Analysis Overview
SHA256
69cfabd220265bdc9dec149bf14ba3a55d595e7a5106363887f536be6ab0ddfe
Threat Level: Likely malicious
The file 486d07b44ecb8aedd18daa8fa0493822.png was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Registers COM server for autorun
Loads dropped DLL
Executes dropped EXE
Modifies file permissions
UPX packed file
Enumerates connected drives
Checks installed software on the system
Blocklisted process makes network request
Adds Run key to start application
Installs/modifies Browser Helper Object
Drops file in System32 directory
Drops file in Windows directory
Drops file in Program Files directory
Enumerates physical storage devices
Modifies Internet Explorer settings
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious behavior: GetForegroundWindowSpam
Uses Volume Shadow Copy service COM API
Suspicious behavior: EnumeratesProcesses
Uses Volume Shadow Copy WMI provider
Suspicious use of WriteProcessMemory
Modifies data under HKEY_USERS
Checks processor information in registry
Uses Task Scheduler COM API
Suspicious use of SendNotifyMessage
Enumerates system info in registry
Modifies system certificate store
Suspicious use of SetWindowsHookEx
Suspicious use of FindShellTrayWindow
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-01 08:03
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-01 08:03
Reported
2024-05-01 08:49
Platform
win7-20240221-en
Max time kernel
371s
Max time network
811s
Command Line
Signatures
Downloads MZ/PE file
Executes dropped EXE
Loads dropped DLL
Modifies file permissions
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\icacls.exe | N/A |
Registers COM server for autorun
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0323-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0386-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0276-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0173-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0009-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0073-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0115-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0155-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0163-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0281-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0014-0002-0065-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0201-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0094-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0111-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0171-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0097-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0048-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0076-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0081-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0101-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0332-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0001-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0010-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0285-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0073-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0116-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0067-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0050-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0091-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0125-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0031-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0278-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0031-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0125-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0294-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0082-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0296-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0374-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0072-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0087-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0237-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0353-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0143-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0188-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0356-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0238-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0032-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0063-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0259-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0318-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0032-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0125-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0014-0002-0092-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0121-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0087-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0225-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0069-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0196-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0296-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0035-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0397-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
UPX packed file
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Adds Run key to start application
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\SunJavaUpdateSched = "\"C:\\Program Files (x86)\\Common Files\\Java\\Java Update\\jusched.exe\"" | C:\Windows\system32\msiexec.exe | N/A |
Blocklisted process makes network request
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
| N/A | N/A | C:\Windows\system32\msiexec.exe | N/A |
Checks installed software on the system
Enumerates connected drives
| Description | Indicator | Process | Target |
| File opened (read-only) | \??\B: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\H: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\L: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\X: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\V: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Y: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Z: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\I: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\N: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\Q: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\T: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\G: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\K: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\M: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\R: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\P: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\S: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\U: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\W: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\A: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\E: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\J: | C:\Windows\system32\msiexec.exe | N/A |
| File opened (read-only) | \??\O: | C:\Windows\system32\msiexec.exe | N/A |
Installs/modifies Browser Helper Object
| Description | Indicator | Process | Target |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435B-BC74-9C25C1C588A9} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}\NoExplorer = "1" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}\NoExplorer = "1" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\system32\WindowsAccessBridge-64.dll | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| File opened for modification | C:\Windows\system32\WindowsAccessBridge-64.dll | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
Drops file in Program Files directory
| Description | Indicator | Process | Target |
| File created | C:\Program Files\Java\jre-1.8\legal\jdk\xerces.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\java-rmi.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\ext\nashorn.jar | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\verify.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\ext\sunmscapi.jar | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Program Files (x86)\Common Files\Oracle\Java\javapath | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-memory-l1-1-0.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\javafx\public_suffix.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\msvcp140_1.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\fontmanager.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\prism_d3d.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\jdk\relaxngom.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\images\cursors\win32_LinkDrop32x32.gif | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\javafx\icu_web.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-heap-l1-1-0.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\classlist | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-private-l1-1-0.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-processthreads-l1-1-0.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\policytool.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\images\cursors\win32_MoveDrop32x32.gif | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\security\java.policy | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\bci.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\jjs.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\javafx_iio.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-string-l1-1-0.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\management-agent.jar | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\plugin2\vcruntime140.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\npt.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\rt.jar | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\security\blacklist | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\calendars.properties | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\fonts\LucidaTypewriterBold.ttf | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\tnameserv.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\java_crw_demo.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\deploy\messages_zh_HK.properties | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\javafx\jpeg_fx.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\psfontj2d.properties | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\server\classes.jsa | C:\Program Files\Java\jre-1.8\bin\javaw.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-processthreads-l1-1-1.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\jdk\santuario.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\keytool.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\charsets.jar | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\jdk\zlib.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\JAWTAccessBridge-64.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\accessibility.properties | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\ext\dnsns.jar | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\deploy\messages_fr.properties | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\deploy\messages.properties | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-utility-l1-1-0.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\j2gss.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\tzdb.dat | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\cmm\GRAY.pf | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\security\trusted.libraries | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\jp2iexp.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\jaas_nt.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\dtplugin\deployJava1.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\README.txt | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\jabswitch.exe | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\lib\security\cacerts | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\legal\javafx\mesa3d.md | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\api-ms-win-crt-stdio-l1-1-0.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files\Java\jre-1.8\bin\api-ms-win-core-util-l1-1-0.dll | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Program Files (x86)\Common Files\Oracle\Java\javapath_target_259740042\javaws.exe | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Installer\MSI3DA7.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3DC7.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3E18.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f7b3911.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f7b390e.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f7b3916.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3D86.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3E07.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3F12.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3F23.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI40E8.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f7b3910.msi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f7b3914.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File created | C:\Windows\Installer\f7b390b.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3D07.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3D36.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\ | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIB46A.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\f7b3914.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\f7b390b.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3D47.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\f7b390e.ipi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\f7b3911.msi | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI3DE7.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSI7A23.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIB16A.tmp | C:\Windows\system32\msiexec.exe | N/A |
| File opened for modification | C:\Windows\Installer\MSIB39D.tmp | C:\Windows\system32\msiexec.exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 | C:\Windows\system32\msiexec.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Windows\system32\msiexec.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\Policy = "3" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4B5F-9EE6-34795C46E7E7} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\Policy = "3" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main | C:\Users\Admin\AppData\Local\Temp\jds259711540.tmp\jre-windows.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\AppPath = "C:\\Program Files\\Java\\jre-1.8\\bin" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}\Compatibility Flags = "1024" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C8FE2181-CAE7-49EE-9B04-DB7EB4DA544A}\AppName = "ssvagent.exe" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\AppName = "jp2launcher.exe" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\ActiveX Compatibility\{CAFEEFAC-DEC7-0000-0000-ABCDEFFEDCBA}\AlternateCLSID = "{CAFEEFAC-DEC7-0000-0001-ABCDEFFEDCBA}" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Software\Microsoft\Internet Explorer\Main | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\AppName = "javaws.exe" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\AppPath = "C:\\Program Files\\Java\\jre-1.8\\bin" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (int) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5852F5ED-8BF4-11D4-A245-0080C6F74284}\Policy = "0" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{44D1B085-E495-4b5f-9EE6-34795C46E7E7}\AppPath = "C:\\Program Files\\Java\\jre-1.8\\bin" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0009-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0136-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0155-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0357-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0007-ABCDEFFEDCBA}\ = "Java Plug-in 1.8.0_07" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0064-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0266-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-FFFF-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0235-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0197-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}\ = "Java Plug-in 1.3.1_07" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0075-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0114-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0047-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0080-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0248-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0334-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0206-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0112-ABCDEFFEDCBC}\ = "Java Plug-in 1.6.0_112" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0115-ABCDEFFEDCBC}\ = "Java Plug-in 1.7.0_115" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0167-ABCDEFFEDCBA}\ = "Java Plug-in 1.7.0_167" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0248-ABCDEFFEDCBA}\ = "Java Plug-in 1.7.0_248" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0223-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0272-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0069-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0202-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0216-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0046-ABCDEFFEDCBA}\ = "Java Plug-in 1.8.0_46" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0002-ABCDEFFEDCBB}\ = "Java Plug-in 1.7.0_02" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0097-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0067-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0037-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0037-ABCDEFFEDCBB}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0054-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0337-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0370-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0254-ABCDEFFEDCBC}\ = "Java Plug-in 1.7.0_254" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0187-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0023-ABCDEFFEDCBC}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0085-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0124-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0027-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0190-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0001-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0147-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0079-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0064-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0152-ABCDEFFEDCBB}\ = "Java Plug-in 1.7.0_152" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0353-ABCDEFFEDCBB}\ = "Java Plug-in 1.7.0_353" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0183-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0177-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0074-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0058-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0330-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0121-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0012-ABCDEFFEDCBC}\ = "Java Plug-in 1.8.0_12" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0093-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0040-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0130-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0099-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0128-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBA}\ = "Java Plug-in 1.6.0_36" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0008-ABCDEFFEDCBA}\ = "Java Plug-in 1.8.0_08" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0056-ABCDEFFEDCBB}\ = "Java Plug-in 1.8.0_56" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0070-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0102-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0090-ABCDEFFEDCBC}\ = "Java Plug-in 1.6.0_90" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0199-ABCDEFFEDCBC}\ = "Java Plug-in 1.7.0_199" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0188-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0279-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0130-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0098-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0311-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0132-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0033-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0014-0002-0088-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}\ = "Java Plug-in 1.6.0_19" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key deleted | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0036-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0340-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0070-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0119-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0011-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0176-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0365-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0119-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0045-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}\ = "Java Plug-in 1.5.0_07" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0042-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}\INPROCSERVER32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0132-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0225-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0015-0000-0086-ABCDEFFEDCBC}\ = "Java Plug-in 1.5.0_86" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0036-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0131-ABCDEFFEDCBA}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0014-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0016-0000-0212-ABCDEFFEDCBC}\ = "Java Plug-in 1.6.0_212" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0057-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0101-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0159-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0202-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0018-0000-0395-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0013-0001-0071-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0056-ABCDEFFEDCBC}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0374-ABCDEFFEDCBA}\ = "Java Plug-in 1.8.0_374" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0046-ABCDEFFEDCBB}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0257-ABCDEFFEDCBC} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0022-ABCDEFFEDCBA}\InprocServer32 | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0276-ABCDEFFEDCBC}\InprocServer32\ThreadingModel = "Apartment" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key deleted | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA} | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0017-0000-0294-ABCDEFFEDCBA}\InprocServer32\ = "C:\\Program Files\\Java\\jre-1.8\\bin\\jp2iexp.dll" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0119-ABCDEFFEDCBC}\ = "Java Plug-in 1.8.0_119" | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000_CLASSES\CLSID\{CAFEEFAC-0018-0000-0330-ABCDEFFEDCBB} | C:\Program Files\Java\jre-1.8\bin\ssvagent.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0044-ABCDEFFEDCBB}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{CAFEEFAC-0017-0000-0088-ABCDEFFEDCBC}\InprocServer32 | C:\Program Files\Java\jre-1.8\installer.exe | N/A |
Modifies system certificate store
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436 | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| Set value (data) | \REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\A8985D3A65E5E5C4B2D7D66D40C6DD2FB19C5436\Blob = 04000000010000001000000079e4a9840d7d3a96d7c04fe2434c892e0f0000000100000014000000b34ddd372ed92e8f2abfbb9e20a9d31f204f194b090000000100000034000000303206082b0601050507030106082b0601050507030206082b0601050507030406082b0601050507030306082b0601050507030814000000010000001400000003de503556d14cbb66f0a3e21b1bc397b23dd1550b00000001000000120000004400690067006900430065007200740000001d000000010000001000000059779e39e21a2e3dfced6857ed5c5fd9030000000100000014000000a8985d3a65e5e5c4b2d7d66d40c6dd2fb19c54361900000001000000100000000f3a0527d242de2dc98e5cfcb1e991ee2000000001000000b3030000308203af30820297a0030201020210083be056904246b1a1756ac95991c74a300d06092a864886f70d01010505003061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a3061310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3120301e06035504031317446967694365727420476c6f62616c20526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100e23be11172dea8a4d3a357aa50a28f0b7790c9a2a5ee12ce965b010920cc0193a74e30b753f743c46900579de28d22dd870640008109cece1b83bfdfcd3b7146e2d666c705b37627168f7b9e1e957deeb748a308dad6af7a0c3906657f4a5d1fbc17f8abbeee28d7747f7a78995985686e5c23324bbf4ec0e85a6de370bf7710bffc01f685d9a844105832a97518d5d1a2be47e2276af49a33f84908608bd45fb43a84bfa1aa4a4c7d3ecf4f5f6c765ea04b37919edc22e66dce141a8e6acbfecdb3146417c75b299e32bff2eefad30b42d4abb74132da0cd4eff881d5bb8d583fb51be84928a270da3104ddf7b216f24c0a4e07a8ed4a3d5eb57fa390c3af270203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e0416041403de503556d14cbb66f0a3e21b1bc397b23dd155301f0603551d2304183016801403de503556d14cbb66f0a3e21b1bc397b23dd155300d06092a864886f70d01010505000382010100cb9c37aa4813120afadd449c4f52b0f4dfae04f5797908a32418fc4b2b84c02db9d5c7fef4c11f58cbb86d9c7a74e79829ab11b5e370a0a1cd4c8899938c9170e2ab0f1cbe93a9ff63d5e40760d3a3bf9d5b09f1d58ee353f48e63fa3fa7dbb466df6266d6d16e418df22db5ea774a9f9d58e22b59c04023ed2d2882453e7954922698e08048a837eff0d6796016deace80ecd6eac4417382f49dae1453e2ab93653cf3a5006f72ee8c457496c612118d504ad783c2c3a806ba7ebaf1514e9d889c1b9386ce2916c8aff64b977255730c01b24a3e1dce9df477cb5b424080530ec2dbd0bbf45bf50b9a9f3eb980112adc888c698345f8d0a3cc6e9d595956dde | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\jds259711540.tmp\jre-windows.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\jds259711540.tmp\jre-windows.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\jds259711540.tmp\jre-windows.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\jds259711540.tmp\jre-windows.exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Local\Temp\jds259711540.tmp\jre-windows.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\javaw.exe | N/A |
| N/A | N/A | C:\Program Files\Java\jre-1.8\bin\javaw.exe | N/A |
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\486d07b44ecb8aedd18daa8fa0493822.png
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef69b9758,0x7fef69b9768,0x7fef69b9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1176 --field-trial-handle=1304,i,5743278640739921613,1358230426854012488,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1524 --field-trial-handle=1304,i,5743278640739921613,1358230426854012488,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1572 --field-trial-handle=1304,i,5743278640739921613,1358230426854012488,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=1568 --field-trial-handle=1304,i,5743278640739921613,1358230426854012488,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2304 --field-trial-handle=1304,i,5743278640739921613,1358230426854012488,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1308 --field-trial-handle=1304,i,5743278640739921613,1358230426854012488,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2200 --field-trial-handle=1304,i,5743278640739921613,1358230426854012488,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3456 --field-trial-handle=1304,i,5743278640739921613,1358230426854012488,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3576 --field-trial-handle=1304,i,5743278640739921613,1358230426854012488,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3620 --field-trial-handle=1304,i,5743278640739921613,1358230426854012488,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3532 --field-trial-handle=1304,i,5743278640739921613,1358230426854012488,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=1136 --field-trial-handle=1304,i,5743278640739921613,1358230426854012488,131072 /prefetch:1
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef69b9758,0x7fef69b9768,0x7fef69b9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1172 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1448 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1588 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2268 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2276 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1568 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3204 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3208 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3556 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3556 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2532 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2496 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3660 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3928 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=2588 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3644 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2248 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=1516 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4040 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=2528 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=2800 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=2428 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2780 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3988 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=888 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2080 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=3244 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=1628 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2712 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4280 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4300 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2292 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4432 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4392 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Users\Admin\Downloads\TLauncher-Installer-1.3.5.exe
"C:\Users\Admin\Downloads\TLauncher-Installer-1.3.5.exe"
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
"C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe" __IRAOFF:1773458 "__IRAFN:C:\Users\Admin\Downloads\TLauncher-Installer-1.3.5.exe" "__IRCT:3" "__IRTSS:24068259" "__IRSID:S-1-5-21-1298544033-3225604241-2703760938-1000"
C:\Users\Admin\AppData\Local\Temp\BrowserInstaller.exe
"C:\Users\Admin\AppData\Local\Temp\BrowserInstaller.exe" /NOINIT /S:C:\Users\Admin\AppData\Local\Temp\setuparguments.ini
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
"C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe" /NOINIT /S:C:\Users\Admin\AppData\Local\Temp\setuparguments.ini __IRAOFF:1679762 "__IRAFN:C:\Users\Admin\AppData\Local\Temp\BrowserInstaller.exe" "__IRCT:3" "__IRTSS:1708464" "__IRSID:S-1-5-21-1298544033-3225604241-2703760938-1000"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=744 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=2596 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Users\Admin\AppData\Local\Temp\jre-windows.exe
"C:\Users\Admin\AppData\Local\Temp\jre-windows.exe" STATIC=1
C:\Users\Admin\AppData\Local\Temp\jds259711540.tmp\jre-windows.exe
"C:\Users\Admin\AppData\Local\Temp\jds259711540.tmp\jre-windows.exe" "STATIC=1"
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\system32\MsiExec.exe
C:\Windows\system32\MsiExec.exe -Embedding A552E971244EC0471856DC0081A1F5C0
C:\Program Files\Java\jre-1.8\installer.exe
"C:\Program Files\Java\jre-1.8\installer.exe" /s INSTALLDIR="C:\Program Files\Java\jre-1.8\\" STATIC=1 INSTALL_SILENT=1 REPAIRMODE=0 ProductCode={71024AE4-039E-4CA4-87B4-2F64180401F0}
C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -Xshare:dump -Djdk.disableLastUsageTracking
C:\Program Files\Java\jre-1.8\bin\ssvagent.exe
"C:\Program Files\Java\jre-1.8\bin\ssvagent.exe" -doHKCUSSVSetup
C:\Program Files\Java\jre-1.8\bin\javaws.exe
"C:\Program Files\Java\jre-1.8\bin\javaws.exe" -wait -fix -permissions -silent
C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe
"C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe" -secure -javaws -jre "C:\Program Files\Java\jre-1.8" -vma LWNsYXNzcGF0aABDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlLTEuOFxsaWJcZGVwbG95LmphcgAtRGphdmEuc2VjdXJpdHkucG9saWN5PWZpbGU6QzpcUHJvZ3JhbSBGaWxlc1xKYXZhXGpyZS0xLjhcbGliXHNlY3VyaXR5XGphdmF3cy5wb2xpY3kALUR0cnVzdFByb3h5PXRydWUALVh2ZXJpZnk6cmVtb3RlAC1Eam5scHguaG9tZT1DOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlLTEuOFxiaW4ALURqYXZhLnNlY3VyaXR5Lm1hbmFnZXIALURzdW4uYXd0Lndhcm11cD10cnVlAC1YYm9vdGNsYXNzcGF0aC9hOkM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUtMS44XGxpYlxqYXZhd3MuamFyO0M6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUtMS44XGxpYlxkZXBsb3kuamFyO0M6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUtMS44XGxpYlxwbHVnaW4uamFyAC1EamF2YS5hd3QuaGVhZGxlc3M9dHJ1ZQAtRGpubHB4Lmp2bT1DOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlLTEuOFxiaW5camF2YXcuZXhl -ma LXdhaXQALWZpeAAtcGVybWlzc2lvbnMALXNpbGVudAAtbm90V2ViSmF2YQ==
C:\Program Files\Java\jre-1.8\bin\javaws.exe
"C:\Program Files\Java\jre-1.8\bin\javaws.exe" -wait -fix -shortcut -silent
C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe
"C:\Program Files\Java\jre-1.8\bin\jp2launcher.exe" -secure -javaws -jre "C:\Program Files\Java\jre-1.8" -vma LWNsYXNzcGF0aABDOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlLTEuOFxsaWJcZGVwbG95LmphcgAtRGphdmEuc2VjdXJpdHkucG9saWN5PWZpbGU6QzpcUHJvZ3JhbSBGaWxlc1xKYXZhXGpyZS0xLjhcbGliXHNlY3VyaXR5XGphdmF3cy5wb2xpY3kALUR0cnVzdFByb3h5PXRydWUALVh2ZXJpZnk6cmVtb3RlAC1Eam5scHguaG9tZT1DOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlLTEuOFxiaW4ALURqYXZhLnNlY3VyaXR5Lm1hbmFnZXIALURzdW4uYXd0Lndhcm11cD10cnVlAC1YYm9vdGNsYXNzcGF0aC9hOkM6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUtMS44XGxpYlxqYXZhd3MuamFyO0M6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUtMS44XGxpYlxkZXBsb3kuamFyO0M6XFByb2dyYW0gRmlsZXNcSmF2YVxqcmUtMS44XGxpYlxwbHVnaW4uamFyAC1EamF2YS5hd3QuaGVhZGxlc3M9dHJ1ZQAtRGpubHB4Lmp2bT1DOlxQcm9ncmFtIEZpbGVzXEphdmFcanJlLTEuOFxiaW5camF2YXcuZXhl -ma LXdhaXQALWZpeAAtc2hvcnRjdXQALXNpbGVudAAtbm90V2ViSmF2YQ==
C:\Windows\system32\MsiExec.exe
C:\Windows\system32\MsiExec.exe -Embedding 158E7481DD3286B7EA8985C4DFBF49DC M Global\MSI0000
C:\Program Files\Java\jre-1.8\bin\javaw.exe
-Djdk.disableLastUsageTracking -cp "C:\Program Files\Java\jre-1.8\bin\..\lib\deploy.jar" com.sun.deploy.panel.ControlPanel -getUserWebJavaStatus
C:\Program Files\Java\jre-1.8\bin\javaw.exe
-Djdk.disableLastUsageTracking -cp "C:\Program Files\Java\jre-1.8\bin\..\lib\deploy.jar" com.sun.deploy.panel.ControlPanel -getUserPreviousDecisionsExist 30
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding D0DFCEE9700DC557D77127A48C220EA7
C:\Windows\syswow64\MsiExec.exe
C:\Windows\syswow64\MsiExec.exe -Embedding 242963570F43C2AA6E24463CC117F805 M Global\MSI0000
C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe
"C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Program Files\Java\jre-1.8\bin\javaw.exe
"C:\Program Files\Java\jre-1.8\bin\javaw.exe" -jar "C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe"
C:\Windows\system32\icacls.exe
C:\Windows\system32\icacls.exe C:\ProgramData\Oracle\Java\.oracle_jre_usage /grant "everyone":(OI)(CI)M
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\bin\java.exe -Xmx1024m -Dfile.encoding=UTF8 -Djava.net.preferIPv4Stack=true --add-opens=java.base/java.lang=ALL-UNNAMED --add-opens=java.base/java.time=ALL-UNNAMED --add-opens=java.desktop/java.awt=ALL-UNNAMED --add-opens=java.desktop/sun.awt.image=ALL-UNNAMED --add-opens=java.desktop/sun.java2d=ALL-UNNAMED --add-opens=java.desktop/java.awt.color=ALL-UNNAMED --add-opens=java.desktop/java.awt.image=ALL-UNNAMED --add-opens=java.desktop/com.apple.eawt=ALL-UNNAMED --add-opens=java.base/java.util.regex=ALL-UNNAMED --add-opens=java.desktop/javax.swing=ALL-UNNAMED --add-opens=java.desktop/java.beans=ALL-UNNAMED --add-opens=javafx.web/com.sun.webkit.network=ALL-UNNAMED -cp C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\aopalliance-1.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\checker-qual-3.12.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-codec-1.9.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-compress-1.23.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-io-2.11.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-lang3-3.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-logging-1.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-logging-api-1.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\commons-vfs2-2.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\desktop-common-util-1.11.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\DiscordIPC-0.5.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\dnsjava-2.1.8.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\error_prone_annotations-2.18.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\failureaccess-1.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\fluent-hc-4.5.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\gson-2.8.8.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\guava-31.0.1-jre.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\guice-7.0.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\guice-assistedinject-7.0.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\hamcrest-core-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\http-download-1.11.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\httpclient-4.5.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\httpcore-4.4.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\j2objc-annotations-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jakarta.inject-api-2.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-base-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-base-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-controls-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-controls-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-graphics-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-graphics-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-media-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-media-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-swing-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-swing-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-web-17.0.0.1-win.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javafx-web-17.0.0.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\javax.annotation-api-1.3.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jaxb-api-2.3.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jaxb-core-2.3.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jaxb-impl-2.3.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jcl-over-slf4j-1.7.25.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jopt-simple-5.0.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\json-20230227.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\jsr305-3.0.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junit-4.13.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junixsocket-common-2.6.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junixsocket-native-common-2.6.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\junrar-0.7.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\log4j-1.2.17.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\logback-classic-1.2.10.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\logback-core-1.2.10.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\lombok-1.18.30.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\maven-scm-api-1.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\maven-scm-provider-svn-commons-1.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\maven-scm-provider-svnexe-1.4.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\MinecraftServerPing-1.0.2.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\mockserver-netty-no-dependencies-5.14.0.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\modpack-dto-2.2914.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\picture-bundle-3.72.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\plexus-utils-1.5.6.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\regexp-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\skin-server-API-1.3.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\slf4j-api-1.7.25.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\statistics-dto-1.73.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\tlauncher-resource-1.6.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\url-cache-1.1.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\dependencies\xz-1.9.jar;C:\Users\Admin\AppData\Roaming\.tlauncher\starter\original-TLauncher-2.921.jar; org.tlauncher.tlauncher.rmo.TLauncher -starterConfig=C:\Users\Admin\AppData\Roaming\.tlauncher\starter\starter.json -requireUpdate=false -currentAppVersion=2.921
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & wmic CPU get NAME
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\System32\Wbem\WMIC.exe
wmic CPU get NAME
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & set processor
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & dxdiag /whql:off /t C:\Users\Admin\AppData\Roaming\.minecraft\logs\tlauncher\dxdiag.txt
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\system32\dxdiag.exe
dxdiag /whql:off /t C:\Users\Admin\AppData\Roaming\.minecraft\logs\tlauncher\dxdiag.txt
C:\Windows\SysWOW64\dxdiag.exe
"C:\Windows\SysWOW64\dxdiag.exe" /whql:off /t C:\Users\Admin\AppData\Roaming\.minecraft\logs\tlauncher\dxdiag.txt
C:\Windows\system32\cmd.exe
cmd.exe /C chcp 437 & wmic qfe get HotFixID
C:\Windows\system32\chcp.com
chcp 437
C:\Windows\System32\Wbem\WMIC.exe
wmic qfe get HotFixID
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x564
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=2596 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=1476 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=4104 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=4112 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=2776 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4608 --field-trial-handle=1304,i,14683332293388786622,18332785931424448114,131072 /prefetch:8
C:\Program Files\7-Zip\7zFM.exe
"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\@#!!Newest_FILE_2024_PASSC0DE_$!.rar"
C:\Users\Admin\AppData\Local\Temp\7zO81B12B10\Setup.exe
"C:\Users\Admin\AppData\Local\Temp\7zO81B12B10\Setup.exe"
C:\Windows\explorer.exe
"C:\Windows\explorer.exe"
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap30653:126:7zEvent810
C:\Users\Admin\Downloads\Setup.exe
"C:\Users\Admin\Downloads\Setup.exe"
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef69b9758,0x7fef69b9768,0x7fef69b9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1180 --field-trial-handle=1196,i,12601203401890863450,11446428098779382428,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1508 --field-trial-handle=1196,i,12601203401890863450,11446428098779382428,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1636 --field-trial-handle=1196,i,12601203401890863450,11446428098779382428,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2220 --field-trial-handle=1196,i,12601203401890863450,11446428098779382428,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2320 --field-trial-handle=1196,i,12601203401890863450,11446428098779382428,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=3128 --field-trial-handle=1196,i,12601203401890863450,11446428098779382428,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2116 --field-trial-handle=1196,i,12601203401890863450,11446428098779382428,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3376 --field-trial-handle=1196,i,12601203401890863450,11446428098779382428,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3492 --field-trial-handle=1196,i,12601203401890863450,11446428098779382428,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level
C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x140007688,0x140007698,0x1400076a8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 216.58.201.110:443 | apis.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 172.217.16.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | lh5.googleusercontent.com | udp |
| GB | 216.58.201.97:443 | lh5.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | id.google.com | udp |
| FR | 142.250.201.3:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.213.22:443 | i.ytimg.com | tcp |
| GB | 216.58.213.22:443 | i.ytimg.com | tcp |
| GB | 216.58.213.22:443 | i.ytimg.com | tcp |
| GB | 216.58.213.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.204.78:443 | www.youtube.com | udp |
| GB | 216.58.213.22:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 142.250.180.6:443 | static.doubleclick.net | tcp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| FR | 142.250.201.3:443 | id.google.com | udp |
| GB | 216.58.204.78:443 | www.youtube.com | udp |
| GB | 216.58.204.78:443 | www.youtube.com | tcp |
| GB | 216.58.213.22:443 | i.ytimg.com | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.212.202:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | img.youtube.com | udp |
| GB | 172.217.169.46:443 | img.youtube.com | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 142.250.200.33:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-vtbn0.gstatic.com | tcp |
| GB | 142.250.178.14:443 | encrypted-vtbn0.gstatic.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.3:443 | beacons.gcp.gvt2.com | tcp |
| GB | 216.58.213.22:443 | i.ytimg.com | udp |
| GB | 142.250.187.206:443 | img.youtube.com | udp |
| GB | 142.250.187.206:443 | img.youtube.com | tcp |
| GB | 142.250.187.206:443 | img.youtube.com | udp |
| GB | 142.250.187.206:443 | img.youtube.com | tcp |
| US | 8.8.8.8:53 | tlauncher.org | udp |
| GB | 142.250.200.3:443 | beacons.gcp.gvt2.com | udp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| US | 8.8.8.8:53 | e2c27.gcp.gvt2.com | udp |
| US | 35.227.159.135:443 | e2c27.gcp.gvt2.com | tcp |
| GB | 142.250.180.3:80 | www.gstatic.com | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| FR | 216.58.215.35:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| US | 216.239.32.117:443 | beacons2.gvt2.com | tcp |
| US | 216.239.32.117:443 | beacons2.gvt2.com | udp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| US | 8.8.8.8:53 | hcaptcha.com | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.18.125.91:443 | hcaptcha.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | apps.identrust.com | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 2.18.190.81:80 | apps.identrust.com | tcp |
| GB | 216.58.201.106:443 | content-autofill.googleapis.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.18.125.91:443 | hcaptcha.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | dl2.tlauncher.org | udp |
| US | 104.20.36.13:443 | dl2.tlauncher.org | tcp |
| US | 104.20.36.13:443 | dl2.tlauncher.org | tcp |
| US | 104.20.36.13:443 | dl2.tlauncher.org | tcp |
| US | 104.20.36.13:443 | dl2.tlauncher.org | tcp |
| US | 104.20.36.13:443 | dl2.tlauncher.org | tcp |
| US | 8.8.8.8:53 | dl2.tlauncher.org | udp |
| US | 104.20.36.13:443 | dl2.tlauncher.org | tcp |
| US | 8.8.8.8:53 | tlauncher.org | udp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| US | 8.8.8.8:53 | javadl.oracle.com | udp |
| NO | 104.110.22.225:80 | javadl.oracle.com | tcp |
| NO | 104.110.22.225:443 | javadl.oracle.com | tcp |
| US | 8.8.8.8:53 | sdlc-esd.oracle.com | udp |
| US | 23.220.112.104:443 | sdlc-esd.oracle.com | tcp |
| US | 8.8.8.8:53 | tlauncher.org | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 104.18.125.91:443 | hcaptcha.com | udp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| GB | 142.250.200.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| US | 104.20.36.13:443 | tlauncher.org | tcp |
| GB | 216.58.204.78:443 | img.youtube.com | udp |
| GB | 216.58.213.22:443 | i.ytimg.com | udp |
| GB | 172.217.169.66:443 | googleads.g.doubleclick.net | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.187.206:443 | img.youtube.com | udp |
| US | 8.8.8.8:53 | javadl-esd-secure.oracle.com | udp |
| NL | 92.123.165.224:443 | javadl-esd-secure.oracle.com | tcp |
| US | 8.8.8.8:53 | rps-svcs.oracle.com | udp |
| NL | 92.123.165.224:443 | rps-svcs.oracle.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| GB | 142.250.187.206:443 | img.youtube.com | udp |
| US | 8.8.8.8:53 | www.java.com | udp |
| NL | 23.62.61.137:443 | www.java.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| US | 8.8.8.8:53 | sjremetrics.java.com | udp |
| IE | 66.235.152.221:443 | sjremetrics.java.com | tcp |
| GB | 142.250.200.3:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| GB | 172.217.16.238:443 | ogs.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| US | 8.8.8.8:53 | repo.tlauncher.org | udp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.204.78:443 | www.youtube.com | udp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 104.20.36.13:443 | repo.tlauncher.org | tcp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | page.tlauncher.org | udp |
| US | 104.20.37.13:443 | page.tlauncher.org | tcp |
| US | 104.20.36.13:443 | page.tlauncher.org | tcp |
| US | 104.20.36.13:80 | page.tlauncher.org | tcp |
| US | 8.8.8.8:53 | repo.fastrepo.org | udp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| FI | 135.181.139.36:443 | repo.fastrepo.org | tcp |
| US | 104.20.37.13:443 | page.tlauncher.org | tcp |
| US | 8.8.8.8:53 | img.tlauncher.org | udp |
| US | 104.20.37.13:443 | img.tlauncher.org | tcp |
| US | 8.8.8.8:53 | img.fastrepo.org | udp |
| US | 172.67.70.32:80 | img.fastrepo.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| US | 8.8.8.8:53 | launchermeta.mojang.com | udp |
| US | 13.107.253.64:443 | launchermeta.mojang.com | tcp |
| US | 8.8.8.8:53 | stat.fastrepo.org | udp |
| US | 104.20.36.13:443 | img.tlauncher.org | tcp |
| DE | 78.46.79.62:443 | stat.fastrepo.org | tcp |
| DE | 78.46.79.62:443 | stat.fastrepo.org | tcp |
| US | 8.8.8.8:53 | dl2.fastrepo.org | udp |
| US | 172.67.70.32:443 | dl2.fastrepo.org | tcp |
| US | 104.20.37.13:80 | img.tlauncher.org | tcp |
| US | 8.8.8.8:53 | piston-meta.mojang.com | udp |
| US | 13.107.253.64:443 | piston-meta.mojang.com | tcp |
| US | 8.8.8.8:53 | res.tlauncher.org | udp |
| DE | 78.46.66.120:443 | res.tlauncher.org | tcp |
| US | 8.8.8.8:53 | cl2-res.tlauncher.org | udp |
| US | 104.20.37.13:443 | cl2-res.tlauncher.org | tcp |
| US | 8.8.8.8:53 | piston-data.mojang.com | udp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 13.107.253.64:443 | piston-data.mojang.com | tcp |
| US | 8.8.8.8:53 | resources.download.minecraft.net | udp |
| US | 13.107.253.64:443 | resources.download.minecraft.net | tcp |
| US | 13.107.253.64:443 | resources.download.minecraft.net | tcp |
| US | 13.107.253.64:443 | resources.download.minecraft.net | tcp |
| US | 13.107.253.64:443 | resources.download.minecraft.net | tcp |
| US | 13.107.253.64:443 | resources.download.minecraft.net | tcp |
| US | 8.8.8.8:53 | resources.download.minecraft.net | udp |
| US | 13.107.253.64:443 | resources.download.minecraft.net | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| GB | 216.58.204.78:443 | www.youtube.com | udp |
| GB | 216.58.204.78:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 7launcher-com.webpkgcache.com | udp |
| GB | 142.250.180.1:443 | 7launcher-com.webpkgcache.com | tcp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 216.58.213.22:443 | i.ytimg.com | udp |
| GB | 142.250.180.1:443 | 7launcher-com.webpkgcache.com | udp |
| GB | 216.58.213.22:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | pki.goog | udp |
| US | 216.239.32.29:80 | pki.goog | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | udp |
| GB | 142.250.180.2:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | udp |
| GB | 142.250.200.46:443 | encrypted-tbn0.gstatic.com | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| GB | 172.217.169.35:443 | beacons.gvt2.com | udp |
| US | 8.8.8.8:53 | encrypted-vtbn0.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-vtbn0.gstatic.com | udp |
| GB | 142.250.178.14:443 | encrypted-vtbn0.gstatic.com | tcp |
| GB | 142.250.187.206:443 | play.google.com | udp |
| GB | 142.250.187.206:443 | play.google.com | tcp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.3:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.3:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | oceantogames.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 172.67.144.253:443 | oceantogames.com | tcp |
| US | 172.67.144.253:443 | oceantogames.com | tcp |
| GB | 216.58.204.78:443 | www.youtube.com | udp |
| GB | 216.58.204.78:443 | www.youtube.com | tcp |
| US | 172.67.144.253:443 | oceantogames.com | udp |
| US | 8.8.8.8:53 | stats.wp.com | udp |
| US | 192.0.76.3:443 | stats.wp.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 142.250.180.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | pixel.wp.com | udp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 192.0.76.3:443 | pixel.wp.com | tcp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 192.0.76.3:443 | pixel.wp.com | udp |
| US | 8.8.8.8:53 | hoixerb.click | udp |
| US | 172.67.153.133:443 | hoixerb.click | tcp |
| US | 172.67.153.133:443 | hoixerb.click | tcp |
| US | 8.8.8.8:53 | doilexmu.click | udp |
| US | 172.67.145.106:80 | doilexmu.click | tcp |
| US | 172.67.145.106:80 | doilexmu.click | tcp |
| US | 8.8.8.8:53 | cdnjs.cloudflare.com | udp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 104.17.24.14:443 | cdnjs.cloudflare.com | tcp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| US | 8.8.8.8:53 | foxmisxdwn.b-cdn.net | udp |
| GB | 143.244.38.136:443 | foxmisxdwn.b-cdn.net | tcp |
| GB | 143.244.38.136:443 | foxmisxdwn.b-cdn.net | tcp |
| US | 8.8.8.8:53 | static.mediafire.com | udp |
| US | 104.16.114.74:443 | static.mediafire.com | tcp |
| US | 8.8.8.8:53 | foxmisxdwn.b-cdn.net | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | udp |
| GB | 142.250.178.4:443 | www.google.com | tcp |
| US | 172.67.144.253:443 | oceantogames.com | udp |
| US | 172.67.144.253:443 | oceantogames.com | tcp |
| US | 192.0.76.3:443 | pixel.wp.com | udp |
| US | 192.0.76.3:443 | pixel.wp.com | tcp |
Files
memory/1676-0-0x0000000001DF0000-0x0000000001DF1000-memory.dmp
\??\pipe\crashpad_2608_SNPBUQNAYNXSUQJY
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 66248a0ebc490157260fce6a98ee0313 |
| SHA1 | d13084e4dc507e01e394c33b6dad41170b974bb9 |
| SHA256 | 9a4a54bbd342f6e5aa374060ca3ac118ccf1053b334e78911d43075944c80e60 |
| SHA512 | 879ef6eb97880dcac69ff936d788a4fc223b24f203ed7909cb705b330f010c8063fc41449a2a832c2b2f48c4dd59848fdc559aac0e007b454865365b40ac0128 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 557624eb045f54407fe06ac0f346661b |
| SHA1 | fe5d9372ad5d1300fb2f8d78aa411dc0e740a246 |
| SHA256 | d78d79734bad231593e13e2d38d7832aa73bc238bc679274a629ab460a494bac |
| SHA512 | 4e2f4d088832ab3ce6f22211eb2ae68fb2e2d4a4d0a2ef5395feb26f70ba33cd460f31ca87ab333e8c74cc08d00046d5bfe7e4944671fff60e07eecd85b81b94 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2ca6a7a583530d544d045ccbee96f1b6 |
| SHA1 | 830cbfd338bf4498ddb3a2e5957e1247514729fb |
| SHA256 | ba05dbdb6a552fcf4f5ea6e4f40614eed5568b44e789024f7624e8f6462d3204 |
| SHA512 | 9b8e82bbbe27aa304f9e1f99ee7c06036248683c37a99debb1887fc145554d6d90b369ae3756eee7946a83c1920f8e0f351531ad1832388ab23791a647c02006 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 2d9ee9c92ef91fbbd2b86df78cff74da |
| SHA1 | 43146e6f96147fbc050454b8ef096292ba90217a |
| SHA256 | 84ae60a4484d6cc9a63ba3e604fe5b0a168272b3de2279dd7371701b3e1711a8 |
| SHA512 | ca08c135acdc05da7f4f93367b19653b0d008b31c4534a3b8f63838c41c11d46708434a4bb43a3a9f53b5eb29a36d5be0631e86bbfe16139fd3732f5b023bcdd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf76fdee.TMP
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 782e8c666c1c6a2ab0e2952b5d645983 |
| SHA1 | bb8f9161c36f5c746a7bd10616a65454dbe480a6 |
| SHA256 | 9d4ec04e127b76bc99be325b37d418e0f2bcf35c3cd510a00b2dec5ead1c8b14 |
| SHA512 | 748326ab618886a4b3f853172df33f6379686ddc36ae0b39f4c4ff80c7ec97d606977a967e3e6b0f07fd8026e8c80bfea955371b09380e0416e6f4262068de7f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 238145cabc4dc699602ad8d2e8bf7a33 |
| SHA1 | b0a0a32ffbe670d7f9d053306c47387c761f9206 |
| SHA256 | 46b9ad82964c944304c89887096030221cb213953a051eb5e4be979e6b10a9de |
| SHA512 | 3cd8fc13e9ec430478ff88200aed870c29efeaf3b7b661b922561ad2ee7090b42cd315b07835b4cc997aae053fc2f1757c9f7bccf07b617b1893e47700eb291c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d70600245b1731c9cafe4f896d0aef68 |
| SHA1 | 0d25f9079b049262f2424b9adb1682c4e7655602 |
| SHA256 | 37107744306ac34ab94daade37c9419f6ee55b890f8f348a89b95d1454512230 |
| SHA512 | 5ee3087e39ff8cab7d0fe4e9d1d93faad54ea2f4c81003aa96310911ba3e1160362295a98250a62322c50426aec591333ea51e454069dbfee6999dcbe89ea367 |
memory/1784-268-0x0000000140000000-0x00000001405E8000-memory.dmp
memory/1784-269-0x0000000140000000-0x00000001405E8000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 35ee84cc4eb3ea98edc3a49383e46008 |
| SHA1 | dd6d81acb912e36e89fbda7fc90e64fe46692e7a |
| SHA256 | 30b6aea6a6a3b27e2da5a16c6a514b0ee23fc4b196c54ac3f48a08c6b59a1de0 |
| SHA512 | f2c93846aff5098a8972585cb3a43a5957501e01548a801fc4f7ce85bec5a1857d4cf38bed534a8bbf79243b88eb698dad2f6a105009aea763ebd231c8832ab1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6a69967a2f77f6ff23450bb6b511da35 |
| SHA1 | 597d3930a081ddc1c37ad74ae10acef6651e0409 |
| SHA256 | 3d2164ad7be1e762d92ee391cb862675ac8e58ea94b253569bbd96b4489cb96c |
| SHA512 | 8ac464c337559ea58b4b97f7a7b01138be2521f66b93e01063d09dc413c46471fd55262ff05b29dd2766a01e41d2174f28c5ccab6649b502cbaade49f092ac6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e93f88ea3d9ed614b24f39a6e6660008 |
| SHA1 | 197e1b1f2b5aed90d5c1046350ed07c0f96579ea |
| SHA256 | cd0e18b4786d195bb687f9ff1c9256d4cb2ff42eef46080ce8db94e0c709027a |
| SHA512 | 233c238317f35435feaae6a9f8cc41b78e4d032a699162044128a20ee167031054e24f771f77cd8a6639a2688b9717d08a8227f67b75e3d31e1e87b00b63f4c2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\0b4d878f-e903-4036-a171-4dbdc60424f3.tmp
| MD5 | 994b44d5e9d7560c084dfefd658630ee |
| SHA1 | 3454be95104828141b86e4c1c7acea5dc835de32 |
| SHA256 | 5e4d214c5911a0e882c4fd9f5c1a7d914ddcec9a12a9c36383bec3268f8fe873 |
| SHA512 | 1b9279c0ed6bb8c485f648047fa4a509a824ef08a0f70da37adb0352e1bf887d4d9bb19c6e9127808020c14696fe176757b2bfaef324567f73df27bcc5791e72 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | a5e83f9c000b42169035667d98157c91 |
| SHA1 | 078534b79c29eafe32aeef30be3da494e9b698f4 |
| SHA256 | 9484dd67e74908ece9a06973cbf4d1d10cee939732da79a55903f3161d2900b9 |
| SHA512 | ed781e9a9170081a740c326e70ceb865f198a1187b53fc7bdd99dcb20fa5439191a251a8230fbe06497b2a7ed1e0f49137a2538c61a2453fdca7a78d53929e97 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 89f4922a7587a9f92f626d7868051285 |
| SHA1 | 9419dc4f12c1cafefe5a1a12997cd4c0ae5d6702 |
| SHA256 | 16d4c209625f423200c0a930685ec659bdc58c7e5c7848d0008979311b945ce7 |
| SHA512 | 009d7b6d168824bb8c8c15f256502673af694fec8b7fd3761567bddcb0c40500d77de42c13313fa33e7848d8380d097cdc4c14dd21e71023572de5508127f9cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 31390225a4b62c039eb8371070b30416 |
| SHA1 | f2ab8dd8eeb493ada6b798ac556f64f9e8d2acc4 |
| SHA256 | 59bdae85374b19ef28c78cee822ad961c78c83e3616500017a076115c17d0096 |
| SHA512 | 03edaccc9a3e76fffe157ab5ebc48bedda57cf51202c72a8d1f4417d2466d0d91c16c443a8dd82eb1852bf8c82519221b59fa3bb47b1c65e47908edcfdea01fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | 9eae63c7a967fc314dd311d9f46a45b7 |
| SHA1 | caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf |
| SHA256 | 4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d |
| SHA512 | bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000009.log
| MD5 | a7dc3940a6f56f935cda88488c83b76b |
| SHA1 | f14645deb8988f01eef5f1316f48b33f307a8172 |
| SHA256 | 40de07e3e0e5ee8ad6f560960012069f1cbc0519f03d1327c12893fd923d16ce |
| SHA512 | 24b5c16483a958b3dd5cebb789b9da0efe65ee30aa092307d81e6003d0cbb938fc1532e2b641bfe4c1f385e4445aa43dfbafb52795f311c641bcf24ebe04cce6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1
| MD5 | b63cda2b0757fbdf91da6a3c42c5c42a |
| SHA1 | dfa55a1ca4d1a07eeabcbdedd196758fa19dffdd |
| SHA256 | 9e8458022f79d2d9dd7da5a0dd082f825490d0472c448fa8c41f51fb55ea8891 |
| SHA512 | 6c1437c4a242467fa71d03e02af774af169de14e569cd963f4e598938d6d905ef88ae1c09b4778f7bea9adeea5b3680808779de22e7b3cc8762e375faadc652f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13359024319844800
| MD5 | 3929d7921e146ef698668b2277d61c0b |
| SHA1 | cd11ea9645f916d111c00b6bc49488c023404f86 |
| SHA256 | 4fa745b109a22b20ea2f790cf8623670ff452544e7692a845366d10e20ec2849 |
| SHA512 | 2616ed2692d354818f3f27646290fa72df1c80542bbb75f9dc90565bc9cce7d9bb8d61422421b5aa46633e23b8855f09f25027c2068e8483fa46fd305846e232 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000007
| MD5 | 03d881fc5a4ab4013bd1b30988abb179 |
| SHA1 | 9ad861569715575d7b676e5683b14dd3cffec304 |
| SHA256 | 5da7b30f55f920166ad821f532fb95bd11546bf63a228fc41357aa122fcaf5e8 |
| SHA512 | 29ab8ac2c642a83086266f88ffde8d71c96cd0d98812fac526e0a0adc58d8bc7f99760ad19a71cc38c3ef5edb9ab9d642ef6b665bf4ce336260b0171411e26f6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c2ab61d6f263fc06dc9ee422384f723a |
| SHA1 | 5a8660017cdffbb3d772e1d20b591c2c0886a4c4 |
| SHA256 | 475f86b4b46c80d48c96660704319be44ed09b7df17f2efde5de8ac6a70e8b12 |
| SHA512 | 851dcecb2dbc86f6959f2d10b5cebff6a2a6699d05fb64dcbe8d68852737678f005f8eb2302a127dc096082922edf3d448f42673237a3debff242982e11200cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links
| MD5 | 93573b3de6d2125a0a0c45af59b2a8ea |
| SHA1 | e69f6cdebc8c8e0bfe7e20a3cd71b8bd7ed7bf9a |
| SHA256 | 641b5997369f4d2f04c5d0c7fb3455e09492fd5ff5436df45125f148c0494e11 |
| SHA512 | 2ccbcecc0a9335c5db0dc982286228bf1cf34b75a6439f35fb2aba50857c694a00fa51e22f92b260c1186cb6b4308c26ca40882509282fadd732efc802ad16b9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
| MD5 | b259df2a5d765ddd2e4401f07f7cf9a1 |
| SHA1 | e07adb0723f1f873e3e51e70dbfc0328d19f6e78 |
| SHA256 | 76fb916673efa66386e1bebaadccc188e03031754b8d0f1e6c19f880be213028 |
| SHA512 | cf467e02383d9fefb595efd3e531ac4ae185a2df7d80db49ba592099592d3c5020220f7efa0a31b60fafebf89bac2775ce92174797846c8569fe16acb9a31d39 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000008.ldb
| MD5 | aa87631609c601badedd6861cd118a82 |
| SHA1 | 085e9ee84089d325e12aecb41b6b0b58277a7b9d |
| SHA256 | 32748a6231e42b8eba9b33fcd1ad1fd01210ed64f5c9d34d35334c66eeb056d6 |
| SHA512 | 59302975182586584e22ea3c188e70c252c0736acff9b1f025fd1c366086fb8ad79dadb8959e6a9fc3ed9f60f18b0b659ec54fc7d0abbe85a4e113a8f7cad725 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000009.log
| MD5 | 12275f46db968e27e4edb23a4517904d |
| SHA1 | 1bd41f5f55dc8532c45c5ed91bd0823deabe3d3a |
| SHA256 | 0b9769e63620205002586d7dbefa19d6c3573ffa65bc86eb49113ec271feea4a |
| SHA512 | 084364c331be5c6b8c537a6c56b732ccdbb45f0d74a1e0ed89ac195e9ae43e15f15c953e3ed188990f0abb7e0e6456fa4b6b34562a02c180f7c061a7728c8b66 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\MANIFEST-000007
| MD5 | 8b7cb42c968c0b0716cfeb1ae8ca61ee |
| SHA1 | 72c0bf4d80605a0f3d75cf9479059e321419f4c2 |
| SHA256 | fb28ad05c73151f24f8734a1128744b5a38ebe3305b4f21d69b76e0d34a688a2 |
| SHA512 | 63ae193152f4ff2dcba40bf5c3966621e02ba456be4a9d5eebddc5efe6667c9d7ff7e200d7f1c68081d40d4f2be1b4f2caa9777bc483a1595479139227d846c6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | f6dc2a9048a40c15f392b66797f5839e |
| SHA1 | b1b51258663d767df37fe8ac26f98ccf780293fa |
| SHA256 | 51fd0c3ffa735d19e3e73b46e9d2208352d1b282619a510822f75714e574cc0f |
| SHA512 | 32b722a80410aff6f6821ba34479372a3796fba6fd243ab25087063a7031a68dfbf1d9e1e97e8a457ea6cc1b97b9c59866248968b64176155410aed7162e16dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\000009.dbtmp
| MD5 | 979c29c2917bed63ccf520ece1d18cda |
| SHA1 | 65cd81cdce0be04c74222b54d0881d3fdfe4736c |
| SHA256 | b3524365a633ee6d1fa9953638d2867946c515218c497a5ec2dbef7dc44a7c53 |
| SHA512 | e38f694fd6ab9f678ae156528230d7a8bfb7b59a13b227f59f9c38ab5617db11ebb6be1276323a905d09c4066a3fe820cf58077ab48bf201f3c467a98516ee7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\MANIFEST-000007
| MD5 | 1be22f40a06c4e7348f4e7eaf40634a9 |
| SHA1 | 8205ec74cd32ef63b1cc274181a74b95eedf86df |
| SHA256 | 45a28788cde0d2a0232d19c391eae45777fe640790ac0674d6daa5672c444691 |
| SHA512 | b8f6f42d375e3ad8015d744fa2814994fa6e588b41cce0131fca48194dd40146b08169a8ce0da350525ff32a59a16edb503c72e0f07254955c82a0d38074856e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
| MD5 | b8472f0675d28a9a33204f13fbd34364 |
| SHA1 | ecbbf19289487c090c2130b2702f1750dffc0409 |
| SHA256 | 48518deff8b52755d1795534e56cbad1e608727be6babb93bba01c4f6243d209 |
| SHA512 | af6646f6e2c6cea343e06e249edcd34ad8f8ff35750a7dd2aedae7e88276b6794cdd0454eaec3a4945856f190b520a5c1a9a7e504dd5cb561a5962177393a19f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000008.ldb
| MD5 | cfc022d784912b4d9e633845571f5fb6 |
| SHA1 | a278b36ecf534cbe3d47b40a9f2856603eccec6e |
| SHA256 | d7be9c50acbf692311c9673258aa8e7c7dab301c7cd535741af825a075b3c9e4 |
| SHA512 | 7e348b4dc83af7555f5db9fe72109ff3aace74da4e551ed3092172f376e93edf1e3638a8ef6210c599540d298d49f2fa53479f24cd967fef13179d33b032dedf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000008.ldb
| MD5 | fe7ac6296a783949264d5abc8d69b443 |
| SHA1 | 32bca04fb95f953deb38e3bc05c0314362420b76 |
| SHA256 | ee1ac8b2768e40583cad98e8edc274ec882384c4776b3fa07b75a6070d0b6ce2 |
| SHA512 | e4f55e14469880ba92bbb61d3708d3489f56f195d0a21938c9ab14588a29172258849c84b72d3405665889f88a55dadeba6c5a02b211c44c9ded24feb76ddbfc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000009.log
| MD5 | 153aaa5869cdca15f9b99e8f43a25d64 |
| SHA1 | ac867691388a103a43f90dc661af3d6ea3338ef2 |
| SHA256 | 7771bb39cdfc7f24597e69bbf4362b6bf33fff16176eecb722c5d0bc7d03ef8b |
| SHA512 | c7dd1c898573f6843788ba4bd690808fb1b652192f45c5a24fcf0d6d77b6212b647d9022ecfbab33135f53a9305ef01d7b8eac0ec60bca2ebfecc5d8535506b7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\MANIFEST-000007
| MD5 | 479ca49c2af1f784e2bbfdd2a45452b6 |
| SHA1 | 42909cb211f3d4abcc6bcdb5f200430245cdccc5 |
| SHA256 | 387c9f8a0d1452afddbd16bcef099f318e8b4907c0d7dab7f8dccc8930e863e0 |
| SHA512 | 2080d6a479b0c6edcc380d0868a252fb3b7dee15e980e44f6ad58cc10062ddb3fa1c424177be163317f8295784312873f74b36e5374dc385fe7c797533b3d542 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG
| MD5 | 6062cbbb367fc6442d9ad7510d79a3fd |
| SHA1 | 1622aee92f46f5acd3f32db3035751d85de48d2f |
| SHA256 | 014069e0d4e7e42e10cf1e7f365715aaabb4d001f7423ea49cfc71fe71a45867 |
| SHA512 | 0a2ce9ed9db36bf0298eab96d0288921b14a01bd5cd4e7178d96dbfdcbde100efecce29477f65fe677c2879beb43ef4fa370cb83711aeb26e9098e51d8eb246a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000010.dbtmp
| MD5 | 60e3f691077715586b918375dd23c6b0 |
| SHA1 | 476d3eab15649c40c6aebfb6ac2366db50283d1b |
| SHA256 | e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee |
| SHA512 | d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons
| MD5 | 538f7ac34df800e0cd3b42db5ed4ceb0 |
| SHA1 | 5b18b941282302a7b727be5469d8e39f190a96ba |
| SHA256 | c65d2d8c725b1d5731debc69bf0325ebf7f4e2bbbee2679d421dc5fd5df129a9 |
| SHA512 | 5bdcf82e34f8a6e24c85bc4bb15e8de07ad7441c31f776218299fe7a32ecf791792bb129c1932a956aa7dc09df7106d580a856a79b397782ea1e9417d33748b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | 03e38e5390866f272e21321bd669ac80 |
| SHA1 | f71f9a37b6da60c7789fcc091d842133f93ca931 |
| SHA256 | 69fdb6438c95e5e44b75a76a81cfcb8f94e429dde8a1b65e97f01a599486f93b |
| SHA512 | f3005287f37c9b68b207a93968e86ff1fcc1057c869015097f8ee579d611f2f292333415b12c6e8f30a8358d84d02c62bb6144d04d92fda2c7734285d8b21511 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bad17c9744ccb621661f6e720624b18b |
| SHA1 | f0945ba3d3faf57816fea9d726c3fb0ee7e78803 |
| SHA256 | 2530a033b2d199dff2442e246c4c24134e15004f1a5bbf8ecb4772b5eeb29bae |
| SHA512 | 0663307181f1f1bf41cf46279718225e6193a680ae067638c0c0a42d4403be147f5dd4c182f7849d611c7bf0dd0519128296b64c45c2ed67b01a015fc6860160 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Data
| MD5 | 22fad2d1e63c5fd6d0f89f13f763f113 |
| SHA1 | 0c5df6053c965c16b47debdf16e824842907f08c |
| SHA256 | 774caf21fc7cfa5729316385724a75b067110f77fcb3b2a98efc5ede203211df |
| SHA512 | 3009a94efab502899f0a0c67cae9dbfcbed41bc04b7f83c70259800e15b4e2a79205b695d017e239dfb5f617774cb8414583595258105f8c86f0828df24cf6de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 70633dc7bf11a0878fec9ad8b5924d27 |
| SHA1 | d8698d85d2db42da410a440a4ceedad88c9c40c5 |
| SHA256 | 318e191786737f178ed7e2419190b1eb13d7f82b660a81db9b9c30551071212d |
| SHA512 | 0128e951a63863e0dfac27e178aba328f3314cf21118697cc05f410314a3188464cbbcf638e7bd9f2b59efc4173c9fcd7ce96fa1e13b58bb55f11084132b943b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000008.log
| MD5 | 926ca2a126ab3d47720a29f3f70a391d |
| SHA1 | 9833065a68d83c02daecc4c96d5b654bf83441c9 |
| SHA256 | 7ffea28f23d852f2e357cd7386c98e473321cefc3d53785931f0b3cc3b1d52cc |
| SHA512 | 96bea839f1d5717627dc7e67010d494f73082a9db9296662e96007a88ab5fa5cd7b1832d75a25f43b357f775abd2045102f4d40a09afa1013176967cff1e9f68 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\MANIFEST-000007
| MD5 | 22b937965712bdbc90f3c4e5cd2a8950 |
| SHA1 | 25a5df32156e12134996410c5f7d9e59b1d6c155 |
| SHA256 | cad3bbec41899ea5205612fc1494fa7ba88847fb75437a2def22211a4003e2eb |
| SHA512 | 931427ad4609ab4ca12b2ee852d4965680f58602b00c182a2d340acf3163d888be6cfad87ca089f2b47929ddfa66be03ab13a6d24922397334d6997d4c8ede3b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
| MD5 | 14534796315bd10d3d726d52380ac4fa |
| SHA1 | 8a3d296383291540433411c53a55add4eb331a38 |
| SHA256 | d7b7251daa00d9540df64a3b2261e06250d35078f86415e6189cd22c07db204b |
| SHA512 | c3f81f7f919fde4e50688896c922771f221273c38062cfffbeaaa18372f5343f5404e3d9a2fb2e7b30175cb837806f1cb306be47c4fc0de6c873f77332dc2ee8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | 9027b8c7ea807002b69fcbb8030558ba |
| SHA1 | 984b66c37a1f916f0d9a846bccad60e019b799ce |
| SHA256 | b22dc73f651e44c66d853c71d332853ddd56256084a02a13df8804ecf2e6f97f |
| SHA512 | c7a276260f5019f079128e3a606a6295ff3522789e318656f8700927b8412c328bde2acc7537f7fc537d4037362a07b6f3c6ee7198d1538445b03720ae1d4b63 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000007.log
| MD5 | c06466d1344e73e191fd5fdc551a55d1 |
| SHA1 | a7bded0a188cc58bd02c3825c100289f66c97e76 |
| SHA256 | a6b649d8872a8bc3f7e8bb74cb5540640640ac744c32cb4c20e85801fca81f7d |
| SHA512 | ac99d78e491846282d1f1223f66ce81972ffbc65c7209de6cac5235169ec0857ecc7626c841c9e168911a835a9a13c01f808386965f70c304e6ac7d41cb114d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
| MD5 | e355668fb229114d140539a4316ce73f |
| SHA1 | 4e0008219e2cc9a8cccbb6f1926d8e35aa85c21e |
| SHA256 | 391ba7de860c22e0a8f0d07aba303951503a4a99f08391ca0cdda5f529549a4d |
| SHA512 | a7b17f6316dbf0cb2d679cd43d1100c501fa4a140115b23836e2ae283df8ff504d235a1b2d1c19758c4cec510168b0031c672a97a882c27668997f7d84a8e83c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\MANIFEST-000007
| MD5 | b6d5d86412551e2d21c97af6f00d20c3 |
| SHA1 | 543302ae0c758954e222399987bb5e364be89029 |
| SHA256 | e0b2fdc217d9c571a35f41c21ed2596309f3f00a7297a8d1ded05f54f0e68191 |
| SHA512 | 5b56ae73a61add9e26f77d95c9b823f82a7fcdc75eed64b388fb4967f5c6c42cb0796b0b99dc25c89f38952786176c10d173dec7862a8a5ce5f820280f72d665 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\MANIFEST-000006
| MD5 | 78c55e45e9d1dc2e44283cf45c66728a |
| SHA1 | 88e234d9f7a513c4806845ce5c07e0016cf13352 |
| SHA256 | 7b69a2bee12703825dc20e7d07292125180b86685d2d1b9fd097df76fc6791ec |
| SHA512 | f2ad4594024871286b98a94223b8e7155c7934ef4ebb55f25a4a485a059f75b572d21bc96e9b48ed394be8a41fe0208f7bfb6e28a79d75640c5b684f0c848fe3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\CURRENT
| MD5 | aefd77f47fb84fae5ea194496b44c67a |
| SHA1 | dcfbb6a5b8d05662c4858664f81693bb7f803b82 |
| SHA256 | 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611 |
| SHA512 | b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000009.log
| MD5 | 859d490e38e7ddceb44bcc0668a4543d |
| SHA1 | f916d95b7b020b7055b76bf5d66fb00d82b30e3c |
| SHA256 | d0e76b7d291eaf628bd7411f50ad82f43fd0c147246231fc2d473cea752f995e |
| SHA512 | a2a288558d07cb42b8be79d9c56a45209896e6cf3d11e31830d4903d22d86d240568fef0432c8bf4500f46d8899f632a91fcfe1d9085ec1682ed4e3b291c90c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
| MD5 | a9a16ac9328ff89ba9f030324a505bc1 |
| SHA1 | fc8b14eb5e230a5b99e0bb1ea29cde1da5ad5510 |
| SHA256 | f3c805a326350a40f98d7d683369c74b947466f01adb24982efb40f54d31c00c |
| SHA512 | deaf0a76189dfb93888bfdb9355f2585470c379efe645a8ac0a77634e99fceb75bef2cf187a54c630256bcbda454f4b97111025eeb708b2fcbb74906a39ef785 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | de26b900b129480f3f2673afeb5b7910 |
| SHA1 | fa8000284b38587e1632e5077b02946d0b300189 |
| SHA256 | 7732d7353bae9570d333324983bc9ceafff76ed26d43425d3be8cd3e1bb36672 |
| SHA512 | f031da5fa2ba8aeccdf54c13b497a5d1570716fd65a03a257eae386ce6fb46cccee322f7bf1cdb9ee4871bd8d6046c6129dd3da79d9887d772499b2a37358f47 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bfe2944b9c853e52194e3adbeaafcaf7 |
| SHA1 | f192cf83dcf4ee32f564d20f375b5554295453a5 |
| SHA256 | 7af174332409fa0af338b9c137ce493da755daf506280747a21806d71748fdbc |
| SHA512 | dc2d5e4f0fd63e142ad0caabaedea46b085e738665353d536903564163e0e8456d19e71cdbee468aec6f07cadc58e007cd2fd4afa45ad9134e0191185f59830b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ee4e80d88f2a3ec5b8184d2c6c0c9fc8 |
| SHA1 | da4f3f98d3b6b13df23de1fe46122da4db6d3441 |
| SHA256 | 0bcff012d94a4ea52a84e1684966a1a9f59b5bea86b6cc6d35b70ee3b47cffdb |
| SHA512 | 5ad1051e70562b3b3bdfa5b2308065a76d44ddaa418d3379c0d507fa160420442968c29a61c5c7f42e1a12000b06e33aabffb993f1020213cfe5621013f630cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a9616b798fd52b660c139a237e0fcbf5 |
| SHA1 | cb30b40b09d4ab2e6508efc741cb05f401a315a3 |
| SHA256 | 273f16598fb62bb0043bf02d4d8464050112adfa9e6499598ab76cd0ea56ce03 |
| SHA512 | caae92f542f94335fd0236f2d5b31a7e911f05fffcb82270d4b26975162b06d9f941c1e9284a034e15b7fe88200d38060a01d5b2f97d8e027b6e3bbb3212ac2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b012d41f2ffdba2c4fc0ff485575a4a3 |
| SHA1 | b4a497a314743db18f956851558e71e4fcb6ec7b |
| SHA256 | 11e6ee2a74de3662444e46c25ce4f7218d4afaf4cb6133ee78128593247ead0a |
| SHA512 | 5582258668c7e8c3343180c24b3c8c929b98988d0cc2835681238253148da69cbbf399f9615547e2653d0bbd94374cda1a3ecfb67e92921cc520dcc270d0e611 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\000004.dbtmp
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt.tmp
| MD5 | ae1bccd6831ebfe5ad03b482ee266e4f |
| SHA1 | 01f4179f48f1af383b275d7ee338dd160b6f558a |
| SHA256 | 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649 |
| SHA512 | baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | eaf3a16c04016a8a80cbe2c9ed356d7d |
| SHA1 | 569c26c75b3b12a820962c4697f770072204346a |
| SHA256 | de2884abeb3c624e5808ba7eb4c21c7a4d9522100998d553abb5c78e1e7d46fb |
| SHA512 | 202e8a937e25e094dcbb6800e7ebbbd024597771d70ac561296058a39a6f0851a3671c64fa70166014c6d46217818565e0ac73f599f1cd4c407c0da2d7fc7341 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 076f86800191e2aba6739819032e528a |
| SHA1 | fbf7b4cf8691286135aa386f7c10b277e10b433b |
| SHA256 | 0164a345d2d5ebf017232ce39777a8d5da5f22f91d97675bdcdd3a2d2630ceba |
| SHA512 | de63cbb5d41b0b6b48e0fae702d90e4c8acde2a37d8193641e8c2ceda558bb9cb693aa5bb0040850df86f397ee0c2a722173c0551b1b986c480aead6901b9207 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3ae24fb6c79023128b473f693696025d |
| SHA1 | 8423abf7d5895b24c0d2b434bb409e1825bc4067 |
| SHA256 | 4fa3c710f84f75c88fe263ccbcf7fc0b5f9def7866aee5033ec8247ade5bb02f |
| SHA512 | 7cdf5eb115fa771796eab08d8722d04e6ace2ca510d000e0665849d47e7ddb81726973bd4fa5bbda96e1e00acaf7b4f1773680e89200ba509eea3ee7bcfab23c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 0171a4148c37aed0c589293e1830ab90 |
| SHA1 | d43ad12fa2aff5aea1dcb8d1ff3e338518ce87d0 |
| SHA256 | 3692ddfbdb901eaa349c5980a69f7f83445780d6f928aede1e6446949c5044f6 |
| SHA512 | 7e91b067e12e747c9c8c2ff199537cd4f2d9529dd66db1e491fccbc05976b8dd3b0df966d8c5d2e2f3af74acc2a33a4ac15f82ab556f8c4a0a522512a06c209c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 8bb7086587c8b4ab97f28214192d46d6 |
| SHA1 | 9d29e9cf2f9097643f84da76014677b4146914f0 |
| SHA256 | d1624234f89db948002956086015c76fa98951d8fda1e5016ac6ca1dd48d3a8f |
| SHA512 | bb9173c2facb357df6956f0b804c2f05d2eb776cc8a6555aae0889d7c6d333afa9d4cdf1f002e1d09a8f907f3caa355d456d8566bfd906fdbb8ec001691ed373 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity~RFf78b635.TMP
| MD5 | 5e0efe296c9941087299db94470f8046 |
| SHA1 | 6d3628bf8c685902d5da0e671614b595876e0fcd |
| SHA256 | 3beb7e8d2d4063e47e3e946a3670a3c34187cec077b52b958220e0ac334b4a80 |
| SHA512 | 5ff7897fca07aebb0dbef62d9c2dd368d901881eddc286011cadb522ea0507bd5f780400b891100ddbef2db621a56c2810db681d5a481e0d2d15c428844d78dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 39f5b823173b0cf354e7368a3dec3c27 |
| SHA1 | 118b5db30ac3ebc510dcb5abed13775dc4217e12 |
| SHA256 | a55c8ba9c3c4e7c4f7d0320b949a10c5c7a52c8ef919c78f8559a8271f92684d |
| SHA512 | 73b4e9531830e49e026eb1a190a61ebc2ee5189dca705f4b9ae27b3e399878eea72cc713678e0449a7b839676fccda0ba4a200fb8ede68608a64fef479f9a356 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2024cdad299255a42b88d4e9eba13d12 |
| SHA1 | 66ee48a01bff7380aa51a72c13cf5f9e182c4b72 |
| SHA256 | e21253bffbb064f34162347ce543920309faf49e797d1e4cbc194265a6cccd6b |
| SHA512 | 6cf403d3185e9bd8a4d31e14ddadf14e19c44ea8e0fa3bca4a6780c0f271ffa6658907e2f071d5f5b8636e550b865f3d77eda0b1323d14e56718b72801cc0a57 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 806891d2faaf0f078213acfd16bcc346 |
| SHA1 | 7070f4a0c40d72ea90f69d230a8f1a9411d8b746 |
| SHA256 | 987298b2875f61e43f04b7f94b6b8f3a2584408a4801aa7166a1322b4017d7c0 |
| SHA512 | 03fc18fc0405e9d97cc49056a6be2399ced9a2222a7370f196c56ab16b329f5c28311986596900f604ee54b829d07bfff383f5299640b418d325e82cc27c7024 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 29f65ba8e88c063813cc50a4ea544e93 |
| SHA1 | 05a7040d5c127e68c25d81cc51271ffb8bef3568 |
| SHA256 | 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184 |
| SHA512 | e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa |
C:\Users\Admin\AppData\Local\Temp\Tar3EAD.tmp
| MD5 | 435a9ac180383f9fa094131b173a2f7b |
| SHA1 | 76944ea657a9db94f9a4bef38f88c46ed4166983 |
| SHA256 | 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34 |
| SHA512 | 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4d6dc0d8b68176c6182ad8768e2a898c |
| SHA1 | 287d9c38f9a796f3021bee55a9594599b20df1c5 |
| SHA256 | 65c7273af0a595f11d4c647907cff2443e1280b578b88ced21b1180e5808ac49 |
| SHA512 | 71ad708a1d66a3d8be5c39ef7c651558c5375321adb878765d6cbca16da38f9118e324d1e0972230abc9194947230fe0fa9f2f11cdca75055611b14ad4e1457f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3acd9ce9405ec3cc578df797936ca7ba |
| SHA1 | dc477c7fb0ea028415ba9395c9cfc1b2d699102e |
| SHA256 | cf2e41115b4bf9725965b1cabb0248702a47da87cc084408b1d39dd7c7f491ce |
| SHA512 | f806d3255412e78ab96462d655daa78bb65f58a9fb5bff9ec71cad5dbd60eeebc554cea5792519956534c3b521601d674a614740b14dc42a50bd9fd78f6039ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 482c8dd2963bde5e3b0e80d3937df181 |
| SHA1 | 1d9c7722159c863e1451895bb8610e771a5db203 |
| SHA256 | 3a822749a7117a8106aede2e78bc40a6dc315f9254b04a6042329f4cba401cd1 |
| SHA512 | d7b99d0b80882758750302843d1232dc30470b92f3c591919311d892c48b3584674d37995cc6eaf2e2af4baadc458a5e01f8b04a88a30e00d2593f8364cb7a3b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 90121a240df519ddc0843ad947ab7050 |
| SHA1 | 99d7bcb980ed522bcff1d13512435d57df8f3232 |
| SHA256 | c85606f1a8e13330ef402d5830acc31130a65ef927df22dd57ea24b11327064f |
| SHA512 | 0c7e3318b74aa093f28e1738cd321d13a97e51f309f68be8d7c5a966aefb23efe183358e92c4c29b5ed1fcbdb2d675651ee09859a5b720105c4cdfc2290c48be |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d51bc0bd9d4d5981dd8d515e7763a2e6 |
| SHA1 | 14ee11fc233bf47140239e04f1ca42e84a037695 |
| SHA256 | b3e2b6bf83c6d31c441f15066c813ad98a5f7610a9bcaf51f4f91ae0d47d0638 |
| SHA512 | 58e72b04d32fb01c73f99305881485d3e2b9c50a253c00d174152b7d089538940df18ee78e00e994c0dee4eb258ae124f6f5d66b05ac5f10257ee614569141b1 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 0b1640051957f7d79e056bb9f66138b5 |
| SHA1 | 7e5a51c24c58af2b4c752ad3935ca57cbced3cd2 |
| SHA256 | 4ff62b01d230597726761f9689638d18b57fc776b910757337de0a877956ae53 |
| SHA512 | decfac0aa739889e6269df115edb18124c6363306fa6c72281842aa8f23b8634d8aa0f06113b88ccfa7780f870317750d1da8a755f27bb06a9fef7c9fc6c271c |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | fdbb227129f8264908e88589f7547ef7 |
| SHA1 | 1d97b51dacec34570c978d0a5d7c5da3ef0afe85 |
| SHA256 | ecfd2c3e21c67011aeb8d7f3527d9d5735b9eba5d58901179e4ee826319cafad |
| SHA512 | ab560e948a75afe18dc149bd08c26c8f08507173894ea2c9843daa27aa4fa1548e78b2e1d79f43bcd2fb4a0755f88b8057548372ff4ce4733453214721c7c982 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | f00e1aeae2db824f53f6800ec5c6f518 |
| SHA1 | 47ff9c1a7815eec8595947bdb3c5137c87bf6c8e |
| SHA256 | 7e52c5f1fce3cccb8757502504b3146df98044a0bac1137b02f7c8cc722b5143 |
| SHA512 | cbb695d5454727af32f939e5646ae2ec01760c0670356baa3f205353aa176517b775d1a56efeba91a59eeb15ad010eed7fe2f33c14898741000f667bfc3c3f13 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | ba1cf1214e37c9bc75bfb07cb3be3f19 |
| SHA1 | ebd71aeed5605f5586c9cf881551f9c2c52d88ca |
| SHA256 | b539b08ca7cab8058637753a65cfb6d4db7d3ae6ffc44fbf4bba891e7f7206ee |
| SHA512 | ed07fb59a32860c99b7103d11c50115fa171cb27b65fb279f696d44449c012c45b01ed4dfa6f11652dd54b5ec39b29e98de4bc05d4222ead20299db2a68b53fd |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\F59A01A8B782D93EA6991BC172CEFFB1
| MD5 | c5dfb849ca051355ee2dba1ac33eb028 |
| SHA1 | d69b561148f01c77c54578c10926df5b856976ad |
| SHA256 | cbb522d7b7f127ad6a0113865bdf1cd4102e7d0759af635a7cf4720dc963c53b |
| SHA512 | 88289cdd2c2dd1f5f4c13ab2cf9bc601fc634b5945309bedf9fc5b96bf21697b4cd6da2f383497825e02272816befbac4f44955282ffbbd4dd0ddc52281082da |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d64f4ada32d1d2187892fc45913a272a |
| SHA1 | 36a9133701f0bc2ef51a86b03c2c85c7336b6693 |
| SHA256 | a1aadc22c08f0677087ce5172b451386ff4a5a885450f442f0b9299e4f67fd9c |
| SHA512 | 67a1ef905a9cb73f4b03f417140527d7da9d188d586d995bb6eacefeaff3b0a4947826f976b3231f60d6bd4fdb53652ee5fd978a4edf37996ec6b40e8be82b0d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d1280ede3818b391f2b1b721b82cfa76 |
| SHA1 | 21fc683082515a3cad370585d662b8bd7a48507f |
| SHA256 | 0dc4d4bea1de342f8b824904ec8522d1e7a50faa16c324bd06e17be9993eb9f0 |
| SHA512 | 8f66672486b17efe8dd0c4ba353f188e7045e1d2058994b3505b2d248641f270ab735cbeff37ee820a179b326ec3c7d0d39cf1cab221d4a3ee439a6ce596727f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | aaf07da1a33681288e5ba62fea2c53c5 |
| SHA1 | d8697d34093fafc8e062a11a59ead8f16a659f66 |
| SHA256 | df605d33735426aac78d4b928c5cd14d3b760fb61322678a04051e1238cfa187 |
| SHA512 | f245a2a3487702354a49ba9cc9c17021e9d4b35fd970370025f2b56d1a156371f81948509727c6f641781f76812c5e4660014b48a5eda10c8b9bcce157f71522 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1053e02ded3f65342ae29dbcc41b311d |
| SHA1 | 028b7029642db1587d5e71c35610ad61d24a0674 |
| SHA256 | 81558eece741ea79af90b38520ea0c9fad93c0fb8d47b6706fb5b48bdc804f7b |
| SHA512 | a54ea142c35de2e6a874438e2c3088519710f255c636f672588a761d10c665798afbe45b12332364bcc15bfbea278f35581464fdc87917404c368045f13a5b2b |
C:\Users\Admin\Downloads\TLauncher-Installer-1.3.5.exe
| MD5 | 1a2ce8f6f111d438d4467a84d8c74351 |
| SHA1 | 6f2b6d316eb820ae6875b84df9615e412ae0773a |
| SHA256 | 9aaa326da7ca2d0d7015742e3ffe5bce7df63cae147166e52f094a1c20897856 |
| SHA512 | 8f276c77a73f4035513d463be939e056a67cfcfb28df078b7e63a3f524a5c66d02128ac6a267e84226dfc2916ae74d0f945a12f7326fa89fa97070329d828193 |
memory/2992-1373-0x00000000033F0000-0x00000000037D9000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\irsetup.exe
| MD5 | d795ef2a7b1d60d78cf3d4d083346a7c |
| SHA1 | 68a623b6b821476e543ea8dadb02ee3a78c55762 |
| SHA256 | c367e0f3b55b16ff6f167f19a3885b9dc7e9e34c0ccdf1df06af5ce7656bd61a |
| SHA512 | bbc4161586240074989c56c9abed3bb36cc68516f03a741438a07633c21343a2a3c2ce43d741f83096e28a541ffb58e56c348cf8ebaa3dc91ae8953bb72c1666 |
memory/2992-1379-0x00000000033F0000-0x00000000037D9000-memory.dmp
memory/2992-1380-0x00000000033F0000-0x00000000037D9000-memory.dmp
memory/2800-1382-0x00000000010E0000-0x00000000014C9000-memory.dmp
memory/2992-1381-0x00000000033F0000-0x00000000037D9000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 353ce4070c59be9e23330325e93988b0 |
| SHA1 | 9e591fd42db0d29c0a30b2b3bfac3ceb58ba21e9 |
| SHA256 | 0e9e6467e715e17ef8a813c33052cf6712148b382430a5413d58e70e7a5f7ca5 |
| SHA512 | f68fe2507ab6949e02724ddc803b30d5f8a19184ce496185e4124085966de25c68c8c222da1fd5bf8819ddcf09b11a1cb670751963bd3961c8a154e4cfaef44d |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\200.ico
| MD5 | e043a9cb014d641a56f50f9d9ac9a1b9 |
| SHA1 | 61dc6aed3d0d1f3b8afe3d161410848c565247ed |
| SHA256 | 9dd7020d04753294c8fb694ac49f406de9adad45d8cdd43fefd99fec3659e946 |
| SHA512 | 4ae5df94fd590703b7a92f19703d733559d600a3885c65f146db04e8bbf6ead9ab5a1748d99c892e6bde63dd4e1592d6f06e02e4baf5e854c8ce6ea0cce1984f |
memory/2800-1964-0x0000000010000000-0x0000000010051000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | cab7e5a55aca10ef192ecb0f8b685c63 |
| SHA1 | 746a3701bb89d90620234c682f10a79fed0e25f4 |
| SHA256 | 93d6bd5b72e0a510af5e8a6f451e8fc43cb88caa09723c56b9f4e333e75b1595 |
| SHA512 | 01874534cbf5f3ca701acd457c0ae792fb8c8f4af7341fdf7bfedd8c2fa091f95f3e8612f55c809bd0c56ccc83e9f0b5bfb2f8af2f001d349ae93a3adbb5f19f |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\BrowserInstaller.exe
| MD5 | 83a8f0546164c9ba1a248acedefd6e5d |
| SHA1 | 7652f353ed74015e7e78bc9f9e305a48d336b6d1 |
| SHA256 | e7c5072ec60d32022b3c818c527ad86f4985837a4f0e9fc6477f54ae86d9f1c9 |
| SHA512 | 111d11acdaef0036ff5cabeb16ed55bf4c681fa6eb3c006af450a0ebadae3e213a8f3abb0f4a9aecc8e893af7a79b4eb7f74a5fc3743e338c3e3136b5d7f9f2d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | d49ef964f574f1fa41c4f4d785995a54 |
| SHA1 | 5c91d95c1ffb92a0fb1719a7fab7e3a9d2c5418a |
| SHA256 | bc735b1ddf833d6480c58db664781b4ac84dd64bfdd15d5c3b5d9d841f150bb5 |
| SHA512 | 77b1b021167895750f1ce5fe758b8e742f008a2d6f26bdf2587bcbc577644feea086f17b420471be4b16f805642f8a461283e64ecf497f8f8450d36bc15fd4a2 |
memory/2800-2058-0x0000000010000000-0x0000000010051000-memory.dmp
memory/2800-2057-0x00000000010E0000-0x00000000014C9000-memory.dmp
memory/2992-2059-0x00000000033F0000-0x00000000037D9000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG2.BMP
| MD5 | f35117734829b05cfceaa7e39b2b61fb |
| SHA1 | 342ae5f530dce669fedaca053bd15b47e755adc2 |
| SHA256 | 9c893fe1ab940ee4c2424aa9dd9972e7ad3198da670006263ecbbb5106d881e3 |
| SHA512 | 1805b376ab7aae87061e9b3f586e9fdef942bb32488b388856d8a96e15871238882928c75489994f9916a77e2c61c6f6629e37d1d872721d19a5d4de3e77f471 |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG3.BMP
| MD5 | f5d6a81635291e408332cc01c565068f |
| SHA1 | 72fa5c8111e95cc7c5e97a09d1376f0619be111b |
| SHA256 | 4c85cdddd497ad81fedb090bc0f8d69b54106c226063fdc1795ada7d8dc74e26 |
| SHA512 | 33333761706c069d2c1396e85333f759549b1dfc94674abb612fd4e5336b1c4877844270a8126e833d0617e6780dd8a4fee2d380c16de8cbf475b23f9d512b5a |
memory/2800-2084-0x00000000010E0000-0x00000000014C9000-memory.dmp
memory/2800-2085-0x0000000010000000-0x0000000010051000-memory.dmp
memory/2800-2095-0x00000000030B0000-0x00000000030C0000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG1.BMP
| MD5 | 3adf5e8387c828f62f12d2dd59349d63 |
| SHA1 | bd065d74b7fa534e5bfb0fb8fb2ee1f188db9e3a |
| SHA256 | 1d7a67b1c0d620506ac76da1984449dfb9c35ffa080dc51e439ed45eecaa7ee0 |
| SHA512 | e4ceb68a0a7d211152d0009cc0ef9b11537cfa8911d6d773c465cea203122f1c83496e655c9654aabe2034161e132de8714f3751d2b448a6a87d5e0dd36625be |
memory/1700-2118-0x0000000003280000-0x0000000003669000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_1\irsetup.exe
| MD5 | a266e0ae1001da0023f9664afbcaee99 |
| SHA1 | f943c180e5221a5943039c21b21f394dd99cbe14 |
| SHA256 | 819b9a02a788445ad6c4d8f38e05abe911e289e71e4d2c2e37923c9f66f576cf |
| SHA512 | 525b8473b17732ba94942df63b0e43b26ee0157b137a1a39f52034b04ce686097e92ec8d9ea422acf02edc4385863c0179a6af73af01dfcfc1cb6d7c9dad1e7c |
memory/2184-2119-0x00000000000C0000-0x00000000004A9000-memory.dmp
memory/2184-2126-0x00000000000C0000-0x00000000004A9000-memory.dmp
C:\Users\Admin\AppData\Roaming\.minecraft\TLauncher.exe
| MD5 | fa9848f3cff6d80b5704c6d2ccb10c2b |
| SHA1 | 714c93f3fc2b915efae0cac6028d317711d59264 |
| SHA256 | 63ff7897d3a90de887c1baebb2ef7b87e596f1749e07322090786c902bdd8d16 |
| SHA512 | 9078f5e3583a2b2cd43f63f023908f652a4c6eb647b1bd8988d33e8f2f1d34d44192ce50b795ffd9764d94a343bdc2ecdb94483ceef79739a92ff8d6a0f9a41b |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG1.PNG
| MD5 | d1172f72e8fec2b8ddbfe964b7197dd6 |
| SHA1 | 91b86d380b4cf7f3fc6dba2be364551f0194ceab |
| SHA256 | a8f33799d6ea706548917b5686b7bd1c6f077fcb344cbd51e9af8d7b4ffbb7d3 |
| SHA512 | afa1b94831188a4d15314a9c2a7c528e7c748a51030bbf6dfb735de5288f5a5fbcd6db3c275a0346c69dd6e999b50df81c7bf63a0cc5cc5c563c49844d363acb |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG4.PNG
| MD5 | 9d399665b43d4310c637b43ae523da04 |
| SHA1 | 5984f23773322e93fb762168cc1924fdab9cca0b |
| SHA256 | c64efebdbee0cba76aa97b61953cfeab0097443bafdddc840feeb81ab0b4f2f7 |
| SHA512 | b881e136b499b8a32a68273d476daa5b258823cceaccf73740341f2af366458e66e1e91d5da8cf8bb07dd8f67665774caef58f15031c3bcc0a2ddad41d0c6145 |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG3.PNG
| MD5 | b0a5a3db3901023adfc16cff5a381ead |
| SHA1 | dfa2662d731eba223ede334a6f875b33e0da964e |
| SHA256 | 88812d618bc05aea2f43fe26cc7fb24953883418e51d6ca14d6a57fead9b97fd |
| SHA512 | 8eb6e90e6884b6ae0fdf943f4326d3ecf34eb9cc5e73d87137ffdea7caaf11cbf48bb7571096d7ed1e0de6c5627cddc9e018eeab2bfbe6639b573ac4b5209960 |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\uninstall.xml
| MD5 | 4f5ac42d8a07ab13f607f74e65968f0c |
| SHA1 | c4427d15ae60e8b2d69606d98ab0988313e869c5 |
| SHA256 | 60c385efae7bc4f7ddd6c934c227f260b969c42ad3c578dc4d0ffb037b66e01f |
| SHA512 | a801cf785703fb2d75a4010f62a165555e2c36ae516786408a1f31f405d2e10a7931711306c289def96a690566263b5ea0735939179fe178695694ebeca519f2 |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG10.PNG
| MD5 | 982b81691cac850c2b98b252e4064660 |
| SHA1 | 0c284934268046484921afa55587d863a3a241a3 |
| SHA256 | 3aca81c52680324664bf3128976503ce73931444b956cb3127810661dccd1687 |
| SHA512 | 5be188c92fd6dc8ff014f4f4ff3195edc69edb6142833a42ad49d45807ccb6bc5e7309a91d5a7f822f96f2951872f85d7a48328d123d2df59158af64a15e9f69 |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\uninstall.xml
| MD5 | a6e153b8f74212040661167b48918ca1 |
| SHA1 | 5a83b13e13125e8cfa015b920b45e5f3dc93fc43 |
| SHA256 | b30f444755e085726884f97bfc4a493d0012c4f782a6a67a771e1f7563d5523b |
| SHA512 | 0a0c55c4dacfae4280fb35ef3b726dcf6424039573ba5f1f62282009ebf95de62d3e15438e08fdaa90ffff9df919737f60744f98adb63a73197d450ac6772f3f |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\uninstall.xml
| MD5 | b1dc26eb82f26ae725344bf90573cd64 |
| SHA1 | 7224e235ba1e6043b1f4fe3b398d3916ef1ab26f |
| SHA256 | 942699a06aabb3099a1978ac3b67fb45254109f97ad950973e82e918454d296b |
| SHA512 | dbe37a4112907cdfb7d58d4f5e208162721076c5889051ea3471397b614d4b2c34a634fac2475e7269d4f79bd5e4664f706a6c44335a63b5dad3901c0454a4ff |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\uninstall.xml
| MD5 | 354a4484bc25a051a5abdbadc2180ce2 |
| SHA1 | ab37279f2df471c8b8031479a4e46c55a05136ec |
| SHA256 | d0fb8ac730d9986e348e6ce1d5fd44c2559e9ad5fc30401c8be93319ed3bbbf7 |
| SHA512 | 055ad400b2799927b0646ae0f1beaa87fa141610bec9d4eadcce39b333855e8d9f3c9d7668d4c40bc1bc0a20eb371ca1f81972aad2b459cc692d59c28748303b |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\IRIMG13.PNG
| MD5 | 2fe88aedf465ed13678cdbc685e44fa0 |
| SHA1 | 624f5a00e7cb017e9bfdfab79f6594a7e02171db |
| SHA256 | 4351cce19e5189a474a3e5dfba8c1c33e51bd875c1d574e5069b49a752f9f665 |
| SHA512 | 6fbff486e7064d083ba8d12d0bffa102fdd61a3f818bc85516ed12b287b582adfe7d358d6ace18b45978bbafd9d9a1df2e08dde8291cabb35677314e99ab299c |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\Wow64.lmd
| MD5 | da1d0cd400e0b6ad6415fd4d90f69666 |
| SHA1 | de9083d2902906cacf57259cf581b1466400b799 |
| SHA256 | 7a79b049bdc3b6e4d101691888360f4f993098f3e3a8beefff4ac367430b1575 |
| SHA512 | f12f64670f158c2e846e78b7b5d191158268b45ecf3c288f02bbee15ae10c4a62e67fb3481da304ba99da2c68ac44d713a44a458ef359db329b6fef3d323382a |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRZip.lmd
| MD5 | dabd469bae99f6f2ada08cd2dd3139c3 |
| SHA1 | 6714e8be7937f7b1be5f7d9bef9cc9c6da0d9e9b |
| SHA256 | 89acf7a60e1d3f2bd7804c0cd65f8c90d52606d2a66906c8f31dce2e0ea66606 |
| SHA512 | 9c5fd1c8f00c78a6f4fd77b75efae892d1cb6baa2e71d89389c659d7c6f8b827b99cecadb0d56c690dd7b26849c6f237af9db3d1a52ae8531d67635b5eff5915 |
C:\Users\Admin\AppData\Roaming\.tlauncher\Uninstall\uninstall.xml
| MD5 | 593e984da561b2dd8b0b4bbd94bb6453 |
| SHA1 | ca001ee68c92464491a106aa811120687d3df813 |
| SHA256 | b145322faee2f6e7926b1f69876f191e84901eaa3c1254dc8d693d64926c077c |
| SHA512 | eaa7a9efeef2d37ebf3079b704ae06dcdd5979530c8da2d32ad17e034e22a19df6e3750e48b40c0be1ba932633f39ebbc4ffc2f65a302e07919bdbcc6e78b641 |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG9.PNG
| MD5 | b7b32e3aeb677124b236d776ef443489 |
| SHA1 | 3249a596e03148836131988b8ca9392f677a7470 |
| SHA256 | f60847a54bde74835d80bb41bc3c57ad211ca30d69c2eb48ef7bffc7c6b44d0c |
| SHA512 | f9044d9da82099a0747b3de0382db0999a9f80cbfe894ed9c4961498c41c5db9055c32d699424b6c5835230a2d74df491151beb90f0ff959b580164b2defab2a |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG14.PNG
| MD5 | 7d26a524b09feacb9db695415e1a66b2 |
| SHA1 | 724f925c2663b623a9755bf722b3f297c8ff605a |
| SHA256 | 867072872533f9000508dafdd49f5b83e03de7b611b454290e062034a423dc74 |
| SHA512 | 6adae2bb7c7e390f5e50df048fb3417c31b025c4d32abcb97ef8206ae3f0769997650cdba178bbad8c34f07a4e613666388e4b9bc465549b47a8f01f0dec4a57 |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG15.PNG
| MD5 | 859d53eb6f971993774da3bccee533a4 |
| SHA1 | c51f8e6a9cbd749b77edfeb324ef18ffdfc8e4fc |
| SHA256 | 768c5aa62161f6ddcab82911e727bf7d902c8d3d24d7c62726542b32ae70f3e7 |
| SHA512 | 5e2f6cd3ffd37a02b5d198046e422bd7c19acca91675a6c38f58d0a985dcc640aedbdab969df9afbc8be6367df071d8e77663c42d5529d9c798602e6c97d246c |
memory/2800-2666-0x00000000010E0000-0x00000000014C9000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f160c383daf832d8d0e653ee2a72c84b |
| SHA1 | bd61cba81edf6c4810de36638c389f573f996715 |
| SHA256 | 56f1b07ce9e0facf0bc17fa690fbc76b818d6dbb44d99c52178905982612a679 |
| SHA512 | cfe1d5cabf71ac90d757a21d2150d744bfb4b79853a3c339c32ec30dba424d46dbd9e2af53101c9a33b7652d5b46c7947ba393c2e6d87ee04f7ff92428ea6dd0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\14001eb2-648e-4a79-9dcb-59aac99a3feb.tmp
| MD5 | ca259febfbac7e57dfc344f379c2a84f |
| SHA1 | b16b44b38e1b88ff69293918df9e726eab92389f |
| SHA256 | 5cfad3be7678fdd49c7ad40f4818321c1d9fc4a7a3d2aec5a740f560b75f6fc5 |
| SHA512 | 8c84ee2239d50e8f271a7b609d85162b9b9d18da92b248f72059e214171efd0891ce09cd77fb1f09d82c2d7dae93e8e790306e3295055eb41606819b4ca5d32a |
memory/2800-2703-0x0000000010000000-0x0000000010051000-memory.dmp
memory/2800-2702-0x00000000010E0000-0x00000000014C9000-memory.dmp
memory/2800-2704-0x00000000030B0000-0x00000000030C0000-memory.dmp
memory/2800-2746-0x00000000010E0000-0x00000000014C9000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | c9dcef54b075b8ca0ca7fc5b0a83d904 |
| SHA1 | ec92e56b61d89650658d5b6f4c8c5755d58b8936 |
| SHA256 | df545a819a6df91067d28b835d5e6221bc935d00a68c199b579b30275a7c91de |
| SHA512 | fedfae87738cc19806e027e02fa5f5570802bf07790f04f6e57893637eaae0d5c27b9ec623c39974675abd22ef2acb7ca9da49fbc63324823cadcc8a9ee151de |
C:\Users\Admin\AppData\Local\Temp\jusched.log
| MD5 | e4d075d9279db6d73bb9439a62716323 |
| SHA1 | f453dba62c4ba6a8c9145acfc65cbbeeff59d2f1 |
| SHA256 | 0fadbeafcffaf4a73ac7d4a83bda118de5ce7dbeb14aa3af4306fda5840e0020 |
| SHA512 | 2cea25edb8ef9d80df4bfc23c501e8d16c82fba831412bbc973c5f09fa21a01f51999446e586e0f6964359b38620476c2f7127769bca26b767700f61d9930290 |
C:\Users\Admin\AppData\Local\Temp\jusched.log
| MD5 | 2a1bb1b1148061f372c632bdd019802f |
| SHA1 | 8681372d5f762279418126c921ff924a3630e692 |
| SHA256 | 77c4db15c8d3bf81bd561be3046e66704e5300f278d19f234dfafe56167359fa |
| SHA512 | 203adbedbf8c6f669ae8f655d7038cfe514547fe8d444c991c44bb36736ccdda6f23fdb83febaf77c29128b95d34fe3a342bb6bf6861d5dee1aadb8de2803dc0 |
memory/2800-3018-0x00000000010E0000-0x00000000014C9000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 5a26fc855ffb57e2ea01b61c13d85897 |
| SHA1 | e75cbfca367bddd70eb8777fb592fcdd7636f419 |
| SHA256 | 469f9f67db686e6a5bf823d382ab8495189661a41ce4c15e35df2cd84799d5d8 |
| SHA512 | 4c5c1d119988bbe815820403aa4b5618fa39a86872b654231dc585ebe4b723a442379a89b3b460d368e2923c2f52cc3f9558fa3d7ed924e84a1ecf0fb41a9365 |
memory/2800-3037-0x00000000010E0000-0x00000000014C9000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4905c75438ca43d08720ae1dcfddccd9 |
| SHA1 | bb6c491b5571441c147ce756b6011fe7c08ae371 |
| SHA256 | 9a5328d35c6485988c2dbddc462a3d207963b9393bc5280c54ae109e8336bda8 |
| SHA512 | 326a9efce897cee032d13fb8cbca292136c7654d01847e31132f58fb6da086bd152792d88775b75bdce8bc2e3e2b92083722c57d7ed564c5c00317cb7abeadaf |
C:\Windows\Installer\MSI3D47.tmp
| MD5 | 64a261a6056e5d2396e3eb6651134bee |
| SHA1 | 32a34baf051b514f12b3e3733f70e608083500f9 |
| SHA256 | 15c1007015be7356e422050ed6fa39ba836d0dd7fbf1aa7d2b823e6754c442a0 |
| SHA512 | d3f95e0c8b5d76b10b61b0ef1453f8d90af90f97848cad3cb22f73878a3c48ea0132ecc300bfb79d2801500d5390e5962fb86a853695d4f661b9ea9aae6b8be8 |
C:\Users\Admin\AppData\Local\Temp\_ir_sf_temp_0\IRIMG17.PNG
| MD5 | 69862e8a82c503fbc5cea0c9e8a33876 |
| SHA1 | a69deda06d6224750bf1ab941bf934bf5250fe4b |
| SHA256 | 8fc3a97777dec1ab22f74f069354cab4880731b873452694921cac9814059858 |
| SHA512 | db86fbd4e1692de8a2dc6816d34e28b12badaed81ad07a7ce4fc225a212fee63eccd1f51c5ebdf7485ee8c0db716f9ac649cd2a4aae92218372582e7ab3d3951 |
C:\Windows\Installer\f7b390b.msi
| MD5 | 4b80c230492aedab6757f904167b4e17 |
| SHA1 | ca169fc089c12341ac8a023e98e5f7d58a1d5d90 |
| SHA256 | 0d961da2bc9f0fe029c31beb616d5069b718abd7f494f28a86fc6ace8e4718ea |
| SHA512 | fcfbaa9c987bda1143f2596aca5bb3c04eebbb8ff7cacb9f855ef66d4c1b433a0a07c9694dcaff56f481df0234e8cc833e0c4b66aa52c2541db5fc562a741aca |
memory/2800-3544-0x00000000010E0000-0x00000000014C9000-memory.dmp
memory/2344-3613-0x0000000000140000-0x0000000000141000-memory.dmp
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Visit Java.com.url
| MD5 | 625bd85c8b8661c2d42626fc892ee663 |
| SHA1 | 86c29abb8b229f2d982df62119a23976a15996d9 |
| SHA256 | 63c2e3467e162e24664b3de62d8eeb6a290a8ffcdf315d90e6ca14248bc0a13a |
| SHA512 | 07708de888204e698f72d8a8778ed504e0fe4d159191efb48b815852e3997b50a27ba0bc8d9586c6fb4844166f38f5f9026a89bbbc3627e78121373982656f12 |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java\Get Help.url
| MD5 | 6684bd30905590fb5053b97bfce355bc |
| SHA1 | 41f6b2b3d719bc36743037ae2896c3d5674e8af7 |
| SHA256 | aa4868d35b6b3390752a5e34ab8e5cba90217e920b8fb8a0f8e46edc1cc95a20 |
| SHA512 | 1748ab352ba2af943a9cd60724c4c34b46f3c1e6112df0c373fa9ba8cb956eb548049a0ac0f4dccff6b5f243ff2d6d210661f0c77b9e1e3d241a404b86d54644 |
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java Development Kit\Reference Documentation.lnk
| MD5 | b5e1de7d05841796c6d96dfe5b8b338c |
| SHA1 | c7c64e5b35d0cca1a5c98a1c68e1e5d4c8b72547 |
| SHA256 | 062cb9dec2b2ce02c633fc442d1a23e910e602548a54a54c8310b0dde9ae074d |
| SHA512 | 963a89b04f34bc00fea5b8e0f9648596c428beac2db30d8b0932974b15c0eb90b7c801ba6fa1082ea9d133258f393ae27e61f27fd3b3951f5c2e4b8c6a212c2d |
memory/1808-3784-0x0000000000240000-0x0000000000241000-memory.dmp
memory/1808-3797-0x0000000000240000-0x0000000000241000-memory.dmp
memory/1808-3800-0x0000000000240000-0x0000000000241000-memory.dmp
memory/1808-3825-0x0000000000240000-0x0000000000241000-memory.dmp
memory/2820-3837-0x0000000000240000-0x0000000000241000-memory.dmp
memory/2800-3848-0x00000000010E0000-0x00000000014C9000-memory.dmp
memory/2820-3850-0x0000000000240000-0x0000000000241000-memory.dmp
memory/2820-3853-0x0000000000240000-0x0000000000241000-memory.dmp
memory/2820-3854-0x0000000000240000-0x0000000000241000-memory.dmp
memory/2820-3868-0x0000000000240000-0x0000000000241000-memory.dmp
memory/2820-3878-0x0000000000240000-0x0000000000241000-memory.dmp
C:\Config.Msi\f7b390f.rbs
| MD5 | c9de4ac142899056354535e24742a25c |
| SHA1 | 207ac5172ada0778d1cd78150cb8a637dba39df3 |
| SHA256 | d54f88cfe96e33906a95683b576333b68443553ac77a2cdb34a829cc5320d646 |
| SHA512 | f4137a2f216d54dd620265f19f73dbc1bc9017bd7160534deff028773cd3ccb0f7f8b290e3ca33dff43d2c85d4ffdefca10b494595af09674affec3adee92d3a |
memory/2456-3944-0x000007FFFFF80000-0x000007FFFFF90000-memory.dmp
memory/2280-4059-0x0000000000130000-0x0000000000131000-memory.dmp
memory/2280-4061-0x0000000000130000-0x0000000000131000-memory.dmp
memory/2780-4073-0x0000000001F30000-0x0000000001F31000-memory.dmp
memory/2780-4075-0x0000000001F30000-0x0000000001F31000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OORQXHVT\runtime[1]
| MD5 | 5d4657b90d2e41960ebe061c1fd494b8 |
| SHA1 | 71eca85088ccbd042cb861c98bccb4c7dec9d09d |
| SHA256 | 93a647b1f2cadcbdb0fe9c46b82b2b4baf7685167de05933811549145c584ee0 |
| SHA512 | 237738c0a6cb25efe29effc9c3637245e3e2397207ed51e67bae5a1b54749f88e090de524f7868d964debbb29a920a68205ccbd2dfceed4a1f3cd72d08b16fa3 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JZQ5QLK\host[1]
| MD5 | a752a4469ac0d91dd2cb1b766ba157de |
| SHA1 | 724ae6b6d6063306cc53b6ad07be6f88eaffbab3 |
| SHA256 | 1e67043252582aea0e042f5a7be4a849b7cd01b133a489c3b2e67c10ade086f3 |
| SHA512 | abc2899705a23f15862acf3d407b700bb91c545722c02c7429745ab7f722507285c62614dcb87ea846f88fc0779345cb2e22dc3ad5f8113f6907821505be2c02 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ZQLLOZN\l10n[1]
| MD5 | 1fd5111b757493a27e697d57b351bb56 |
| SHA1 | 9ca81a74fa5c960f4e8b3ad8a0e1ec9f55237711 |
| SHA256 | 85bbec802e8624e7081abeae4f30bd98d9a9df6574bd01fe5251047e8fdaf59f |
| SHA512 | 80f532e4671d685fa8360ef47a09efcb3342bcfcf929170275465f9800bfbfffc35728a1ba496d4c04a1fdefb2776af02262c3774f83fea289585a5296d560b0 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JZQ5QLK\layout[1]
| MD5 | cc86b13a186fa96dfc6480a8024d2275 |
| SHA1 | d892a7f06dc12a0f2996cc094e0730fe14caf51a |
| SHA256 | fab91ced243da62ec1d938503fa989462374df470be38707fbf59f73715af058 |
| SHA512 | 0e3e4c9755aa8377e00fc9998faab0cd839dfa9f88ce4f4a46d8b5aaf7a33e59e26dbf55e9e7d1f8ef325d43302c68c44216adb565913d30818c159a182120fc |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\OORQXHVT\rtutils[1]
| MD5 | c0a4cebb2c15be8262bf11de37606e07 |
| SHA1 | cafc2ccb797df31eecd3ae7abd396567de8e736d |
| SHA256 | 7da9aa32aa10b69f34b9d3602a3b8a15eb7c03957512714392f12458726ac5f1 |
| SHA512 | cc68f4bc22601430a77258c1d7e18d6366b6bf8f707d31933698b2008092ba5348c33fa8b03e18c4c707abf20ce3cbcb755226dc6489d2b19833809c98a11c74 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\8ADCJI8Z\common[1]
| MD5 | f5bb484d82e7842a602337e34d11a8f6 |
| SHA1 | 09ea1dee4b7c969771e97991c8f5826de637716f |
| SHA256 | 219108bfef63f97562c4532681b03675c9e698c5ae495205853dbcbfd93faf1a |
| SHA512 | a23cc05b94842e1f3a53c2ea8a0b78061649e0a97fcd51c8673b2bcb6de80162c841e9fdde212d3dfd453933df2362dcb237fe629f802bafaa144e33ca78b978 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\4JZQ5QLK\masthead_left[1]
| MD5 | b663555027df2f807752987f002e52e7 |
| SHA1 | aef83d89f9c712a1cbf6f1cd98869822b73d08a6 |
| SHA256 | 0ce32c034dfb7a635a7f6e8152666def16d860b6c631369013a0f34af9d17879 |
| SHA512 | b104ed3327fed172501c5aa990357b44e3b31bb75373fb8a4ea6470ee6a72e345c9dc4bcf46a1983c81adb567979e6e8e6517d943eb204c3f7fac559cd17c451 |
C:\Users\Admin\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9ZQLLOZN\masthead_fill[1]
| MD5 | 91a7b390315635f033459904671c196d |
| SHA1 | b996e96492a01e1b26eb62c17212e19f22b865f3 |
| SHA256 | 155d2a08198237a22ed23dbb6babbd87a0d4f96ffdc73e0119ab14e5dd3b7e00 |
| SHA512 | b3c8b6f86ecf45408ac6b6387ee2c1545115ba79771714c4dd4bbe98f41f7034eae0257ec43c880c2ee88c44e8fc48c775c5bb4fd48666a9a27a8f8ac6bcfdcb |
C:\Windows\Installer\f7b3911.msi
| MD5 | d7390d55b7462787b910a8db0744c1e0 |
| SHA1 | b0c70c3ec91d92d51d52d4f205b5a261027ba80c |
| SHA256 | 4a2f7d9d33e4ad643bf72722587f2b268d92dab3bb1d9bc56af316672e34728a |
| SHA512 | 64f3837dd6099561ce9be97d6fae0b11f3f6cc08281f1a3266d5a6f3ca8baf13bbd780735ef62b449b577d62d086f942b48519671226c60f0e1480f9dbdde434 |
C:\Config.Msi\f7b3915.rbs
| MD5 | a8c928e397f7f03ccd69c29cbc7de443 |
| SHA1 | 45bc269ae498da829fa3257df67e6ad2d24f8e82 |
| SHA256 | ad2415a7c0b324ec329539cbe22522fc6a8d1360ea138531aa33330f8041ecb0 |
| SHA512 | 823fb606bd526e85c8d9e911d909becaff46065b2b7f6a23502b780660d7304087af4fab729976f6930df7334a50acd56efe07d45b54221cc704d4685d34476d |
memory/2712-4295-0x0000000000400000-0x0000000000417000-memory.dmp
memory/2800-4746-0x00000000010E0000-0x00000000014C9000-memory.dmp
memory/2908-4753-0x0000000000430000-0x0000000000431000-memory.dmp
memory/2908-4761-0x0000000000470000-0x000000000047A000-memory.dmp
memory/2908-4762-0x0000000000470000-0x000000000047A000-memory.dmp
memory/2908-4764-0x0000000000430000-0x0000000000431000-memory.dmp
memory/2908-4784-0x0000000000430000-0x0000000000431000-memory.dmp
memory/2908-4785-0x0000000000430000-0x0000000000431000-memory.dmp
memory/2908-4803-0x0000000000430000-0x0000000000431000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9491e87761aae57be649e34684e55673 |
| SHA1 | 74558b53fe1a395f607669bb5bebd09fe9bfb7ec |
| SHA256 | 5e8b3db1189c4d587e826c57d7bf8838790e6be289e6f216d3d9dd6429e6f88c |
| SHA512 | c9b32c5355274d46a685116ce7b0d854d49e2748f3735fc7bf29cacfbea28474583d305f62ae8b56699e142d631d06d46ee0ea2d87ee0c0d6bbe38712ab7a8cc |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\cache\https_repo.tlauncher.org\tlauncher-sources\prod\release\tlauncher\appConfig.json
| MD5 | 91db38ec63d5ba27c2d84d1ce4f5950f |
| SHA1 | 0f981c54c5dc136c271387b919d0da1c043484d0 |
| SHA256 | 4a21a1eada9a254e366a32670c65ae5e1fa9b12ac72b1be4e55be54347a1f38e |
| SHA512 | 299ea4bbf286e7f4d1eac2b9ed5e06d0deb25a79d3d8effd8524154b576c16b14074e6d6d4c8225cd633e2cccc74547a3ebeff1ced03e99b6879cba08e330356 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\cache\https_repo.tlauncher.org\tlauncher-sources\prod\release\tlauncher\2.921\dependencies.json
| MD5 | dd4d9eb42e26f86cdb8f58ac1401e217 |
| SHA1 | 24fd4a27ca650aae032ad1ecc15f1b7560803822 |
| SHA256 | 22127b008d98bf65a5fe9f846641eae124975eeb91b0af0285be977037c41993 |
| SHA512 | 5df828b723041e41db19a58a20c8446a791a1dc07d3669b080c4d128b229dd8fa5b43f83f445ade20545339bc402372d7924861acdfecea1e609dbe7545fda1e |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\cache\https_repo.tlauncher.org\tlauncher-sources\prod\release\tlauncher\2.921\resources.json
| MD5 | d892039e33a914bdd174cbfdfd0e7331 |
| SHA1 | 42754a8f3d087d09999d8b89ce6ea4eab522f1f9 |
| SHA256 | 5acb848f36f188765ef517f67d90fda54892af1d5db3612ba8ed5d3802e2fbb6 |
| SHA512 | f21dd600db9140adc394b749485102a89723a7696101cf19ca6e365f2be9d3a7b0ad54a335985065165c07122415afb9a85170cc1144b8acf237f07538865511 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\cache\https_repo.tlauncher.org\tlauncher-sources\prod\release\tlauncher\javaConfig.json
| MD5 | e2cbea0a8a22b79e63558273dded5e6c |
| SHA1 | bfbbbba0679adcbcf9e079ed3c7c7a60cb0b2d61 |
| SHA256 | 10d0f3646be0a7d73942d7bdd1e55c4b8df0c34cad7ad15a9dc23b2932155007 |
| SHA512 | a6aa26ff49c911fb4705df1e8e434c72e206b20fdaae0abc529e2734f5db49c75da35c3d75769e0ac1b6795de540de4c7e1089b387217fc58f8b19b023064e5a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 646f92a90677c9e7a9996c5e38d4ea9b |
| SHA1 | 5e9d554a21f0f87ee02b39c14605e98730da6edc |
| SHA256 | 6df1dbbfb37d550f73bd0332ae000ae043629e5e2eb5d288fba99c814a29c3de |
| SHA512 | 06e3cc44030e7f2d470b87bd1641f1bc755d1149b950a5d44f8c69dd0eb6ab6aa0b31895bb6aae28a92f4f7aa528cc29a10cf042dfa5785c2f7e18486166e896 |
memory/2908-5198-0x0000000000470000-0x000000000047A000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\432a088d-25ee-441f-8bf7-006859d28f14.tmp
| MD5 | 81e9b366c3b93eeb74872be7a03116c7 |
| SHA1 | d54585093177da955607c19d673c9452d539469f |
| SHA256 | c4cad37cc50378a48e3af12be726b158141a4d473641bfe67c47c834d79535ee |
| SHA512 | 1e5dce5989ee1ab6ff571ec30bfc24d44fae29365f89a6428d99be8414e2f95f24e1c988b108e2b34be7ef9325d1c4b33f7601c7d588b77f43762d4e069ec4e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d523455112baa294cf9bbba2fa7d6c9f |
| SHA1 | bff50ef709d5698702e063aa48390967bef71262 |
| SHA256 | e46a4ea28225b07c59b1d255ad52d47f160610687a0cad763b6fcdf61d966178 |
| SHA512 | d25ad21d0c9d0e9c8e941f1d26043a54ae44e999c4cb7029eaed9977c01df9a5a53bcfaff8efa8020f34b47801dcb2aeb87820344823866c68369ad782eca029 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\java.logging\COPYRIGHT
| MD5 | 4586c3797f538d41b7b2e30e8afebbc9 |
| SHA1 | 3419ebac878fa53a9f0ff1617045ddaafb43dce0 |
| SHA256 | 7afb3a2dc57cb16223dddc970e0b464311e5311484c793abf9327a19ef629018 |
| SHA512 | f2c722ae80d2c0dcdb30a6993864eb90b85be5311261012d4585c6595579582d1b37323613f5417d189adcd096fa948e0378c1e6c59761bf94d65c0a5c2f2fd3 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\java.logging\LICENSE
| MD5 | 16989bab922811e28b64ac30449a5d05 |
| SHA1 | 51ab20e8c19ee570bf6c496ec7346b7cf17bd04a |
| SHA256 | 86e0516b888276a492b19f9a84f5a866ed36925fae1510b3a94a0b6213e69192 |
| SHA512 | 86571f127a6755a7339a9ed06e458c8dc5898e528de89e369a13c183711831af0646474986bae6573bc5155058d5f38348d6bfdeb3fd9318e98e0bf7916e6608 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\javafx.web\ADDITIONAL_LICENSE_INFO
| MD5 | 494903d6add168a732e73d7b0ba059a0 |
| SHA1 | f85c0fd9f8b04c4de25d85de56d4db11881e08ca |
| SHA256 | 0a256a7133bd2146482018ba6204a4ecc75836c139c8792da53536a9b67071d4 |
| SHA512 | b6e0968c9fd9464623bfa595bf47faf8f6bc1c55b09a415724c709ef8a3bcf8a954079cce1e0e6c91d34c607da2cecc2a6454d08c370a618fb9a4d7d9a078b24 |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\javafx.web\ASSEMBLY_EXCEPTION
| MD5 | c62a00c3520dc7970a526025a5977c34 |
| SHA1 | f81a2bcb42ccbf898d92f59a4dc4b63fef6c2848 |
| SHA256 | a4b7ad48df36316ddd7d47fcecc1d7a2c59cbfe22728930220ef63517fd58cb0 |
| SHA512 | 60907d1910b6999b8210b450c6695b7cc35a0c50c25d6569cf8bb975a5967ca4e53f0985bee474b20379df88bb0891068347ecf3e9c42900ed19a1dcbc2d56ec |
C:\Users\Admin\AppData\Roaming\.tlauncher\starter\jre_default\jre-17.0.10-windows-x64\legal\javafx.web\LICENSE
| MD5 | f815ea85f3b4676874e42320d4b8cfd7 |
| SHA1 | 3a2ddf103552fefe391f67263b393509eee3e807 |
| SHA256 | 01a4ebd2a3b2671d913582f1241a176a13e9be98f4e3d5f2f04813e122b88105 |
| SHA512 | ddf09f482536966ac17313179552a5efc1b230fa5f270ebde5df6adebf07ee911b9ef433dfbfcb4e5236922da390f44e355709ecaf390c741648dd2a17084950 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | bf625d7767e537ef50a5ecf266e83b3a |
| SHA1 | b45bf5425c029fb99d0976049c61cf182fde5304 |
| SHA256 | cc3d9701fc0aab2da7a4d6d0c99e063f39d4de131c90c4c7fbba83c3806e2f2a |
| SHA512 | 5c0602298bfab121818b0f6322aad5c8fda626c804543660cb4104210eb344b71afe2ea0fc86b941fc16b21bab3eafba558bb9171e89d9084e3bd1216cbf82d2 |
memory/3432-6260-0x000000001C150000-0x000000001C15A000-memory.dmp
memory/3432-6259-0x000000001C150000-0x000000001C15A000-memory.dmp
memory/2908-6585-0x0000000000470000-0x0000000000472000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\+JXF10711506172565550399.tmp
| MD5 | afa7a91dadd77b23634a0fdf18c148f3 |
| SHA1 | 6cbb57ba2355cf442e06899898ff5af55867103e |
| SHA256 | 9287925cae90ac480804094ff0876832065e2db116470da1f524d79ed9c18b70 |
| SHA512 | 84d123b67505522c256f4ff79c3822eabe2d63036023896e9854298ff39e050bef7894f6320ccf950592015760354683c4dbd19aa203d433a04a5d6bb28e8115 |
C:\Users\Admin\AppData\Local\Temp\+JXF16261016623253492544.tmp
| MD5 | 54a91b0619ccf9373d525109268219dc |
| SHA1 | 1d1d41fcadc571decb6444211b7993b99ce926e2 |
| SHA256 | b2efabca5ea4bc56eea829713706b5cd0788b82aca153bd4adde9b1573933b4f |
| SHA512 | 7f79ff3b42a672371814f42814aa5646328b1a314691d30ce09ffdc7a322adcb1af66625274f7fac024ca2f22a42b625001735711c430faef6e077e1f1d24887 |
C:\Users\Admin\AppData\Local\Temp\+JXF7698762062476785704.tmp
| MD5 | 4c41e856744eb797e9936359a6509287 |
| SHA1 | 0959e6f4dd535eb6fae388b6b9ac179dcf3afd76 |
| SHA256 | 83ff53f599acefc11f5cf63fd0516d4db72aacf7f0125a5f79c9ff222cbf9dd7 |
| SHA512 | 07ae284caa316315da74246c960198a7d549acf86f96cec550f41109fcd870a69ccac9818361657fb859e89d2bdc8398c7731c80d274d99a768102022a5f6e8b |
C:\Users\Admin\AppData\Local\Temp\+JXF17859702503759809978.tmp
| MD5 | ec5d243a9958b3858b5a71fb9a690da7 |
| SHA1 | d80b02c91addef2ef58136d1a7df0189f453388c |
| SHA256 | a4ece920f221b78d43b550d615c5934db162b64a331ffa663a85199e74ef2e6b |
| SHA512 | 479512c6076249a63a822d307b3d8c65d44d19abfadc597f0293fedf2c4fbac2ba6f60ca98d2c1dbb638ad09f3eb1419b6ef391fb098c7d1b62237bce9d79931 |
memory/3432-6679-0x000000001C150000-0x000000001C15A000-memory.dmp
memory/3432-6680-0x000000001C150000-0x000000001C15A000-memory.dmp
memory/3152-6683-0x0000000000860000-0x000000000086A000-memory.dmp
memory/3152-6682-0x0000000000860000-0x000000000086A000-memory.dmp
memory/3432-6681-0x000000001C150000-0x000000001C15A000-memory.dmp
memory/3152-6686-0x0000000002430000-0x000000000248C000-memory.dmp
memory/3152-6685-0x0000000002430000-0x000000000248C000-memory.dmp
memory/3152-6687-0x0000000002430000-0x000000000248C000-memory.dmp
memory/3152-6693-0x0000000000970000-0x000000000099A000-memory.dmp
memory/3152-6692-0x0000000000970000-0x000000000099A000-memory.dmp
C:\Users\Admin\AppData\Roaming\.minecraft\TlauncherProfiles.json
| MD5 | 955450cd2149fb94f422dd601ac53e96 |
| SHA1 | 97cd463b77aee82dcea8e1e132aa6111eadd3120 |
| SHA256 | b08d1cfabbe08efd75bb8764360df97f0a583716d3963785f4116a93d438dafe |
| SHA512 | fb25d69301be80db84dde0500d0dfaca80b0d557fbc616ce20a1113b2af89c9892a44d4e242756cf4727bf49a017aac4bedddeadeb74343a48e3b6bcc5f94dda |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\conf\net.properties
| MD5 | 385443b7e4a37bc277c018cd1d336d49 |
| SHA1 | b2c0dfb00bf699e817bdd49b14bc24b8d3282c65 |
| SHA256 | 5bc726671936e0af4fdf6bed67d9e3a20a92c30b0ba23673d0314baa5e3ffb08 |
| SHA512 | 260afc7671a1dc0c443564f1d10386f0b241bb53c76df68d8d03f1d0b1ceaf3f68847ab3477732c876c2b01c812ef7521744befe88e312f3aa63164b608b67a1 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\conf\security\policy\README.txt
| MD5 | 3d47d94bc4f19d18bcc8b23f51d013af |
| SHA1 | a97cd312d6a2a9c8c780c15e5af51a2f4f97c2cb |
| SHA256 | 6da0747334b0fea7592fd92614b2bbc8b126535e129b1fee483774d914e98eb5 |
| SHA512 | 68a031264cf9442526307364ca74b336af55564c233c2f514cac48e910022767562f8ff6a64bb9cfcbf0fb5e755289273382c9246418a4b9207fc7761d03c64e |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\conf\security\policy\limited\default_local.policy
| MD5 | 6d7b4616a5dba477b6b6d3f9a12e568f |
| SHA1 | 7fb67e217c53a685cb9314001592b5bd50b5fbb9 |
| SHA256 | 2b2627548e61316150d47ffc3e6cad465ca05b3cccd4785eb7d21aa7baa0f441 |
| SHA512 | a0b98cbbb49184df973bb2c4a506e9bc6e025a696bc0c8054a6352cc3f9b4a38e3baf117c6834ddaddc38498556607ed4eda8f1bc683f662d61da50e0db0c8c2 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\conf\security\policy\limited\default_US_export.policy.tlauncherdownload
| MD5 | 1a08ffdf0bc871296c8d698fb22f542a |
| SHA1 | f3f974d3f6245c50804dcc47173aa29d4d7f0e2c |
| SHA256 | 758b930a526fc670ab7537f8c26321527050a31f5f42149a2dda623c56a0a1a9 |
| SHA512 | 4cfca5b10cd7addcff887c8f3621d2fbec1b5632436326377b0ce5af1ae3e8b68ac5a743ca6082fc79991b8eec703a6e1dfd5b896153407ad72327753222fdb3 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\conf\security\policy\limited\exempt_local.policy
| MD5 | 4cbb03f484c86cbea1a217baae07d3c9 |
| SHA1 | ee67275bc119c98191a09ff72f043872b05ab7fd |
| SHA256 | 8c3d7648abcd95a272ce12db870082937f4d7f6878d730d83cb7fbb31eb8b2c9 |
| SHA512 | 2bd70518aed6b0e01c520c446830c5f567fa72974548818cac3e1e5c2be6f03db78ce6012f5463b1e19c36243d04cbaad38ec79524635eaae2e427eb1875ccdb |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\conf\sound.properties.tlauncherdownload
| MD5 | 4f95242740bfb7b133b879597947a41e |
| SHA1 | 9afceb218059d981d0fa9f07aad3c5097cf41b0c |
| SHA256 | 299c2360b6155eb28990ec49cd21753f97e43442fe8fab03e04f3e213df43a66 |
| SHA512 | 99fdd75b8ce71622f85f957ae52b85e6646763f7864b670e993df0c2c77363ef9cfce2727badee03503cda41abe6eb8a278142766bf66f00b4eb39d0d4fc4a87 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.base\ADDITIONAL_LICENSE_INFO
| MD5 | 71bb3ad0017bf36d14bb96a8d4b32c45 |
| SHA1 | 1a5c553e71bdb7d94995b206bc9eaa49abd1e888 |
| SHA256 | a69bce275ba7a3570af6579cb0f55682cd75fedfcd49e0e8e9022270c447c916 |
| SHA512 | 9f658dfea71bdc3cc1549edfb5ad3171dbfa0082b2d91e820c09abe0b376b6bcd8b5170442a5e25e72274e98f130176bbdecfa7997c59705782b214f02136a20 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.base\LICENSE
| MD5 | 3e0b59f8fac05c3c03d4a26bbda13f8f |
| SHA1 | a4fb972c240d89131ee9e16b845cd302e0ecb05f |
| SHA256 | 4b9abebc4338048a7c2dc184e9f800deb349366bdf28eb23c2677a77b4c87726 |
| SHA512 | 6732288c682a39ed9edf11a151f6f48e742696f4a762c0c7d8872b99b9f6d5ab6c305064d4910b1a254862a873129f11fd0fa56ff11bc577d29303f4fb492673 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.base\c-libutl.md
| MD5 | 2e89a282a50f8702e52703464e6937ca |
| SHA1 | cfc22a6f5b17cd539234d5b3160a5224abefadb9 |
| SHA256 | bef40679922d6fdfb7e4ddb223ad6722300f6054ba737bbf6188d60fcec517f9 |
| SHA512 | ae459d8ce5581ea57e203088373c1ce86d122d0e27eb871ee1383e0e64cd8a184fa207eee0e835347316e70afa24a1c95aec30def3e09d15ee19a0b2c3ad2095 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.base\zlib.md.tlauncherdownload
| MD5 | 440321d71d082c9f04a9995b613bdff2 |
| SHA1 | 9af688d499b3026ec8e5a2e266dc4b9b4884a87b |
| SHA256 | 81518ebc49d23a7c77b2e08eff48664ea0c7dd90957a0caf22fd9654985d3285 |
| SHA512 | c516403a109630b79998f3bea6b698247a0b5367cc9873defa75014e8c98c690d34d0810d32792d80fde1333980ac6c5f19324743795cb6455ef0ee4979496bb |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\conf\logging.properties
| MD5 | 0f00ec3e7a7767a4efeae1875fb5f3d4 |
| SHA1 | 167808418571e9209b952188ddab2f4e62920e68 |
| SHA256 | b62d2733ab99556b108a1951d894c5a8d76b1ac7a00c02c388f9eb9be046c56f |
| SHA512 | e869f4a3b821a9933796dc9a56ee00483493369dfbfe07b3b1d895cb8318c6821cd44134eb37513f15b830c25861b596646824ed56672d08b678fefe6a4c7504 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.desktop\ADDITIONAL_LICENSE_INFO.tlauncherdownload
| MD5 | 512f151af02b6bd258428b784b457531 |
| SHA1 | 84d2102ad171863db04e7ee22a259d1f6c5de4a5 |
| SHA256 | d255311b0a181e243de326d111502a8b1dc7277b534a295a8340ab5230e74c83 |
| SHA512 | 1a305bc333c7c2055a334dc67734db587fd6fda457b46c8df8f17ded0a8982e3830970bee75cc17274aa0a4082f32792b5dbff88410fa43cc61b55c1dce4c129 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.compiler\LICENSE.tlauncherdownload
| MD5 | 663f71c746cc2002aa53b066b06c88ab |
| SHA1 | 12976a6c2b227cbac58969c1455444596c894656 |
| SHA256 | d60635c89c9f352ae1e66ef414344f290f5b5f7ce5c23d9633d41fde0909df80 |
| SHA512 | 507b7d09d3bcd9a24f0b4eeda67167595ac6ad37cd19fb31cd8f5ce8466826840c582cb5dc012a4bd51b55e01bb551e207e9da9e0d51948e89f962ba09606aab |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.desktop\giflib.md
| MD5 | 867001e2a577f88cfc856f45959502aa |
| SHA1 | 109c11cec13349212ba94b9f3eb7d0943229938e |
| SHA256 | c8b99f33890887d27ad56fba9edd8ebbc668cfe0689168505a95613d1d4b32f8 |
| SHA512 | dafac31d75a7ab4ddd7666799a24abf22c1583ca22554a738cc26a77bf927b20dde52f12194670a5196bce3a43bd58de46944291727c8877fee1fe4a38a1f1ca |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.desktop\ASSEMBLY_EXCEPTION.tlauncherdownload
| MD5 | bd468da51b15a9f09778545b00265f34 |
| SHA1 | c80e4bab46e34d02826eab226a4441d0970f2aba |
| SHA256 | 7901499314e881a978d80a31970f0daec92d4995f3305e31fb53c38d9cc6ec3b |
| SHA512 | 2c1d43c3e17bb2fca24a77bea3d2b3954a47da92e0cdd0738509bffcdbe2935c11764cd5af50439061638bba8b8d59da29e97ea7404ea605f7575fc13395ca93 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\conf\security\policy\unlimited\default_local.policy
| MD5 | 2a0f330c51aff13a96af8bd5082c84a8 |
| SHA1 | ad2509631ed743c882999ac1200fd5fb8a593639 |
| SHA256 | 8d8a318e6d90dfd7e26612d2b6385aa704f686ca6134c551f8928418d92b851a |
| SHA512 | 2b0385417a3fc2af58b1cbb186dd3e0b0875e42923884153deee0efcb390ca00b326ed5b266b3892d31bf7d40e10969a0b51daa6d0b4ca3183770786925d3cde |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.desktop\lcms.md.tlauncherdownload
| MD5 | 04a8a77cafdd6185a3506eccf7a83346 |
| SHA1 | 1acbec21e9eab8bd2bee9826353c1e768d5457b5 |
| SHA256 | 8acf00b5efd25c1c055927222fd3c26b0c9fd02ed02e478c225b64e7a24d9782 |
| SHA512 | a91faa243a09bdfe62714859b9b4420e8434dd09693a6a280e1c8ef6694fb7858d0171fae4ca36721b685e3ab8bc8000c5635bf3789250a5b9081130eb4ff57c |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.base\aes.md
| MD5 | 2e33468a535a4eb09ef57fc12a2652d0 |
| SHA1 | e64516f3fa1e72f88caa50f14b8046dd74d012b6 |
| SHA256 | 45c6d4da48325edfbff3dcf71c704e504c057904435ed23c6d57046d551eb69d |
| SHA512 | 4d14b5ddbb4d09797264ed29ba71fab6986b4a9e75efb9402c1476e0a9e2884813d6a922dea125643b4f74e1f3e458f4e48d6c840e0f4d16ed72ffbc4611dbb2 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.base\wepoll.md
| MD5 | cef1d92ff8ace278bd32ac5e18735b86 |
| SHA1 | 6c7d15e2b8f3e99527458c8ea33420ee1d34af7b |
| SHA256 | 3ac2992770080453b98c42afa807ba4b2c1738ef756b92a55c645f55e7df48f0 |
| SHA512 | 12aa61ae93fc626a230f39f44ca11c75086fd9bb50f2794fb9fec29b9bef924545fc19d9cb38fda631560ca78ae8e587144cf3cf3c83a6b336bb4711611393bf |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.desktop\colorimaging.md
| MD5 | 0889fd01a6802a5a934572d9bd47f430 |
| SHA1 | 7a7e547452ee1c72e8b0d96dccbe315f62d5b564 |
| SHA256 | 04d61e3e8e71dd452ebe52008af5378d9f6640d14578aeb515dc5375973b0189 |
| SHA512 | f5872960470810cdbdc2db1dfb216cab88203b23400b16e157c8654c2eecff8d9b26ce066ec18718c8e6d54ee1c54533fdade395c454210fed5159fd4a7a0adb |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.desktop\mesa3d.md.tlauncherdownload
| MD5 | c7e0d19c8f4eff11e97f0eb9afd3f7f4 |
| SHA1 | 6a98ee2703132e181f37d162452f073fb64ced83 |
| SHA256 | 63f4e6f75caebbccb95d903fb43e46ac7111b3624d0a34f146b276d7d9e7b152 |
| SHA512 | 9c4111728ab9472f0b160cb11ce1e4ebd75a83cfddca0b3cb87243d15afc5a7fa34dc6006e6b92084648cbad1426f70b405259f589cdef758442643e1618dff4 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.xml\dom.md
| MD5 | 13952c46b3867103ad7d1e9c6c9e906c |
| SHA1 | 4bf3f9908314b05f3b0f6e27be2c1fb7e25fffbb |
| SHA256 | 6686e8877667584a3a7c07344baadca1a03e29f677162d87c3c0811e990d1148 |
| SHA512 | 8c71f226f0f07b471aea6b8e715434b5eaa6b4a59a653ec22c2489e743e9288a0c4537f479719f9d58737d0257470c9cceff9ce647a96e79fd757a4cdcfed499 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.xml\jcup.md
| MD5 | d19594fbf6eab2242dc29257905d8ded |
| SHA1 | fbdcbe5a7e7d91d440c200f5fb00e0cf6a81976c |
| SHA256 | 8d5dcfdf50455a3c34c753a98f21e953248af200415a9084e3f102cb6c43b8bf |
| SHA512 | 7ed3e58f189f2922f7543d4617308d0c35f8adc2e7cbbb6fbba49d33cdd5da64c6edc022ae9842c28e58d97b056a245245c816003978f1e0152236636ca72ba5 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.xml\bcel.md
| MD5 | daae908a4dd474afec9c010d416acb2d |
| SHA1 | a59717166af2e8fa9ecd6d622fd6b82b835acce9 |
| SHA256 | 853a1e7ce397bb10de0e2b3bde0844bcc651f17d983decd07d2d003c0304c311 |
| SHA512 | 25f2189643a113616f53cd87fc96df01b55602bfc3f6653e48c310de03f6d79ccbbec58936d54b88052e32d68c646017bf75b8a179f59fb9d2c5f6938e351a4d |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\jdk.crypto.cryptoki\pkcs11cryptotoken.md
| MD5 | fa24b7e2a61a7045cb0c6c385000681b |
| SHA1 | 869fc0b687986ea26b8ff63c137e03c92234a5c8 |
| SHA256 | 262802e081760b38b3748c8b194353d340e39bc936ac22e17abbb7158d895811 |
| SHA512 | 2676cfdfd61762c7b6171985e8cfe1068c36683ca43753a1ffb10241ac61a74c9be1c00be22903df85ba6954fd908d77de60903c316506fd88b9679672ada968 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\jdk.javadoc\jquery.md
| MD5 | 8ef4ab67241efd69eaa3df9871fa0dbd |
| SHA1 | a20a019c3b06d4263b00f5e89ed394a52b8c1981 |
| SHA256 | 0716943682c624fd2f49b3a718a2ed4d6386e872fe741f1c759573ae24509d3e |
| SHA512 | 1f85e70e166146d81457f05be906f18b9b16ed82bed5f544f090d894b8d0cb1ff4fe5fffd90022f06f2024b2dbf74a30f2940a21941871358469b1f9a1a19998 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\jdk.javadoc\jqueryUI.md
| MD5 | 86bfe7b4e5cbedc085060a2c3f13febe |
| SHA1 | a98cfdc7d73e016ce8b23c1d00daa3d2d3c03a3d |
| SHA256 | bb0a0e89ebd824df714516bf64b9101c62081e4b376f00f929a58c09555bf111 |
| SHA512 | 2656ab0100db997c9306be156af613861c9071a3be1b26f2882a68424e37d1b17674183729c1ba1024302011d42658058f024ce98db5bbb4d528c498ddd21d6e |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\jdk.crypto.cryptoki\pkcs11wrapper.md
| MD5 | b77d1951df7a8488eb84ce1d25486a14 |
| SHA1 | e35415235ec3bbcb92beeceb03a9a8e7c13a6fce |
| SHA256 | 371974b1fca3744a3892c7ee1fcc593b8b4281fc218f4cafd2f709e9df5fd81d |
| SHA512 | 759c75f87309b67c56a5b7088045e04be7c023ecdbaea80842e22b81b0bfb36026191070471f8b08fef47ec73664611ce0453b4a9818f7708c95663733ee5ce9 |
C:\Users\Admin\AppData\Roaming\.tlauncher\tlauncher-2.0.properties
| MD5 | 3bbacc68dbdad222c3a08f2872937d20 |
| SHA1 | 49dc161c003e30233c6a49f131b0fed6739a442d |
| SHA256 | 97512538fd8d8da2a2cfcbbc0949c7bf4ac4b34975457b9a0900956685def482 |
| SHA512 | 22b55afafcec2d777e7491e3cfc1cab3f1e8ab4dc17a92f7453d5ef9fd27358d34c1d1182e6b650cc41b4f9bf966ade2be0d9a457e049381b187a12849916a34 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\lib\tzdb.dat.tlauncherdownload
| MD5 | 2fd920c56de68f65493ba6962fd079e1 |
| SHA1 | 1e79bff02711d3dab3c75e90d4bb08f8086c9626 |
| SHA256 | b7dba25abdfee317daa042c89b01e5711f5781d020dd733ba411760b72addb93 |
| SHA512 | 958f835407e4a10a268bf76bc2ef0196ecd5fa92e139de4c3760544dbdf76f95e67865bac22406aef8ac5ae7508fe63cd1a688c8328e46b73a5867efa4f18d47 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\lib\tzmappings
| MD5 | 4c30d7867505379a18a27d0e8f03198c |
| SHA1 | 0cc871d5bd91e061d676a861749af68bbc0ca9c6 |
| SHA256 | b41575b332809b37ad423bdca30c7c48cdef3d82f82fa9d534781a6f15d6a2ab |
| SHA512 | 873d329682ce67267f438b88eee0fc25cecbbcc1f7d694118417ad12756ec2b6ae7502ec4eea0cc9b4ae8b9e68f5f8877762fa13dea89c4a6dcd54fd8bf82c56 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\jdk.internal.opt\jopt-simple.md
| MD5 | 4f3f190fd212329afc39442174ca4b3a |
| SHA1 | d7e25adf223e68d06276ae7666bbc96590dda442 |
| SHA256 | 99bc67f93cf57d6d20e6047731c93fbb267d70fbdd4115d119e0f85c6efe5c05 |
| SHA512 | fdd3d2fcfd865f62dad0ba2617ea816c78a3dc9d99d8991ffb5eb479fda37317dc3f70b0dcdb1847ffe4432947690436ad4046bfb056c37e2991e6fefa8b70c0 |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\jdk.localedata\thaidict.md
| MD5 | 2ea6eb55ca40902554aaf2fd20a76ba8 |
| SHA1 | e5b9e88e174c797c313d6739e7e34772b723bc4b |
| SHA256 | c326144a2351c9608fa708b5d7d3c5a3da03e82b66479b128e9db4969539824a |
| SHA512 | 5221112cd8ef83b636dc4364f53b72c5484a5885acb55c2c071c88d23058093caee38578f7e424ecafdb483ccc0bc8e78d7ac13add536ec824a8eac171a576cb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 920f9ee9de474c5b57489ccbd8b75060 |
| SHA1 | 26ee3d939aca7c9f570460e1c81a73ff999754e6 |
| SHA256 | 2c81cf4ae943d367d2bfe61acc470f5f59e0c686d5f6754b6176844e77230860 |
| SHA512 | 801ee877c721ac6f92e345c56622ad0eec258eef38dd51040506b9198c8ad1278d715775a1429f228acf6f630a9ccb78b6b379de2ebac4b085e5d7877a8f428d |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\lib\jvm.cfg
| MD5 | 7ce21bdcfa333c231d74a77394206302 |
| SHA1 | c5a940d2dee8e7bfc01a87d585ddca420d37e226 |
| SHA256 | aa9efb969444c1484e29adecab55a122458090616e766b2f1230ef05bc3867e0 |
| SHA512 | 8b37a1a5600e0a4e5832021c4db50569e33f1ddc8ac4fc2f38d5439272b955b0e3028ea10dec0743b197aa0def32d9e185066d2bac451f81b99539d34006074b |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\lib\security\blocked.certs.tlauncherdownload
| MD5 | 8273f70416f494f7fa5b6c70a101e00e |
| SHA1 | aeaebb14fbf146fbb0aaf347446c08766c86ca7f |
| SHA256 | 583500b76965eb54b03493372989ab4d3426f85462d1db232c5ae6706a4d6c58 |
| SHA512 | e697a57d64ace1f302300f83e875c2726407f8daf7c1d38b07ab8b4b11299fd698582d825bee817a1af85a285f27877a9e603e48e01c72e482a04dc7ab12c8da |
C:\Users\Admin\AppData\Roaming\.minecraft\runtime\java-runtime-delta\windows\java-runtime-delta\legal\java.base\public_suffix.md
| MD5 | 1411e0a639389f2dbb2b21490a5c0713 |
| SHA1 | 1706fdcd0dbf23d793f81f4130c81a8d16b4f765 |
| SHA256 | e662969300048d914f80265eb516021ad2b0015c7e7eedd45c93655f11f256d7 |
| SHA512 | cbd16c4c29a51669f51ff9817ed33e29b871df215fb252a946c3b4e80fc83d4f0e4e1b32d46c2998924092e4b14585666f748b598708773dc6d2432701d6f627 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\9d51a2c5-9ea7-4593-8c6a-e2eecc9c6c15\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | daca8a970792450bb3fd7934f1d174f1 |
| SHA1 | 8f8f0745c3c09cac6650d809b3242bbc3d9c9431 |
| SHA256 | 0b1935fe4c37d6a421496575065e9c9ffb1aa052bddb4bd41fd754653cd8785a |
| SHA512 | f361bc62e5cbb489a0bad71a96fa0e93f078758c2f85e9f655bbf09dc7bd845163e67914ea8661b53237a37b40dfec79491e1ee9ede6fd933da9c14d2e2c2294 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | b3eece9f7aedb6e2928f188c600a0d1a |
| SHA1 | 5cb87acc213437e8f06edcddc14b5f11920682bd |
| SHA256 | eaba2ac7861e79f22302113207c67faece4c47d69b61d81a38897612d406d7a2 |
| SHA512 | 9ed86ea912fbd4aaca0df63df0438129431472e4e8cab615f29fcdef49db140fb1f1e006fa78eef40f00ad9ef2ad759d72904d0abaa08507859fb6d72f4aab57 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\efcd9e80-4dda-4666-b89d-5e3576e4e077.tmp
| MD5 | e6639fb5ceb3508c524bce8fc64a97cb |
| SHA1 | 973bb18b781e7a4a40be9de04dfca851fbf438c8 |
| SHA256 | 016c480ab968ea0028b14f808cfb75b745747df3b98b8dedcddb379a1cddecf7 |
| SHA512 | 2bb241ec65bcda307117402a8e635046599ba12ed5775f3f8961f203a8dc89462bfc4c7ea6e24316e6ffb13d29060c4684a8c86d6a7fb0145f788e4d7d14cfa0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 77718b05cf44ba24102b0569351e2c4e |
| SHA1 | 0b3df548b3f874bbd206c102111b9c08916da7e6 |
| SHA256 | 1d10ce81cf0c842ce5e9ebf1ea60751f0c2258acfb100da5bdb45b99f3f02030 |
| SHA512 | c2a4f394d52ff127cb908331336cd7eb4a26a7bc3440029b9be389cdf8b93baf7616129110f8ee50af2db20785dff899a06a2cfb48e85e2d40617b9dfdc82877 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 93e7db96090aa5242270a640a7a551d5 |
| SHA1 | 85708a3ba0e2c564420b52739b687d47354898fa |
| SHA256 | 6eb604040cc37b44ee97c5b0aa6c0cdd987e0b2563afa07a977e006d33d9cc7b |
| SHA512 | 30f1a247d5434ad9dfd44f6e5b6ff08de0c367ca266ef0f327c33e23eceac31d54a2c41ccd94d5beb351ab190b8eb9ff39363b3f97b4d3c954faf7d275c345d0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity~RFf7f44cd.TMP
| MD5 | b5e93f7bd19e9c47e3a7b6ac99d0d16f |
| SHA1 | e7fbe9b71b1c429621ec91ad7342fbd798887a2d |
| SHA256 | b3467f77ee7a97986704c7d1b52a951520fe6d167a11c630d1a5269ec80b413e |
| SHA512 | 9efe0417b0d50e3a03a6b9cf79428dcc85cf956b17a504924b428be064a1908940834effdc9fee1ff8796abe52c96846a71feb53df807d2d594aad84965a1112 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a5c79e3a86d1b4daeca80eb0f7ebf8ff |
| SHA1 | 9a8f4ff8954c0ef12ebea36334edf694ff5b274f |
| SHA256 | 1690118676e25d224c241dba6fcf037826758a29a971ced77c64e296cc1ab6d3 |
| SHA512 | 1e105901633dd8089cc56e442362b905b7625c2754b5b6765378e08f00be703169b7ee19af93ba1f7b0a416fc627e9fdcf22633cc8218c3a09711b7120ec09bc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ea7b43a0f83db9f5babc67c1a76d3352 |
| SHA1 | b427a62c455f3d7d07423207c66e89b8810a5ab6 |
| SHA256 | c0885d44a102eea9659bfd361768ee4744160247b6cc28a9d673239adf67b660 |
| SHA512 | c9216662ae40febbc903ba8255e91e0dac1c17f36d736e0dca440c49537dfe6d593db5b58980149fde62ce24c7fd262b2c8f55399cde6f0d77ace7fc57a86b7a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c47b3f6a1a126fe1699f5582455a7edc |
| SHA1 | 70e9886e95ab21444f3b54fd85e0e9f7d3ba0751 |
| SHA256 | c332ba99c7ed1a2d2a913855e7fcffd96a981099cc2a238e0ebfce2972ce6b47 |
| SHA512 | 70b1d7f3f4e7f707e5260d36dce88206dc574dd08facd0c1e48598e01e2dc96ede547313c7cdf94a7dd408b6007ffde5e5b05a16dcc5a023f9a79e9533348094 |
C:\Users\Admin\Downloads\@#!!Newest_FILE_2024_PASSC0DE_$!.rar.crdownload
| MD5 | 499c8489f689878d9d125ecbca84338f |
| SHA1 | 001272206af504a522d7f8a138ef0a26d975b451 |
| SHA256 | e1b282855485c697ea3d4b8b56b19ec65f6d0e65d039aa4f709e0634c45e5189 |
| SHA512 | 0a5fcd24c0c16a10910626054d3e8e2673cdbcbb9892fee6c8e5f1f0646ee680e3259410943af52b35c0f2715bad4986886a9b9a9803a0c72c3e255e244fa397 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9f6d9303bc0c7915ea6614a9d0fc7260 |
| SHA1 | c1c2eccf13067107f9ea5a7794207df2232d2151 |
| SHA256 | c8f1dde047e61e8d2da522b26a88bb68fdd7ff792482358c98b863f99d3c0364 |
| SHA512 | 6bac7c449be7663fbe59c416dfaee39857e7b4d3beae9fce9d88f066fe47ce49a9a0d616bf49ce52b5ce02a024655b6743dedb89ca9ff49a770c82724c22e1c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 03a87484474cc875bf72bffd95577072 |
| SHA1 | 9048b4ac9ab42597a35f4bdcde79fc7ad86d4e35 |
| SHA256 | 8c0d8ba6a406b1ac664e9f2a89520d59a4043869177eafcbce667ec907cd03ab |
| SHA512 | eb41adfd4f1be2b84f9d165a8f2e96e7ee0ac4b287dc29ec3f4609902ed3ff4567abc632321be5dcf05f496a595b5b906797cb4043cb01553fe683d1be8f5ef0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\15c7859f-a05c-4f68-aa60-f220f5d957a5.tmp
| MD5 | c30a694402daabb2d5af0965b64f4897 |
| SHA1 | b33189eaf05ed94a956398b7e6f19e3785f2a937 |
| SHA256 | cd4f3d2742b25a8f3de584d8a9d9e8d4e622b1b44437edb99e1159b3ed0366b1 |
| SHA512 | 1df4333bd577609390dc4086774852431b4ab66a242e9079ddabc9588f0a80587415c9478aea2a536b0fb91c74cae320facaeeaf0122a6ec196c893b8fda626b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 6d6191f546499a445cc418ed9126a85e |
| SHA1 | b075e8ebc77ad367bbbb943a94279f6cb4bd08ed |
| SHA256 | 9c6f5895cdacf5a161d31e20c10d1f50707b2aaf2ad56ad4857651b99c986535 |
| SHA512 | cd53dab36ee0ca3120366a9af5b85395446185330f913ed6ab281011e6fc7eee15e4677b27ad15f4bd092afd29f98f548e1ace159effdb06c2035c405b9bb2c5 |
C:\Users\Admin\Downloads\Setup.exe
| MD5 | 5924ec85948544ceadf7d1721fb5fcf0 |
| SHA1 | 52a89fb0a90ac1c545f019c476728369ec5a9dfa |
| SHA256 | f46c8174d101b3b16983cf872f54577790326f04390e543ea5b9ce5730e9e4ae |
| SHA512 | b22cd9b2bb4e32f98f4c6cfe35050a6d601f21162b39502b9d32558c015d9e2a20ae5821fd5fe7ae2f6fb72feba4b3b03e71b76a77fd5485ad20eae3df6cc422 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\df9f8edd-4c0d-439b-a9ec-604f2b09bed4.tmp
| MD5 | 8666d8689d63991d66a36f71f95590aa |
| SHA1 | 38d830f28d34a79758da08e092232892c1d790a8 |
| SHA256 | 0fd0a2db2a7fde3aa436217a62c7cfb25e0d2a27bca85f7ebec0465bb3408760 |
| SHA512 | 4294a34789f5e0ae73ab09c2bef966290b0d721127b1b765de8e3bca483b795d6aeae6136370ec2968fef91795b4e9b35679c5e360bced6edce4c66ddbc44985 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 356b132855e25dd28bc3641db53cb3ae |
| SHA1 | 6d0a5c59d2fe96c6c62bd8fceaad1cd7fdb7527e |
| SHA256 | 6709d9e70b1a7bcb6406b92399b84fb2114bb5e5d7c39512d83d44b4ecc8ee32 |
| SHA512 | 66d142a6f2c72131cbe42370de5df5e8209ede1f15c20213353be084d3656011ade4c3267d5a4559dea7abe2a17229f4421ab10355787f5cb4074ca3fdcd2ea8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 84528be2158f66556a191d8257d5b3b7 |
| SHA1 | 62c3be6b6f412c70d8219a97dfacc60c7f346fb0 |
| SHA256 | d5c5eb33abb98bb20fd1fb650de0d75895bca6ad3d9b9417ebe13398f87a5e43 |
| SHA512 | 41e1c9209969294a010303d96ee9b6206a627c58d174fcae4de1c74fcd91bc2e7e4392834ea9430398cdd0911ca1526ae64474a3bd74fdf708a933c764e8a23a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\0e04d456-97a1-4e11-a839-06045f0e03a0.tmp
| MD5 | a73acaea25f623f15a3a5554602eae6e |
| SHA1 | 35c15447d041c956349017229c2cec5b929c2900 |
| SHA256 | 4d5df5696b77fb7764c63b81a62ff1e01d40dc53e93d5b46d117b9f553d2decc |
| SHA512 | 3744309c5fe74469a380233870f9dc28607b3436699e5290ee170eecde7c9e6fa56a2b8dfea0dfe3eace583196fdd112f9c96ea2fb0a5152fc2d380070a9f598 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\b76f10c2-14eb-45df-9e1a-37c3541632f5.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000013.dbtmp
| MD5 | a6813b63372959d9440379e29a2b2575 |
| SHA1 | 394c17d11669e9cb7e2071422a2fd0c80e4cab76 |
| SHA256 | e6325e36f681074fccd2b1371dbf6f4535a6630e5b95c9ddff92c48ec11ce312 |
| SHA512 | 3215a0b16c833b46e6be40fe8e3156e91ec0a5f5d570a5133b65c857237826053bf5d011de1fcc4a13304d7d641bcba931178f8b79ee163f97eb0db08829e711 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000008.dbtmp
| MD5 | 589c49f8a8e18ec6998a7a30b4958ebc |
| SHA1 | cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e |
| SHA256 | 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8 |
| SHA512 | e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2 |