Analysis Overview
SHA256
bce765dc1c317a4a09000a228a3ce7ba93d802fbb5c7934618f847f5c467aae0
Threat Level: Known bad
The file Setup.exe was found to be: Known bad.
Malicious Activity Summary
Lumma Stealer
Executes dropped EXE
Suspicious use of SetThreadContext
Drops file in System32 directory
Program crash
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies registry class
Suspicious behavior: GetForegroundWindowSpam
Modifies data under HKEY_USERS
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Checks SCSI registry key(s)
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-04-25 16:25
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-04-25 16:25
Reported
2024-04-25 16:32
Platform
win7-20240215-en
Max time kernel
220s
Max time network
389s
Command Line
Signatures
Program crash
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\WerFault.exe | C:\Users\Admin\AppData\Local\Temp\Setup.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Setup.exe
"C:\Users\Admin\AppData\Local\Temp\Setup.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2984 -s 256
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7109758,0x7fef7109768,0x7fef7109778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1148 --field-trial-handle=1164,i,10185269879078030013,14668939391816352013,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1496 --field-trial-handle=1164,i,10185269879078030013,14668939391816352013,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1600 --field-trial-handle=1164,i,10185269879078030013,14668939391816352013,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2288 --field-trial-handle=1164,i,10185269879078030013,14668939391816352013,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2296 --field-trial-handle=1164,i,10185269879078030013,14668939391816352013,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1308 --field-trial-handle=1164,i,10185269879078030013,14668939391816352013,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3308 --field-trial-handle=1164,i,10185269879078030013,14668939391816352013,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3452 --field-trial-handle=1164,i,10185269879078030013,14668939391816352013,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3568 --field-trial-handle=1164,i,10185269879078030013,14668939391816352013,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3500 --field-trial-handle=1164,i,10185269879078030013,14668939391816352013,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.204.78:443 | apis.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp |
Files
memory/2984-0-0x0000000001390000-0x0000000001404000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 14d8c5af6c0ded1a7d6dddea00a6042a |
| SHA1 | 5af668205b8b395ee30063d3ac52aef0ab2906bf |
| SHA256 | ca7004d89fb2adccc83820432a089a9ebc7b888136e122e31b135c3e2fefcb28 |
| SHA512 | 89c00d456e9b3a9b876f6e42a472239a4c45b4e460a434973a71e392176ffaa73d358e337a8536bd6a99368981bd0f313e6b9f9e080cde96fb6e05a1f7e58364 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ad198f701ca1daf78266d0d73bbf4d3a |
| SHA1 | 42398de0b7a0d52dbc30604c63458985924d97ae |
| SHA256 | 2824c32112d4799d2946b7b17ab76e70315430d37c6fbd563b6289bdd658ff89 |
| SHA512 | 01aec29422a70207a3d6931e108c7bf67e4b851ad7d5c6dd14054cfcaf619e77627058d001183456e083e2a8b2dbc93bcb9e9abf814f104ac0a795e4614ecd36 |
Analysis: behavioral2
Detonation Overview
Submitted
2024-04-25 16:25
Reported
2024-04-25 16:34
Platform
win10v2004-20240412-en
Max time kernel
497s
Max time network
490s
Command Line
Signatures
Lumma Stealer
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Desktop\lnstaller\Setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\lnstaller\Setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\lnstaller\Setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\lnstaller\Setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\lnstaller\Setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\lnstaller\Setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\lnstaller\Setup.exe | N/A |
| N/A | N/A | C:\Users\Admin\Desktop\lnstaller\Setup.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\System32\services.msc | C:\Windows\system32\mmc.exe | N/A |
Suspicious use of SetThreadContext
Program crash
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133585360043917148" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-2288054676-1871194608-3559553667-1000_Classes\Local Settings | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\taskmgr.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
| N/A | N/A | C:\Windows\system32\mmc.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Users\Admin\AppData\Local\Temp\Setup.exe
"C:\Users\Admin\AppData\Local\Temp\Setup.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 920 -ip 920
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 920 -s 632
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe2bc6ab58,0x7ffe2bc6ab68,0x7ffe2bc6ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2220 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2268 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3120 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3140 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4324 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4480 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4620 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4664 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4444 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4500 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0x7ff6cf02ae48,0x7ff6cf02ae58,0x7ff6cf02ae68
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4868 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4556 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2580 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2332 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2332 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5104 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5280 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5308 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5520 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3220 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3124 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:2
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4808 --field-trial-handle=1956,i,10136291355230513367,8035912393708728302,131072 /prefetch:8
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Desktop\lnstaller\" -spe -an -ai#7zMap28399:76:7zEvent3630
C:\Users\Admin\Desktop\lnstaller\Setup.exe
"C:\Users\Admin\Desktop\lnstaller\Setup.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4460 -ip 4460
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4460 -s 636
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\system32\mmc.exe
"C:\Windows\system32\mmc.exe" "C:\Windows\System32\services.msc"
C:\Windows\system32\werfault.exe
werfault.exe /h /shared Global\5f6a2a3d7060419c87414e82f6e55603 /t 1192 /p 3968
C:\Users\Admin\Desktop\lnstaller\Setup.exe
"C:\Users\Admin\Desktop\lnstaller\Setup.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3480 -ip 3480
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3480 -s 640
C:\Users\Admin\Desktop\lnstaller\Setup.exe
"C:\Users\Admin\Desktop\lnstaller\Setup.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 468 -p 2408 -ip 2408
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 2408 -s 628
C:\Users\Admin\Desktop\lnstaller\Setup.exe
"C:\Users\Admin\Desktop\lnstaller\Setup.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 616 -p 1120 -ip 1120
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 1120 -s 628
C:\Users\Admin\Desktop\lnstaller\Setup.exe
"C:\Users\Admin\Desktop\lnstaller\Setup.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 404 -p 3012 -ip 3012
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3012 -s 640
C:\Users\Admin\Desktop\lnstaller\Setup.exe
"C:\Users\Admin\Desktop\lnstaller\Setup.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 592 -p 3988 -ip 3988
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 3988 -s 628
C:\Users\Admin\Desktop\lnstaller\Setup.exe
"C:\Users\Admin\Desktop\lnstaller\Setup.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 600 -p 952 -ip 952
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 952 -s 204
C:\Users\Admin\Desktop\lnstaller\Setup.exe
"C:\Users\Admin\Desktop\lnstaller\Setup.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -pss -s 604 -p 4672 -ip 4672
C:\Windows\SysWOW64\WerFault.exe
C:\Windows\SysWOW64\WerFault.exe -u -p 4672 -s 628
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | alcojoldwograpciw.shop | udp |
| US | 104.21.48.243:443 | alcojoldwograpciw.shop | tcp |
| US | 8.8.8.8:53 | productivelookewr.shop | udp |
| US | 172.67.150.207:443 | productivelookewr.shop | tcp |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.48.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.228.82.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 207.150.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tolerateilusidjukl.shop | udp |
| US | 172.67.147.41:443 | tolerateilusidjukl.shop | tcp |
| US | 8.8.8.8:53 | shatterbreathepsw.shop | udp |
| US | 104.21.95.19:443 | shatterbreathepsw.shop | tcp |
| US | 8.8.8.8:53 | shortsvelventysjo.shop | udp |
| US | 172.67.216.69:443 | shortsvelventysjo.shop | tcp |
| NL | 23.62.61.89:443 | www.bing.com | tcp |
| NL | 23.62.61.89:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 41.147.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.32.209.4.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.95.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.114.53.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | incredibleextedwj.shop | udp |
| US | 104.21.86.106:443 | incredibleextedwj.shop | tcp |
| US | 8.8.8.8:53 | liabilitynighstjsko.shop | udp |
| US | 104.21.44.3:443 | liabilitynighstjsko.shop | tcp |
| US | 8.8.8.8:53 | 69.216.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 89.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.86.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | demonstationfukewko.shop | udp |
| US | 104.21.33.174:443 | demonstationfukewko.shop | tcp |
| US | 8.8.8.8:53 | 3.44.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 174.33.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.126.166.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| GB | 172.217.16.228:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.204.78:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 10.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.204.58.216.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.200.14:443 | clients2.google.com | udp |
| GB | 142.250.200.14:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 134.190.18.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 211.138.73.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.200.14:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 66.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | 5350.xg4ken.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| IE | 18.200.149.208:443 | 5350.xg4ken.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 208.149.200.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.114.21:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 21.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| IE | 18.200.149.208:443 | 5350.xg4ken.com | tcp |
| US | 8.8.8.8:53 | 48.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | repository-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 204.79.197.200:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 200.197.79.204.in-addr.arpa | udp |
| US | 8.8.8.8:53 | private-user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | bit.ly | udp |
| US | 67.199.248.10:443 | bit.ly | tcp |
| US | 67.199.248.10:443 | bit.ly | tcp |
| NL | 172.217.168.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 92.118.151.48:80 | 92.118.151.48 | tcp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| GB | 172.217.16.227:443 | beacons3.gvt2.com | tcp |
| GB | 172.217.16.227:443 | beacons3.gvt2.com | udp |
| US | 8.8.8.8:53 | 10.248.199.67.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.168.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 48.151.118.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| GB | 172.217.16.228:443 | www.google.com | udp |
| US | 8.8.8.8:53 | dnsleaktest.com | udp |
| US | 23.239.16.110:443 | dnsleaktest.com | tcp |
| US | 23.239.16.110:443 | dnsleaktest.com | tcp |
| US | 23.239.16.110:443 | dnsleaktest.com | tcp |
| US | 23.239.16.110:443 | dnsleaktest.com | tcp |
| US | 8.8.8.8:53 | www.dnsleaktest.com | udp |
| US | 8.8.8.8:53 | 110.16.239.23.in-addr.arpa | udp |
| US | 23.239.16.110:443 | www.dnsleaktest.com | tcp |
| US | 23.239.16.110:443 | www.dnsleaktest.com | tcp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| US | 173.194.213.94:443 | beacons2.gvt2.com | tcp |
| US | 173.194.213.94:443 | beacons2.gvt2.com | udp |
| NL | 172.217.168.195:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 94.213.194.173.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 104.21.48.243:443 | alcojoldwograpciw.shop | tcp |
| US | 172.67.150.207:443 | productivelookewr.shop | tcp |
| US | 172.67.147.41:443 | tolerateilusidjukl.shop | tcp |
| US | 104.21.95.19:443 | shatterbreathepsw.shop | tcp |
| US | 172.67.216.69:443 | shortsvelventysjo.shop | tcp |
| US | 104.21.86.106:443 | incredibleextedwj.shop | tcp |
| US | 104.21.44.3:443 | liabilitynighstjsko.shop | tcp |
| US | 8.8.8.8:53 | beacons3.gvt2.com | udp |
| GB | 172.217.16.227:443 | beacons3.gvt2.com | udp |
| US | 104.21.33.174:443 | demonstationfukewko.shop | tcp |
| US | 8.8.8.8:53 | 224.162.46.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | alcojoldwograpciw.shop | udp |
| US | 104.21.48.243:443 | alcojoldwograpciw.shop | tcp |
| US | 104.21.48.243:443 | alcojoldwograpciw.shop | tcp |
| US | 8.8.8.8:53 | productivelookewr.shop | udp |
| US | 104.21.11.250:443 | productivelookewr.shop | tcp |
| US | 104.21.11.250:443 | productivelookewr.shop | tcp |
| US | 8.8.8.8:53 | tolerateilusidjukl.shop | udp |
| US | 8.8.8.8:53 | 250.11.21.104.in-addr.arpa | udp |
| US | 172.67.147.41:443 | tolerateilusidjukl.shop | tcp |
| US | 172.67.147.41:443 | tolerateilusidjukl.shop | tcp |
| US | 8.8.8.8:53 | shatterbreathepsw.shop | udp |
| US | 104.21.95.19:443 | shatterbreathepsw.shop | tcp |
| US | 104.21.95.19:443 | shatterbreathepsw.shop | tcp |
| US | 8.8.8.8:53 | shortsvelventysjo.shop | udp |
| US | 172.67.216.69:443 | shortsvelventysjo.shop | tcp |
| US | 172.67.216.69:443 | shortsvelventysjo.shop | tcp |
| US | 8.8.8.8:53 | incredibleextedwj.shop | udp |
| US | 104.21.86.106:443 | incredibleextedwj.shop | tcp |
| US | 104.21.86.106:443 | incredibleextedwj.shop | tcp |
| US | 8.8.8.8:53 | liabilitynighstjsko.shop | udp |
| US | 172.67.192.138:443 | liabilitynighstjsko.shop | tcp |
| US | 172.67.192.138:443 | liabilitynighstjsko.shop | tcp |
| US | 8.8.8.8:53 | demonstationfukewko.shop | udp |
| US | 172.67.147.169:443 | demonstationfukewko.shop | tcp |
| US | 172.67.147.169:443 | demonstationfukewko.shop | tcp |
| US | 8.8.8.8:53 | 138.192.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.147.67.172.in-addr.arpa | udp |
| NL | 172.217.168.195:443 | beacons.gcp.gvt2.com | udp |
| US | 104.21.48.243:443 | alcojoldwograpciw.shop | tcp |
| US | 104.21.11.250:443 | productivelookewr.shop | tcp |
| US | 172.67.147.41:443 | tolerateilusidjukl.shop | tcp |
| US | 104.21.95.19:443 | shatterbreathepsw.shop | tcp |
| US | 172.67.216.69:443 | shortsvelventysjo.shop | tcp |
| US | 104.21.86.106:443 | incredibleextedwj.shop | tcp |
| US | 104.21.48.243:443 | alcojoldwograpciw.shop | tcp |
| US | 172.67.192.138:443 | liabilitynighstjsko.shop | tcp |
| US | 172.67.147.169:443 | demonstationfukewko.shop | tcp |
| US | 104.21.48.243:443 | alcojoldwograpciw.shop | tcp |
| US | 104.21.11.250:443 | productivelookewr.shop | tcp |
| US | 172.67.147.41:443 | tolerateilusidjukl.shop | tcp |
| US | 104.21.95.19:443 | shatterbreathepsw.shop | tcp |
| US | 104.21.11.250:443 | productivelookewr.shop | tcp |
| US | 172.67.216.69:443 | shortsvelventysjo.shop | tcp |
| US | 172.67.147.41:443 | tolerateilusidjukl.shop | tcp |
| US | 104.21.95.19:443 | shatterbreathepsw.shop | tcp |
| US | 172.67.216.69:443 | shortsvelventysjo.shop | tcp |
| US | 104.21.86.106:443 | incredibleextedwj.shop | tcp |
| US | 104.21.48.243:443 | alcojoldwograpciw.shop | tcp |
| US | 104.21.11.250:443 | productivelookewr.shop | tcp |
| US | 104.21.48.243:443 | alcojoldwograpciw.shop | tcp |
| US | 172.67.147.41:443 | tolerateilusidjukl.shop | tcp |
| US | 104.21.95.19:443 | shatterbreathepsw.shop | tcp |
| US | 104.21.11.250:443 | productivelookewr.shop | tcp |
| US | 172.67.216.69:443 | shortsvelventysjo.shop | tcp |
| US | 172.67.147.41:443 | tolerateilusidjukl.shop | tcp |
| US | 104.21.95.19:443 | shatterbreathepsw.shop | tcp |
| US | 104.21.86.106:443 | incredibleextedwj.shop | tcp |
| US | 172.67.216.69:443 | shortsvelventysjo.shop | tcp |
| US | 172.67.192.138:443 | liabilitynighstjsko.shop | tcp |
| US | 104.21.86.106:443 | incredibleextedwj.shop | tcp |
| US | 172.67.147.169:443 | demonstationfukewko.shop | tcp |
| US | 172.67.192.138:443 | liabilitynighstjsko.shop | tcp |
| US | 172.67.147.169:443 | demonstationfukewko.shop | tcp |
| US | 172.67.192.138:443 | liabilitynighstjsko.shop | tcp |
| US | 172.67.147.169:443 | demonstationfukewko.shop | tcp |
| US | 104.21.86.106:443 | incredibleextedwj.shop | tcp |
| US | 172.67.192.138:443 | liabilitynighstjsko.shop | tcp |
| US | 172.67.147.169:443 | demonstationfukewko.shop | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
Files
memory/920-0-0x0000000000DE0000-0x0000000000E54000-memory.dmp
memory/3412-1-0x0000000000400000-0x000000000044E000-memory.dmp
memory/3412-3-0x0000000000400000-0x000000000044E000-memory.dmp
memory/3412-4-0x0000000000400000-0x000000000044E000-memory.dmp
memory/920-5-0x0000000000DE0000-0x0000000000E54000-memory.dmp
memory/3412-6-0x0000000000400000-0x000000000044E000-memory.dmp
\??\pipe\crashpad_3976_HYBIHRWFQIRYSNVO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | bfc417f353c34822b90d2467e698f8cb |
| SHA1 | 341623b8705e7632f1ffa63f91216f1791d193ff |
| SHA256 | 279ab93de84d0927c9ea8a468284adf1c85a28fd32d285e94df22cfdd0ab3e08 |
| SHA512 | 392d1917cc2a1dcd93dd181ddfd6e8825a2e30ef95e4456624dfc1d3cd972c2a2d67c45a3bdc2b7bb4bc3a86302dbcaa3f0c2c26a2144adcfbebf7e9700ba433 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 85f0fa24ff1922f8b703930a39babfe6 |
| SHA1 | b6ff14ebbcde743f0bfa8125e783cb1da1316281 |
| SHA256 | 6bcf8701b25439bbd2b2db346d08cbc46dcf00d62976e8d4d8afeabd3646a952 |
| SHA512 | 2c3dc30d926f56c4f6a998baff58f98f6dc904baa6eb05a1f964bb88c307798040bbce7bb3d968110fa9dd649022f60506c4b07bb1f073ffcc62e40f4206289f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c050e618ddb12a0f5d60bfa2646d077b |
| SHA1 | 17b20aaf325df846c1d09e04b52266e957b460ce |
| SHA256 | f508f0f77da77b293b7892fe17a3528d5ca632f4e6d956948dbdaaff60f4d9a6 |
| SHA512 | 1680a2ee81adf67347fc1a1d453c6be4d58eb6c9409756af24cb665d4b788c2007d2523afd9cc2cff01912d551035391173f0539f50df2e0aa0506528b1d1676 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 8c150e5a66cb63b9bd0a3f93a0e1a7ed |
| SHA1 | 329c880f69154726e7d9ed12ffd8f4719abe36bd |
| SHA256 | fb4285120f1b20500fc1a055044ceff5b09791a1d6821e7c8b5abcf06474039b |
| SHA512 | 63055b6604449650f0d940bc1adfa7913c4ce66dd91427b459794334dba3e11a6beffa8af108140ee748db991ed32b438dacba38055561a44e463230218f923e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 77aceba3b298d18ff8ede1f93ebe2eeb |
| SHA1 | 471625937e99eebbf439c2fc370e9c85b787ec8d |
| SHA256 | cff78630cf9e82cb7af187593f94dde93734028001094e1b6cd72741652a27f8 |
| SHA512 | c6724ecf524e5ceefa92d507ed90a5aaf377d6f3d58eea2265939da176d7367ede6d53d32c8acdb0eb0e228a7313dc6d326af02d6fbf79fde48ca6bc0ffeac32 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fb86f13aa90f444b52d847ca7044df5a |
| SHA1 | d9179829bbff179758c45ee521d89dcd434249de |
| SHA256 | 3c4466604f9633b4cf85bf61e72a3a67acc1c5323576056353fcd975dbaf7162 |
| SHA512 | 2d20541e676e6fde7c1ca131d884b850ee78087da4a98b0c6704bf70364ef0977c2dbfbe5c8ccf83e6d697ae7597bf34bfc64af619b076f1e422f0ba0ba00019 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 27b9f11c9fa0eab9a8125ce17f86fc92 |
| SHA1 | 36283c68652b7c264c45259cb284485cf9889d4a |
| SHA256 | a97d65aab2add2e74481d00ea3decf99a62e4a6bd781f16b43351bc7d8d91587 |
| SHA512 | e1211144c2c5cc2725e80098bb773bcfd54c884cb054661f83249041acf59dba335eb2c555befa131fbbc7c815695693ba1fd429f082d193987e9a1f6e084620 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 6aaa9a88b4bf165b9e845162171a2acf |
| SHA1 | 2c887c0e223c5f63874f96866f32ad968b433c71 |
| SHA256 | 12ac444bbf80836f98349348a46af65351676d993e63d79df1631b5e10de3f7a |
| SHA512 | 3436a0c8ba65a4fd67b05ef505eff3215f99912f199c99eebc8694afca3e67f08d167f887107207d75f65b7d95b93f7cadb58dc354a0c7d1396a5f036068e941 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
| MD5 | e1831f8fadccd3ffa076214089522cea |
| SHA1 | 10acd26c218ff1bbbe6ac785eab5485045f61881 |
| SHA256 | 9b9a4a9191b023df1aa66258eb19fc64ae5356cfc97a9dda258c6cc8ba1059ac |
| SHA512 | 372c486ac381358cc301f32cd89b7a05da7380c03fa524147c2ddf3f5e23f9b57c17485aaedc85b413461a879afc42e729547b0c96c26c49bbdb7301cd064298 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017
| MD5 | 2b312fee4bff7fb9b399aa619ae1811d |
| SHA1 | cf5e3270ef62ea6ce023f9475dbf7ed67e10527c |
| SHA256 | fd5fb41882dfe849ea47547bf38b9abc435683d7473703b4cb37e8c28b1de4cb |
| SHA512 | 3a42c3a12da46656d8dca9b54651027873f42d2ec2e6e706a41b4b520d387f0c3c0388e3d117bd49174d7074079f3404c00b6141c8dd22d38ef1a257f52a9791 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016
| MD5 | 0c2234caae44ab13c90c9d322d937077 |
| SHA1 | 94b497520fcfb38d9fc900cad88cd636e9476f87 |
| SHA256 | d8e6f62282e12c18c930a147325de25aef1633a034eaf7a3ce8de1fb8de09912 |
| SHA512 | 66709f74b19499df1e06700e1c257e14a82ca4287194e4b177b3f333748d927f413c8c459a35e7e5a2f92d28410b0129f106d94e3dd85bc0dd0b986add83b18f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024
| MD5 | 9ccb3e387ecf1d1c32d33a33b61db8f3 |
| SHA1 | 9d6625afcaa4d6bfe223268ccf82ff32ea9532a3 |
| SHA256 | 3d34b64d0099f608de0e555d46338252a99d36f2a25af7180702c9966621fa0b |
| SHA512 | 05c3d41fd4115bd66c1a938ad644424f8df93f96ae27004c800e43acbc4b23568456574ceba605ea696fb594585811fedd0f9ec547a697344479e4d7516f65f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 135781ba0fc100cb4d8f970adfe2dc84 |
| SHA1 | 99b531f24b724b21ba0dd32481ddb6f8dcc2584e |
| SHA256 | ba7d42f359db1cd4f987b3ad63b460eca8209f1e32f2171068ff5ff1b4490dc7 |
| SHA512 | 0b07183cc05907a5ab324f4f8b49698811b5e858d857f986ea1c47d2cc6f726b32a6f56d6bfa75896ac83039aafc45ef29ea763493e51d8f6e8c6e82985514c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a61ab988f0120512766830091788a619 |
| SHA1 | 8812d03ab84ae6d13ea93b035fb372afb60ebc37 |
| SHA256 | dd62e78066bd83d6fa94233b0f666887da3cdca6d55aeb9e0eb9e87ab0818b57 |
| SHA512 | 2c4b21f813aac0042244fc7bbd20885ca6afa2205491f58a677e29b02f9b01d51ca48464f3e04a19477024e7ea34024fe88dbda8ea9c75e3e02ac45e732aab81 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a07f02f1ca46d30c69555acaa8118521 |
| SHA1 | 9ebc9652648c0607fa37e11ca375da29bbc7fcc1 |
| SHA256 | d3c8490b9c2ebea448e3f62a5625bc08e0657b2f9002b2cf9ce856d5401dba14 |
| SHA512 | 970fcaa789f86aa2889455d929a058e75fad8f9244df1cc67b255dd1a6addefcc549942686594c996c0d330d2472f0aecbd60194719dbddc4f2c7c071017c0a6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 140101d384a40a519844f876e5312ea6 |
| SHA1 | d09de78084cd6a9a7d475b9f7a34a68aa89d64c5 |
| SHA256 | 7ce84d29a7faab96e39a5e114432e72c2a3c63f75113a94905ded6bbb91625af |
| SHA512 | 99f64300579f4a8c8b6ab5c1a464a8c8b7ef5c942659213a6699dcd8890bc00a077fa81f5f210dccf48f4a1dff0c6459bae85fcab8f3df6e8f01ad35799732a3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5978b1.TMP
| MD5 | 371b57edf8dbfe516fc4ba062fbcc3a7 |
| SHA1 | d895c88f408391f60b3566027b6079fa003222af |
| SHA256 | 2834f28530df63dcb982ffc7758f4908386d23d6cfdf2530e975f8dc724c04c5 |
| SHA512 | e2b5967c086d9a6d017a607efd6a71c35cae480896e80d5e2696e6d9c66d8ba19385a361e194b492c8d05df9c0bbfafd0ab6b55c2ed76845ae188a05ed6fdebc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | e5a6dd6a28282650df7dbabd01c05e12 |
| SHA1 | 68bf943f2611f892a01c51ff8a9bfafb405ecc29 |
| SHA256 | 9d61dc8a774dabe4ef63c192c4fe99a62b671806bd209ddd6c296dc59b2ac963 |
| SHA512 | 5e9c7831c3b4078d8012397c57ca7944056e01ad79d229d6c5b5a20e90dffa3f2198a82e0b824311e05c337ab0a1127fad9ab3df5e780db7227d30b316b07601 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b2887dd61d0b929c4b73a94edef0d68c |
| SHA1 | ca23eb5dfc40c36ddace339237abec5b678b5f25 |
| SHA256 | b1748c070e9af0ec7d53da25bc0f13c4f401ffc50976b743c43844b2135b3a7c |
| SHA512 | 26cdfb0ff84273e8fbf19c82f505ae0c9884ff4aa707b9e2030132b64177278c332859a30802fbdcd31e85235bf0e7def5e6c583978f34f55ac3adb735db9f6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e41f6ca4c413bf70ac2ba30589c72cc8 |
| SHA1 | b5e846a4f5e7c70f8159f2ef8c44703f5434abb7 |
| SHA256 | caa92a998b1cbfaf047ca8772ad806d6d50a3047b6c689bd32f9a4efcfa8b913 |
| SHA512 | e204e2cdfdb0cf5d187e9d3774b5f60b2048275ac1ed4db95e0ca4c5e24324ddb29f8a123f00f701d439c553ced5f4f05fc42e23b3ecd4db9b6a529bd4a65f92 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ec0710c045db5e52e63d4b5b7ce05454 |
| SHA1 | ada5cfc4990c08307687ed0484b249a3960f5c42 |
| SHA256 | 19cc9602011aeb4c2b5e7f0fb500f42cf7188f2586e1cbcc075b0e7c434d1b45 |
| SHA512 | 964e4692c368c6b669263780d9991982c42a1d69bd62021ac7dee5cf4cc42e3493d740d8fe53ad5513ed2c52faed32fd671e31f5925cdd1642ef1606694cc3d4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a74e3f04b9980f569b2aec3e106c95bd |
| SHA1 | ccff2f045cc266ae62fc60f111fc4eaad6623147 |
| SHA256 | bd98c5a0a109ca45bacf2d3b0918ab2047bebea3c1efdaccc21534fca855e394 |
| SHA512 | ba4a11b88281275fc3a507e67698fc4e24db1feeea695941258cd6b592888f701a860534d8a955714153221ea43c1816b907f19cc13451373c9e5e5316c1b75c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1c2ccb29f9c19258385572a723e9a0f0 |
| SHA1 | b74e2a438b06d808fe35fd52ef160093a7979b3b |
| SHA256 | 96191fd8aba5dd50b9c1d99679680f54416af9415f96e107ac80e825a7ed82e6 |
| SHA512 | 71e011532ae7612a1956abe3128b23ecd33f66dbe3cc2c8b4e0f5a4aabb90dbbe9878e323859061e5fc2ac766f1fb113623440e498836254a0cb343c51f985f4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d395cd79070b16e6b3654d675c710d8d |
| SHA1 | c48d7c3e770493d20f4587354fcd0bc1a51548e0 |
| SHA256 | 81eb08618b9f805f56454c1fe025dcef682e272c2a36af646f3518a477b54dc1 |
| SHA512 | 2ed8cc004eb22cd070a2e8026f886f370d52ffca644673be20c3d79e34acd8760d926ef8225c2038aa477b23801b0e68fbb8e163cb8c45c19c6992d55deb5f4b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 8d884a0956d8ed604b0299341bf40c7a |
| SHA1 | 17e445705f3766e0a76880a0da0816a3bf0dcdce |
| SHA256 | 61d90dab400cb68f00abc6a9d4b298228cbaed541228ec7497239cb9dba9291c |
| SHA512 | b2bd30579016f5ca1a5c32b36edbf78087fcac641280f165f4f0f785167ae6b6236e6e7240716b19747d576bdd7aaa0086ac4abb22454133ceae049c66017cd5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 756c47a1559bf547e471be0ad3f02805 |
| SHA1 | 9f478f0faa553f9f7dfce8e6f2e9aa5585e788be |
| SHA256 | 27a98f1e010d53794a2eb975cbe8b31ca676611931ae613db711fbfc902b6a53 |
| SHA512 | 709f41cdd1ccaa41de74f9d370615cb37280a52a594710d66416ee673e51105635c56d93af1a6f938d93f99427a4b6c46cf381947554df8e8bcbd1f3c1a0de7f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e85092a4fd8203300f2e45a41c2c32e6 |
| SHA1 | 4a71da183b9f11ba1fa6371b6fd2ca62f99d0719 |
| SHA256 | 650493398044054b2dd63439f7891d3938abb0cf232b4006d8c1204d4d1849a9 |
| SHA512 | ec7fda24fb01761712043571b8d2e83ce3de06625073e0be1ce45f9dcb704fa59d05018b4ad0fdf8bfbfefbef919317eba6de7cc83eb8e1bff4b4c591cfe940e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 756555c8a249499ef04f34a32656b0d4 |
| SHA1 | 4615210e736c97d53271a17a3e27c21296b9aa14 |
| SHA256 | f7040ba8c47d4cb6979f1e435dc19aad8a068248eeba8e5ef05c11b596bb6b46 |
| SHA512 | 16c70a7cf60e3752f15b3118e0003829a28850411ba2328a74e70bbaaf0abf0d048e717183d566eba4ca89c623e228d2e484c95103f16c94f44f15d4686efdd2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 843648290740feb1cb7a519c73a37e91 |
| SHA1 | 9347fb317c2a19bf810c6a57c7987327516b6ff1 |
| SHA256 | 33e54cb9325eb13a4c8c123a06675dacef1604bf318ef7fcdfd52f0313f34d98 |
| SHA512 | 79dfa1cf5f33ab18410e0f358385b2ab9b5c9d727b2e8eb5477aebc3d7cf34c1126c334bd2988d385de7c33bdcac3f5f525c064653cf3f40522e3cd0a03eb3c1 |
C:\Users\Admin\Downloads\lnstaller.rar.crdownload
| MD5 | 9f929cbe6bcd1b5936c3a0bba0f88f95 |
| SHA1 | 787264956d5dcc3c32a1f7feb31986c39d696135 |
| SHA256 | 2c9b8de48fb7acc67737f9bc248a903a8f5ae1de237aa3d3ea50538d96927926 |
| SHA512 | 66d930d9f7c826e9050bff17efb309f2fe8529ec0a792cfa414f92c959e4b30fa03d77bbe43c39040b4fe4068f02c2c88b583621ea31c2ee6b23554bfdc9e984 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bca290ae6a2a551a32b9ad37d5758874 |
| SHA1 | 72b7bf8bf17424a5ddcbd31eae0439eb9c180f6d |
| SHA256 | 652f02a5a002e383d6bbddea089ada962b747ea52c1555b7437b8502309b15ca |
| SHA512 | cffc50c0f72a037f6405878a5d97382c4aa3082a860a873a5603685861ac182cad87dc95b4c419b14c4119688b50324e28deb38bd7b6e41f3db62d2b977dddb2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2bcf21d25ee2215eb7cc8533165f19ee |
| SHA1 | e11a5da531a7f947f7dde58cbca967bbd5d6ec1a |
| SHA256 | a7ecc12c40d6975e2d32e21c1c87c51494772af877d30147371a68044f271e84 |
| SHA512 | 7239eee2ceb6da41b3cc0fbba50e49e1ff8627deebbfebb9c7636bf8a9e368ede943d54c77870e3ff324980e0b947490ec32230dc1f70e904808495b88afcb41 |
C:\Users\Admin\Desktop\lnstaller\Setup.exe
| MD5 | ce9903e5b7a9e6c90024b0a464b41563 |
| SHA1 | f6d2a961a83eeff8d37fc8b43530451997a23966 |
| SHA256 | bce765dc1c317a4a09000a228a3ce7ba93d802fbb5c7934618f847f5c467aae0 |
| SHA512 | 3c7aae290acd1701a7035519db4dabc4a26ac36138cfa16947d3ee24cfc30df45fcad1cbd251802c9791a071fafeafe2ed3631f26f1806ca3295ab66a71d49e5 |
memory/4460-801-0x0000000000E60000-0x0000000000ED4000-memory.dmp
memory/3760-805-0x0000000000400000-0x000000000044E000-memory.dmp
memory/4460-806-0x0000000000E60000-0x0000000000ED4000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 0a833949a656dc7e10468cde76d2bffc |
| SHA1 | f7a73c9db5b455d8a76cfa19628b988f8aacdbe1 |
| SHA256 | a60b22a57fc8a8ab36da0faf8e79b263547e685e243649f2bab647d37eb72e13 |
| SHA512 | 1b8980e721562f332f430f8e9ad6d4ce098f150df7f7529ee3a71fdfd4fd4e996439b4ccbfc461c54dd23a292830f657c43155289cca3f6ada31542c27831976 |
memory/1264-818-0x000001AC79E50000-0x000001AC79E51000-memory.dmp
memory/1264-816-0x000001AC79E50000-0x000001AC79E51000-memory.dmp
memory/1264-817-0x000001AC79E50000-0x000001AC79E51000-memory.dmp
memory/1264-822-0x000001AC79E50000-0x000001AC79E51000-memory.dmp
memory/1264-823-0x000001AC79E50000-0x000001AC79E51000-memory.dmp
memory/1264-824-0x000001AC79E50000-0x000001AC79E51000-memory.dmp
memory/1264-825-0x000001AC79E50000-0x000001AC79E51000-memory.dmp
memory/1264-827-0x000001AC79E50000-0x000001AC79E51000-memory.dmp
memory/1264-826-0x000001AC79E50000-0x000001AC79E51000-memory.dmp
memory/1264-828-0x000001AC79E50000-0x000001AC79E51000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 99bbf9fdf4b7fc98c0614c49443ed40c |
| SHA1 | a0366cae1f0c4df96a6be554d73d9131fd9217c0 |
| SHA256 | 51568db7a92f655112aefa414585c968410b29820ceb1157dc0d5a6bfda21392 |
| SHA512 | 7d714d034adca78c133c47a8d8c10595f8856c78daf263d5d621d8aabce6bea511bfa7ea14e606b0cdf944a44caa26b468bab33ed1f78f108a1c375da51ffe09 |
memory/3480-846-0x0000000000E60000-0x0000000000ED4000-memory.dmp
memory/1668-849-0x0000000000400000-0x000000000044E000-memory.dmp
memory/2408-853-0x0000000000E60000-0x0000000000ED4000-memory.dmp
memory/2168-855-0x0000000000400000-0x000000000044E000-memory.dmp
memory/1668-856-0x0000000000400000-0x000000000044E000-memory.dmp
memory/1120-859-0x0000000000E60000-0x0000000000ED4000-memory.dmp
memory/3924-862-0x0000000000400000-0x000000000044E000-memory.dmp
memory/3012-865-0x0000000000E60000-0x0000000000ED4000-memory.dmp
memory/5092-868-0x0000000000400000-0x000000000044E000-memory.dmp
memory/3924-869-0x0000000000400000-0x000000000044E000-memory.dmp
memory/3988-872-0x0000000000E60000-0x0000000000ED4000-memory.dmp
memory/348-875-0x0000000000400000-0x000000000044E000-memory.dmp
memory/952-878-0x0000000000E60000-0x0000000000ED4000-memory.dmp
memory/4860-881-0x0000000000400000-0x000000000044E000-memory.dmp
memory/4672-883-0x0000000000E60000-0x0000000000ED4000-memory.dmp
memory/2724-887-0x0000000000400000-0x000000000044E000-memory.dmp
memory/4672-888-0x0000000000E60000-0x0000000000ED4000-memory.dmp
memory/348-889-0x0000000000400000-0x000000000044E000-memory.dmp
memory/2724-890-0x0000000000400000-0x000000000044E000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3846f93283d254e110e320dc9f83cb5a |
| SHA1 | 9ebaed07bb1e2f063f6ce32a45e27749548f32fe |
| SHA256 | 9968f18e8dea580d7c042e51902057de2cb752097ae31262e5457f665242911a |
| SHA512 | 734d6f203836d3023213968b801db0d3730debfea60e76e5d73f2900da4ce0cef88dedd00c528b0009face893ccd0588652846f71649a9adae8c3cb71c0a40ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | af4bb1f3a83245d3702f53f9de485b57 |
| SHA1 | cfde634719eb1703986946d47daf7ebb3dd8cf7a |
| SHA256 | dfc4df2eab5b882a6bcab96d5c108ec1bf9e1c474a289a21a9b8ed9db41d6041 |
| SHA512 | 2188b4a203ff9f3847f14938d038a5fec4b6cf793f80d2092320192a4a187e34eea69532e48c773eeaa658f69e619dfc1b48e6ca2e30a0c302aa9d57f9c7e3fa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4153896d17ef7d09a6cf2695e4c9005c |
| SHA1 | ea6a6f8f9115c09164f16847142d7213bb51f264 |
| SHA256 | 7d703aa6962c560d2f8c2ac780e5a69b280cbad90792e792ad73f334b5640fa3 |
| SHA512 | d3f47e6bd0a39c886832d3bcb7d8f70420ec6485f4e356789d1833bf5655a8855e12928f684059ecc92df6d40974cf297d70ff135c37c917251cdb19b0362c80 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | be0ec4302a6f392ea7f5c9cb24d4059d |
| SHA1 | 204a02b95ee1d859cc8db34bad403efa18ed88bb |
| SHA256 | a9fe88846839180e3df9488d551b645c1cac1fadc025aee9b18103fd10d05069 |
| SHA512 | f957acef05a9099667791f34b76799cb02e4123b4f79bbe669c1150ecc863b96a557022615c7d57194ae2b88a487ad667ac68629aa065c84df298e89a7a02060 |