324d15bfd02544737b46c297aba6db1e545934da197e63652
SHA512 539bba869e16552ce0eaf77a28456394a34be6d7b509e4a21e5bcb4c47dec80ea661e622f978729733b6af12eb6819ad7e5aec1adc3d2cd99eca5a34ec92b7a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ae1bccd6831ebfe5ad03b482ee266e4f
SHA1 01f4179f48f1af383b275d7ee338dd160b6f558a
SHA256 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649
SHA512 baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57a9fb.TMP

MD5 307567e084a54a67d95874a5a5f7a946
SHA1 1ee6871b730967daebd785f2919c6d370c4a72a9
SHA256 326fccdc9cce54a404bddb04155dbeba06d0981dbe09c0a631fd7ac67c9e2a3e
SHA512 ac8a635e81907ed4a17834565720b9be69654a3ab6ec43725003ad6f50c0302811f073f22cc0eccc5bc2c330f59fd90aad598bb2492b90e83e7b6a5b36a63caf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a7a14b8f1269149ac7b34c76147f9d5b
SHA1 3e13012e52ed8c678c72c73ce66a356bf2feda93
SHA256 2179f677bbd3366d608be20bbf0522cbf67d3f3dc8ca42dc694b5da9a5f9c21d
SHA512 773a15a01b3fcf0babde67046de4d88f2060d3a803a867ab063466ae5e41e6fba38797b8b659de127060992013d537611079bca808e82eca8d923a2ebfed790c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ed2e8b24df905da070a3efb44434d87
SHA1 deba3f28171951ebdbcb99797b6c764fb4eece48
SHA256 b308dd41ebc8812a654f3e0f438092dcfb2bde952ecea426779ad0bbb4e072af
SHA512 d9fe3337f8e1f9930f823cbfb86753f0e2cced018f04ea003dd1987c8047358168d0113370365ffc3d63d6660b47a8c61fab1e9717d1ed6492c43f0dbba0d943

C:\Users\Admin\Downloads\BUG32.rar.crdownload

MD5 bb3451472e92540643074f3046a58288
SHA1 709f6cf0c6504dd2052ab7fc7f67e0230f77a203
SHA256 0b1d32d337881347c6451823ac5469568e8ed4f46692f50b52d70391ebfb672e
SHA512 a4a3035c21bb1eabc71ace4b67b015d15f839168fb8bca1b9528a35b2effc0c95b78b31edc2c54ceb52a3a3d8cf3797280c556ebe6912b7805d77dcf1eb8592c

C:\Users\Admin\Downloads\BUG32.rar:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000031

MD5 4b419751b95602190e663dcfb4397186
SHA1 584625bb902af71e0d551a72995cce18736bf738
SHA256 566e5021669d6f9d13f9af0fc133ffdb0d2f7b5ad5698aecbbfe1de1c9751ba2
SHA512 60d3976779651bf7652fe6e5e9bf2ed251439ee04a891d3dd5112cac2b7ae6b70cd7cc7a49cf2b71931a3308ebdf945a5254d60a6789ebbbcc749ea2742d0eeb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57f433.TMP

MD5 373f6044a2c5bee805145a7642506c58
SHA1 dcdbccefc581b6d34a01544c3a9b7efe46c895ec
SHA256 0ff82acd85cedb6c6a978e0e02e9386e97773209fb9d48d4b3452e91885c93a6
SHA512 a674ed0845a6e05903093445f4260eee259304d94e62bea5ff392e88ac8c0fb7ec3cc115714972ad69bf85d2a317a4081a79c076769080fba1b5f79280f1f331

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 1e0ef8365186543207e64b6765480287
SHA1 70da4f1406cd066c19a210977759d05d680a62f6
SHA256 b8cbd47e2a33b685182696f0af823d1b6292395017ae27bc25531ab9a01da5a9
SHA512 9d0c14feb9424f547d83029b6eb2b87d93ab912f5a798a000d852b84fc67d31ebc18d514b1288f819e7f967d36de882d505ed5e74ab157f50f8e12a9859e05eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a5726baedf0829e4d30f860c3d4a6b46
SHA1 8c205a811b4667c8eda88f09d4c67d1d0353c4c4
SHA256 1826277506ae487f1a4f23bc580a694fa8e915ed5616f4572fa79825a3187ba4
SHA512 670e79899cb05187c9be826907ed1d6c3f0c688afdc83a68cbe8c728b4ddbce392c98460afbcdc0e22bd59da521186d17cd1e999d82462a51b62b25e1260dcd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f4aa21b7d181decd56670966e9cda336
SHA1 14bb950de825845457649b91a6111f372c7bf2eb
SHA256 c30fcd996ecc6f9a2db1b46566b9744c43ceb602d7871a40f88220d18296da24
SHA512 3caea9e79e276ab9113a5413c0baed49626423c1c06740b2ceffaf17a75639571aceba36911743303746bae3ba2c17dc8dedf650b4592bba3301575b6e95f0d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e6768400062b0976a730d17c38d413cb
SHA1 6261c48c848e72fe39cb46944017f3618b3095bf
SHA256 b031a6caffe59716037c2a5c7243b1c6ea902f27e403735c8076776123355835
SHA512 aec92d29c88cd259d04ff52adb50f3d7868ddbacfa53d24fb2e83141cea754a2ab47eb8841bfe75fca256f610e5491c5f9333282a2701fc270afff939d8cf449

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 86d3bc380e0d9beb9a74b82cdafa7118
SHA1 9efe02d9fc4a9c8495cbafaf1ed5256abdb90b09
SHA256 d2726e25a3c9159f3e7d15bbb73c75459e06f42c252518233fdf55e5c67a4677
SHA512 eadfc592462086a2056055d58e66d749eb05b5103138df946d6e113ebcad761920f3d592592fa6cbdbdf976c6c1a051834021c60b93b023b187aefe3b24d4e6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1b7f0cd307f0a74820920bbe7426a1cb
SHA1 79907640eb2272574c93a3d25dd1232540d582b8
SHA256 482a04d47346fe796bd26c888098666484252f115453fef970349efe5f3c3510
SHA512 0b5aa655de4142359343d05adea372e0f9dd6c314a3e37c2525727254e3ae19b41e50815d7f73a22eec346c3a98fb0ba3821f711855db19f361eaff6e8cb5096

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 040d4e1c8c66e7c58d8417153871fef5
SHA1 f2f913e589bf864277b7547a1389981e9b13a202
SHA256 597e347cba9c1f4639362e230820688638557efc9549190efed1ee7cf5bde8d2
SHA512 562d4dd103dab3666900c079c87ac69012e5229b7d9614bb8b0c52e9249575f5458bee846856b47f0157c81a146fd16c3c09c20c2989f3cb066bb05091d0d347

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 320b69fb09ddef7dc4b23e06f6af59b6
SHA1 a2cd05681699243eee6eaec1baca8f71148a358c
SHA256 451dfad8682f9b782c15abff0c7e4cc96d5d261906a8e71dc07f32dab15f8126
SHA512 063d385122700de7c9e43d4c68135dd7dca27dd543b516967bc0d79bf6cc892eef0266453e18b914ae6226782b397d76d68294177ebc8409e5ddd02c89ef1d5a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c54e8aab54d1f403fd2aeefe1df7dd39
SHA1 a68a6d7ae0b369b2c5277436ac55b1c1ca991521
SHA256 aa158b35efabb3936ff4c2c217bf5b16d070a0ebe4c7299f359ed3c0a0169721
SHA512 16164f07d68dd607edf92b1e4638f3264dd5f52992d3673b97df6647e94035307416c53b63732805cb8b4b45b805ba66d743719970c2b79c83dd59a0c2c9e8f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ac7cac3fb0fc6d34cea6a78ff04b23f0
SHA1 9f21b5792eb27a2eecafaeb65306b49c66cb90e6
SHA256 12e8c569bf1ded81f16f489542ecdf7717308c72c66ca0a05d34bb1204485406
SHA512 741e520845a1bfb7803a41da2484a9cb3a25ade4d1fa1e7993be4f33c17bc4e59a55bdbb5f6ba4330d463b56a2dfe3f1189f5462f828c3143eced690645e356e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 391c98788572acae0235e90618795d8c
SHA1 d60fe013da94f1db934f19d903f63ab3e7d10a50
SHA256 5fbd3e2d4fc2e85b8bbd3080c837e01b69d548ccc1dc48f255ac652a9a54c233
SHA512 dd3475349b37fab9b3cd4b9c71a558962629a493a31db67c19c2b093fc85d9bcd9efa2ef17fdcf19389642c11f7dc50e74212692fd99f89ceb65e45c63aff97a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d2698c0fd14e14814f8a57f8d9ef4ea9
SHA1 fc25c2d0213c7d393fff2943e8c47758a5f6a3e0
SHA256 8a20eed02cdea240e8b7d76eab681171a05dbfb18e171ef8a193a8bddcccdaf2
SHA512 253bb68f50fa350af847cc35ca78bde6ef702aa38a2cd1a157b32fc4e0bf462426593958b44973191a5aa485c396c6e34f13a04b0faec3690f7962f50493b73b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 62d7010d540e9cdad6bb8d5c32288b05
SHA1 74889d550569bd1bcd8808a7534f8782b63fd476
SHA256 ff60e396b7f025c47ce3d30ea44ebf1026e68062de09231ac4c1841b0533326d
SHA512 4f114da9336b2da6721a735903d1ee0b1d24d1549ff7b09bb6b0c1670824cb1e88cfc40804e8cc21136cfbb8b0c4ac972cd45215d76f1ebeb1597f252bc76432

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 6b4aa61332dfb097b81afcca20a5790c
SHA1 817793ece1f828f021b544b7b040dd3b81aae057
SHA256 7d0dc335dd1897dfcea97afedabae13c7bda9d12c9e1cd73a3b1b41eeff0c4d4
SHA512 9542d05d3a8e7b3d09c7f56e1df716ba7d843253e532c3ba28041b00de58ac3934475d07448be1074b2ab9889ada84c28d4c29397b71b529245946bd9ac68564

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0ce3f80bef2f09331a83fd742034aa3a
SHA1 61056b8cc00996605ed2fbd2fcb40fb7cb30f6e3
SHA256 de158a5953461703e7dd5e749c94bfbf493c8c6a8243f8223966dbc35e50bdc7
SHA512 90f42bbdb6a6643d866d1aad7eae6fe96c985e5c8a6c1ed2206eae9d1704abbe0ef315848be9456fdc6462aa3a1a04321ab0eee07c8db9ad0bd3b4156650cd3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 82be417f74f2dd45f5a737a41b604faa
SHA1 e366efa515b22ddd6d591432e5d00aa0691002e7
SHA256 61872e10ac79552ee466eb13ca45dcf2b47a8cffd73b3be6e868af1e3a2c3fd5
SHA512 89d9c2af31cfa1a5b0bac19a0e10fd46097cbe7650175d95a3e9fc8859356794156f99e49f57083e60961d915bf678609f08f8bf4ae7787e323d983c3511b9de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5c35de05a5dd71f580aaadbfe2ec35e0
SHA1 277744c88a6e5607fd8471830f6a8f95ae1c58e8
SHA256 d86a95e7e7f0b1e0767553ebf37f3ec3258c4d59f00bf76206e0c9c994f03407
SHA512 a5cd2935ba26371604c7f9d9a5edd70eb3803e4512fbbc58a5795b98e1bfb1d4154b0fe93451f768a0d5b0dcf376f1bf42a6a8db15329583ddb49c450c57eec0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 fde21ea0e515dd192796c7cb97095033
SHA1 577cb49ebad2f98dd99d3abb1bd2bbc10aa49bcf
SHA256 374abb38e0fa78c3cef588a9f8cf80bcd52adab3ddfec20f51c8df7c1df71e98
SHA512 33a56c4d42d5169d41ec8090aaf3d0e8c4729bd628bad95cc5e1ca95f7ddd794d302d951a849857f1b676c8d24bc4ff78c22f98194c8dc3914e7c1c3cba8ba0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 04e09d86ae8f903c42bf2aca0ef6f22f
SHA1 91201b620de548ba1774e19fadf232f1b1e1bf77
SHA256 cb8b4e6414b08c35ea869014f86df0b63a7bdcce11b3171ba9ec74b5bb792d0d
SHA512 c4b05f3fbdfc7e90fa940256a34366dd843db75e17f8eb6510edb3f8441ec9785750906c85c6f9ce5ccbd7c1f7aa193e660897a30a3bac635929a763aa0b2bbb