Malware Analysis Report

2025-01-18 22:04

Sample ID 240502-xndwysga69
Target بهجت صابر - من ميدان الكسميات ..mp4
SHA256 8f76628c5258074c8a43a644bab240c1b6b5d73851831580b328e4f5bec90687
Tags
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

SHA256

8f76628c5258074c8a43a644bab240c1b6b5d73851831580b328e4f5bec90687

Threat Level: Shows suspicious behavior

The file بهجت صابر - من ميدان الكسميات ..mp4 was found to be: Shows suspicious behavior.

Malicious Activity Summary


Enumerates connected drives

Uses Volume Shadow Copy service COM API

Suspicious use of SetWindowsHookEx

Suspicious use of FindShellTrayWindow

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: GetForegroundWindowSpam

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: AddClipboardFormatListener

Suspicious use of SendNotifyMessage

Enumerates system info in registry

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-02 18:59

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-02 18:59

Reported

2024-05-02 19:02

Platform

win7-20240221-en

Max time kernel

141s

Max time network

131s

Command Line

"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\بهجت صابر - من ميدان الكسميات ..mp4"

Signatures

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: 33 N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Processes

C:\Program Files\VideoLAN\VLC\vlc.exe

"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\AppData\Local\Temp\بهجت صابر - من ميدان الكسميات ..mp4"

Network

N/A

Files

memory/2648-5-0x000000013F500000-0x000000013F5F8000-memory.dmp

memory/2648-6-0x000007FEFB3B0000-0x000007FEFB3E4000-memory.dmp

memory/2648-9-0x000007FEFB4C0000-0x000007FEFB4D7000-memory.dmp

memory/2648-11-0x000007FEF79B0000-0x000007FEF79C7000-memory.dmp

memory/2648-10-0x000007FEF79D0000-0x000007FEF79E1000-memory.dmp

memory/2648-8-0x000007FEFB7D0000-0x000007FEFB7E8000-memory.dmp

memory/2648-12-0x000007FEF7910000-0x000007FEF7921000-memory.dmp

memory/2648-13-0x000007FEF78E0000-0x000007FEF78FD000-memory.dmp

memory/2648-7-0x000007FEF61A0000-0x000007FEF6454000-memory.dmp

memory/2648-14-0x000007FEF5FA0000-0x000007FEF61A0000-memory.dmp

memory/2648-22-0x000007FEF6DD0000-0x000007FEF6DEB000-memory.dmp

memory/2648-20-0x000007FEF6E10000-0x000007FEF6E21000-memory.dmp

memory/2648-19-0x000007FEF6E30000-0x000007FEF6E41000-memory.dmp

memory/2648-17-0x000007FEF6E70000-0x000007FEF6E91000-memory.dmp

memory/2648-21-0x000007FEF6DF0000-0x000007FEF6E01000-memory.dmp

memory/2648-16-0x000007FEF6EA0000-0x000007FEF6EDF000-memory.dmp

memory/2648-18-0x000007FEF6E50000-0x000007FEF6E68000-memory.dmp

memory/2648-15-0x000007FEF78C0000-0x000007FEF78D1000-memory.dmp

memory/2648-27-0x000007FEF6890000-0x000007FEF68F7000-memory.dmp

memory/2648-26-0x000007FEF6D60000-0x000007FEF6D90000-memory.dmp

memory/2648-30-0x000007FEF4E90000-0x000007FEF4EE6000-memory.dmp

memory/2648-35-0x000007FEF4B50000-0x000007FEF4B92000-memory.dmp

memory/2648-34-0x000007FEF6800000-0x000007FEF6812000-memory.dmp

memory/2648-33-0x000007FEF4BA0000-0x000007FEF4D10000-memory.dmp

memory/2648-37-0x000007FEF4990000-0x000007FEF4AFB000-memory.dmp

memory/2648-38-0x000007FEF4930000-0x000007FEF4987000-memory.dmp

memory/2648-23-0x000007FEF4EF0000-0x000007FEF5F9B000-memory.dmp

memory/2648-36-0x000007FEF4B00000-0x000007FEF4B4C000-memory.dmp

memory/2648-32-0x000007FEF6D20000-0x000007FEF6D37000-memory.dmp

memory/2648-31-0x000007FEF4D10000-0x000007FEF4E88000-memory.dmp

memory/2648-29-0x000007FEF6D40000-0x000007FEF6D51000-memory.dmp

memory/2648-28-0x000007FEF6820000-0x000007FEF688F000-memory.dmp

memory/2648-25-0x000007FEF6D90000-0x000007FEF6DA8000-memory.dmp

memory/2648-40-0x000007FEFB8A0000-0x000007FEFB8B0000-memory.dmp

memory/2648-43-0x000007FEF2EF0000-0x000007FEF2F06000-memory.dmp

memory/2648-42-0x000007FEF2F10000-0x000007FEF2F21000-memory.dmp

memory/2648-39-0x000007FEF46E0000-0x000007FEF492B000-memory.dmp

memory/2648-41-0x000007FEF67D0000-0x000007FEF67FF000-memory.dmp

memory/2648-46-0x000007FEF2D30000-0x000007FEF2D92000-memory.dmp

memory/2648-51-0x000007FEF2C10000-0x000007FEF2C25000-memory.dmp

memory/2648-50-0x000007FEF2C30000-0x000007FEF2C80000-memory.dmp

memory/2648-49-0x000007FEF2C80000-0x000007FEF2C94000-memory.dmp

memory/2648-48-0x000007FEF2CA0000-0x000007FEF2CB3000-memory.dmp

memory/2648-47-0x000007FEF2CC0000-0x000007FEF2D2D000-memory.dmp

memory/2648-45-0x000007FEF2DA0000-0x000007FEF2E15000-memory.dmp

memory/2648-55-0x000007FEF2980000-0x000007FEF2993000-memory.dmp

memory/2648-60-0x000007FEF2420000-0x000007FEF247D000-memory.dmp

memory/2648-63-0x000007FEF21D0000-0x000007FEF21E1000-memory.dmp

memory/2648-62-0x000007FEF2340000-0x000007FEF23C1000-memory.dmp

memory/2648-65-0x000007FEF19D0000-0x000007FEF1A13000-memory.dmp

memory/2648-66-0x000007FEF1990000-0x000007FEF19C4000-memory.dmp

memory/2648-64-0x000007FEF1A20000-0x000007FEF1A6E000-memory.dmp

memory/2648-61-0x000007FEF23D0000-0x000007FEF2417000-memory.dmp

memory/2648-56-0x000007FEF2880000-0x000007FEF2974000-memory.dmp

memory/2648-59-0x000007FEF2480000-0x000007FEF2491000-memory.dmp

memory/2648-58-0x000007FEF2810000-0x000007FEF283A000-memory.dmp

memory/2648-57-0x000007FEF2840000-0x000007FEF2851000-memory.dmp

memory/2648-52-0x000007FEF29F0000-0x000007FEF2C0D000-memory.dmp

memory/2648-54-0x000007FEF29A0000-0x000007FEF29C3000-memory.dmp

memory/2648-53-0x000007FEF29D0000-0x000007FEF29E5000-memory.dmp

memory/2648-44-0x000007FEF2E20000-0x000007FEF2EE5000-memory.dmp

memory/2648-24-0x000007FEF6DB0000-0x000007FEF6DC1000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-02 18:59

Reported

2024-05-02 19:02

Platform

win10v2004-20240426-en

Max time kernel

150s

Max time network

152s

Command Line

"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "C:\Users\Admin\AppData\Local\Temp\بهجت صابر - من ميدان الكسميات ..mp4"

Signatures

Enumerates connected drives

Description Indicator Process Target
File opened (read-only) \??\B: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\R: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\T: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\V: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\I: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\J: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\L: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\M: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\Q: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\A: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\G: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\H: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\K: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\P: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\W: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\X: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\Y: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\E: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\N: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\O: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\S: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\U: C:\Windows\system32\unregmp2.exe N/A
File opened (read-only) \??\Z: C:\Windows\system32\unregmp2.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133591500205196324" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-711569230-3659488422-571408806-1000\{8141DB35-56C0-4746-9C5D-6F2227A170B0} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Windows\system32\unregmp2.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Windows\system32\unregmp2.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\SystemSettingsAdminFlows.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 828 wrote to memory of 4148 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Windows Media Player\setup_wm.exe
PID 828 wrote to memory of 4148 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Windows Media Player\setup_wm.exe
PID 828 wrote to memory of 4148 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Program Files (x86)\Windows Media Player\setup_wm.exe
PID 828 wrote to memory of 1588 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\SysWOW64\unregmp2.exe
PID 828 wrote to memory of 1588 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\SysWOW64\unregmp2.exe
PID 828 wrote to memory of 1588 N/A C:\Program Files (x86)\Windows Media Player\wmplayer.exe C:\Windows\SysWOW64\unregmp2.exe
PID 1588 wrote to memory of 2320 N/A C:\Windows\SysWOW64\unregmp2.exe C:\Windows\system32\unregmp2.exe
PID 1588 wrote to memory of 2320 N/A C:\Windows\SysWOW64\unregmp2.exe C:\Windows\system32\unregmp2.exe
PID 2444 wrote to memory of 5008 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 5008 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1888 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 3908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2444 wrote to memory of 1616 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files (x86)\Windows Media Player\wmplayer.exe

"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "C:\Users\Admin\AppData\Local\Temp\بهجت صابر - من ميدان الكسميات ..mp4"

C:\Program Files (x86)\Windows Media Player\setup_wm.exe

"C:\Program Files (x86)\Windows Media Player\setup_wm.exe" /RunOnce:"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "C:\Users\Admin\AppData\Local\Temp\بهجت صابر - من ميدان الكسميات ..mp4"

C:\Windows\SysWOW64\unregmp2.exe

"C:\Windows\System32\unregmp2.exe" /AsyncFirstLogon

C:\Windows\system32\unregmp2.exe

"C:\Windows\SysNative\unregmp2.exe" /AsyncFirstLogon /REENTRANT

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffab28bab58,0x7ffab28bab68,0x7ffab28bab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1720 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1896 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1996 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2988 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3080 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4260 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4416 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4552 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4688 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4716 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4736 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4628 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3224 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4412 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3084 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4760 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3488 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3300 --field-trial-handle=2368,i,12867445572548142672,6166536662763646129,131072 /prefetch:1

C:\Windows\system32\SystemSettingsAdminFlows.exe

"C:\Windows\system32\SystemSettingsAdminFlows.exe" RenamePC

C:\Windows\system32\vssvc.exe

C:\Windows\system32\vssvc.exe

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffab28bab58,0x7ffab28bab68,0x7ffab28bab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2184 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2292 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2964 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2972 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4424 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4556 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4704 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4784 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4900 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4696 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4880 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3332 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3308 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4604 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4936 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4576 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x304 0x490

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 --field-trial-handle=1924,i,2540600739417511742,4320540007244587603,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 77.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 20.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 227.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
GB 172.217.16.238:443 consent.google.com tcp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 15.164.165.52.in-addr.arpa udp
US 8.8.8.8:53 24.121.18.2.in-addr.arpa udp
US 8.8.8.8:53 id.google.com udp
GB 142.250.187.227:443 id.google.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 172.217.169.86:443 i.ytimg.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 86.169.217.172.in-addr.arpa udp
GB 216.58.212.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 172.217.169.86:443 i.ytimg.com udp
US 8.8.8.8:53 202.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.179.226:443 googleads.g.doubleclick.net tcp
GB 142.250.180.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.234:443 jnn-pa.googleapis.com udp
GB 142.250.179.226:443 googleads.g.doubleclick.net udp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 6.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 cxcs.microsoft.net udp
NL 23.62.61.104:443 www.bing.com tcp
BE 104.68.66.114:443 cxcs.microsoft.net tcp
US 8.8.8.8:53 104.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 114.66.68.104.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
GB 142.250.187.206:443 play.google.com udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 79.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.200.46:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 cxcs.microsoft.net udp
BE 104.68.66.114:443 cxcs.microsoft.net tcp
NL 23.62.61.160:443 www.bing.com tcp
US 8.8.8.8:53 160.61.62.23.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 172.217.16.238:443 www.youtube.com udp
GB 172.217.16.238:443 www.youtube.com tcp
GB 142.250.187.227:443 id.google.com udp
GB 172.217.169.86:443 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 142.250.179.226:443 googleads.g.doubleclick.net udp
GB 216.58.212.234:443 jnn-pa.googleapis.com udp
GB 142.250.179.226:443 googleads.g.doubleclick.net tcp
GB 216.58.212.234:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 accounts.google.com udp
IE 209.85.203.84:443 accounts.google.com udp
US 8.8.8.8:53 rr2---sn-hgn7rnll.googlevideo.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 84.203.85.209.in-addr.arpa udp
FR 173.194.16.231:443 rr2---sn-hgn7rnll.googlevideo.com tcp
FR 173.194.16.231:443 rr2---sn-hgn7rnll.googlevideo.com tcp
FR 173.194.16.231:443 rr2---sn-hgn7rnll.googlevideo.com tcp
FR 173.194.16.231:443 rr2---sn-hgn7rnll.googlevideo.com tcp
FR 173.194.16.231:443 rr2---sn-hgn7rnll.googlevideo.com tcp
FR 173.194.16.231:443 rr2---sn-hgn7rnll.googlevideo.com tcp
US 8.8.8.8:53 231.16.194.173.in-addr.arpa udp
US 8.8.8.8:53 consent.youtube.com udp
GB 142.250.180.14:443 consent.youtube.com tcp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 26.178.89.13.in-addr.arpa udp
US 8.8.8.8:53 rr2---sn-q4fl6nd7.googlevideo.com udp
US 173.194.140.199:443 rr2---sn-q4fl6nd7.googlevideo.com tcp
US 173.194.140.199:443 rr2---sn-q4fl6nd7.googlevideo.com tcp
US 173.194.140.199:443 rr2---sn-q4fl6nd7.googlevideo.com tcp
US 173.194.140.199:443 rr2---sn-q4fl6nd7.googlevideo.com tcp
GB 142.250.180.6:443 static.doubleclick.net udp
GB 142.250.187.206:443 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
US 8.8.8.8:53 199.140.194.173.in-addr.arpa udp
US 173.194.140.199:443 rr2---sn-q4fl6nd7.googlevideo.com tcp
GB 142.250.187.206:443 play.google.com udp
US 173.194.140.199:443 rr2---sn-q4fl6nd7.googlevideo.com tcp
GB 142.250.187.206:443 tcp

Files

C:\Users\Admin\AppData\Local\Temp\wmsetup.log

MD5 486c0fe9e7f2ea9976bb466be15324ba
SHA1 b5b34cbd14f10f1fe0ca7a830178e155236d99a2
SHA256 eccfdc9c82ee039fb8d6b85328f43b83cba1e75d831aef4182956cae7eea88ad
SHA512 4e4a0942e4e42b653923fd9c295d43264b9f42ca82cad6e46adf75d0de6121ec20cd540acaa90bd66d837c27c1cbbe4ca9f654f2775b63828d6e96374ac989fe

C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML.bak

MD5 7050d5ae8acfbe560fa11073fef8185d
SHA1 5bc38e77ff06785fe0aec5a345c4ccd15752560e
SHA256 cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b
SHA512 a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b

C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb

MD5 987a07b978cfe12e4ce45e513ef86619
SHA1 22eec9a9b2e83ad33bedc59e3205f86590b7d40c
SHA256 f1a4a978ce1c4731df1594043135cf58d084fdf129dd1c8e4507c9e06eac5ea8
SHA512 39b86540e4d35c84609ef66537b5aa02058e3d4293f902127c7d4eac8ffc65920cb5c69a77552fc085687eed66e38367f83c177046d0ecb8e6d135463cc142aa

\??\pipe\crashpad_2444_CPUNJOHFQTFGZAIH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 43ccb1f0a374fc344e3db97b366379c1
SHA1 93c2a49ad2da7f93188a53fdce1ef946eec9be58
SHA256 f07715e2a1ae9d9ff67a6282e2cdcde646db557213b11a8a4e42c6509a986d71
SHA512 5ba158a333a5a65c5f1c3e1bfde75bda985485a21c6b9bb8b30d34a1b7bfe07ddc61bc4c91b0c456d924b7405cfcfc8a5e43d7a74d88e258f6e7a26ec6bc5629

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1f8afa15d0180e8af6a8b8a4ce18d579
SHA1 27ef50158cbadff3db40cae90fbc67aaf041d471
SHA256 2af52258127bcf07e1f05e22198ebb4c9ea966b06ae65f18ed2d49cf0f5f05b8
SHA512 9fb3ee2ad8fd88e2a925365a0babc556bb499e32aca234f442a8a6f5d92d1cadef7751df1e9ca6405161c21dee8b4f3620cd1566c4c00e5228e9ba023434c81b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1e20acf82843aa60d447e4941ade52d7
SHA1 ca579947a2b314c04de53f46c6b9e53552a6358a
SHA256 6c21e915f66c3218b39fbe19eb286232e1620f78fb9dae5b95b5ae3a8aa54a5d
SHA512 de6e9364c6e10dbf65efe596a3519f2f9d2b8bba0fadd52e5904ec1b4bd4744ac7f118758bd48b922a0dc92450a04783fa10afe1cc262594464440634d206b16

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 69905b5e58655bfd6da6b6956e34af64
SHA1 5589f28c2bc2abc1fb34dd36521a435246c90c91
SHA256 1d20f1e477452195825cf4be4f80057d25c011488ba19e810fc88f3ba544de60
SHA512 b2d431e1eb4886f039af35f5da6187aa47dc49537536778dbd5eba33eba45f78e53b9ad74a02de98c164908bdc20d27e5d419ca29fabe898a76b8e33fce7a9cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5826da974c3d66ed40371c890a773063
SHA1 3bcfd1c1cff1a3dec88d6a33d3ff2ac269a89265
SHA256 367d51d9550aa83db76d455ff499eafb5e2e9bd28f197d459a8a5955867e4f1f
SHA512 1c7a47ff5fdafd31014c5d5a991f83cd0e438330599f30d885e74b76475a12e1cceffeef9f9998f8fe63a244943b0cb53384b47e20f9b486ec00f3dbad323d9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 59cc25d4cbdf92789316791d0ff7b333
SHA1 91027753746346f33e43c8b5d34d962df81270f8
SHA256 03cdfd81f6eb4e648a967850b4d11c987a86d5569dc0e2ee94098ddfe3f654d4
SHA512 7477afcd57e9f2ded91e11ccb387f592ceef3b9a4d153ba4e09d63badead294442035de343d2fe9545452877da4456fc3136352afee5c76711b6da1017c7543e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe57c331.TMP

MD5 f3ef56b602f38aeac8fa2d4d282a09e7
SHA1 dd69acd2882497422ab64a35b14b1a702e2c897f
SHA256 b19a3b124371a4b400d3fe12541ef5e3095705363272bc86dc505c9cd38150ed
SHA512 74318a21da08c331bb94fa3ea70e833bb95826ce1eea3af4ea8d3da1b0a0bbe8b8bf833c0b5812811ce8f86ca05ac52953eb3fab016f9d95435e920c3868b9b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 94275bde03760c160b707ba8806ef545
SHA1 aad8d87b0796de7baca00ab000b2b12a26427859
SHA256 c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968
SHA512 2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 56dc2c982ce2e14f0412c465ba648ae7
SHA1 59e8e47bebc8fbcec06595211382ef09bb92048d
SHA256 c99b78b00d9d9e9934e2941f9b4a4531ba5aa3f68eeb3ff299bab2186f16e63c
SHA512 4fcd2dd64fe374aa185775edc819bdb4713f5cb005831b1ebce84fbe2dae3f1404c4baf51e7eaad98b34f5f66f7259fe260b59a4ca3ae63bede62d1e16b77bdc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 15327c2643253f560beeab9e0b7c5a4f
SHA1 ad4cd0e2c27b0322c6ada155e6ac28c98f7959d2
SHA256 94a8bf93c4f6a0eb07a234452d321740df32df29938ca20444f83382b52f0cb3
SHA512 7be46e11e5610d95f3abb81994e788ba1f9c5dd6ce8a44f2078fa0df8e2b212c0ae607fa8df85382c30f1a6d7fda357bd449829b872f60dfd8db06f5d757873a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 622a4acd00ddd648b23af0c997c0db9d
SHA1 c66767e240c1c0a9a433e81717463fc5647120e1
SHA256 2e1ab8714180fb84dbe6bfc64c6c6d0ab00454a5824be5c9d9de480284d91710
SHA512 ae94dbe49417c75763f46ef648287741f909814e5828365e781b525fc2e2b341af378205a9e5324d114b6a09bff7e92bad116ca95f251fc9c511e969bbdc5a04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3d756f4bdbc1aa01844c099fe2ba2294
SHA1 2f6f70038bf05db86ab5fd4536731828a575b4a1
SHA256 f17cd88600998e5b61a59fb840ec7d95744b5210b77b002acaa28181f41ee216
SHA512 e849b4d40ec46dbdc2852601ca6d22bda920fb8432c379953d576e9000b56a3e342cdd82e2a4aee2fc6f12dd2c8ebe133838c43350c8968badedd4f2580944de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f498f590825faae8c3ad9b429166f6ce
SHA1 67ca65b5361dd4f21194183f19b0162f23529e32
SHA256 f7182fb1fffa1b53c54d9c4722c2325795dcb63493fd44280a6f271c33ac2206
SHA512 a9d50673f36e0683b2d68b7871a104918c58a2de73172da4ff2ff939275954a9d3b23ce7bc050f582037cbec2f77ee2df3669ae9af3e23b5cee634cd34a6864c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 084ace2027a777a62b2171ab44af1de1
SHA1 0aa2e666284354626f0b4eddab0e9416ab34f200
SHA256 ac0316f217118a5845388e7df399854ec218e94a1239f1124983f190d40925a4
SHA512 bda34ecb93abaa6fd6e72405756a4926897a98316a5a124c031907bde2401700cde982ab8d15bbf1e3ca88f01da4140fc5a1d6d7bbbc815c9fb5a53e99a72677

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ccc4ec7fd24b8b00fc8bcc9f2041a48f
SHA1 2c96cbafd835d03580bb31da7ee97842510f3810
SHA256 f3119c63a60eebc486d378e6e19aa878db08373675c6c8b37886b22e2e0caa67
SHA512 aec3b0743de8eab2b983510f359b34fab6079c4c4ceab08b9ce611e2dce1843bcd8e179dcf1dd8aab4f2fccf36c64cf7d72d494df6be0582ef69eb86c9a56cf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 97195a582f6c7730e2fa5a23295bf8f7
SHA1 d3f9b8d342e0857481aa08c1435e2d979a3a8156
SHA256 5f16b4a608673114006aa2ca172bc62e2af2788b16f1ad80bab027fed11e9808
SHA512 3d54e8ebde9e0fbbfd64f499ab81c4272e22c83be96b4a41368b2a6dcdb134062ab0ef0c6c072c53ea9427a7d069843d1bdb9c39cacbc9347b32dabd2df727b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f157369c04e7552e987c231518582cbb
SHA1 bbb08072105cc43cc5fbe9905ae19afdf079bd0d
SHA256 36c639367c663f1fa94b8177827348540e30446d01d3c70b0c867a3efccf799a
SHA512 7a2feed41da09619554d86985fa86f63edaf6e2a521ea5d317f5761bcf77fce0b68cd6df38f9ccbd5f2904669250d0b6a5ba6ac1b57730dd2a5985130864d0fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 ecca8993047150870094c763386eb4e0
SHA1 e77376a1868359b6270fe9924477d645bd5d7d1d
SHA256 bc2822a5efb199dcc655254b162e8e690280697a639ba9b6901133798470dafc
SHA512 28eee493fd526ef4227665583b28d600954d71babf027c2aa6bc8d72684d4ebe8b84436dd75a7fe29b6d17c8fd91f27a08e4d9deb53e8460a518bd7c09ca297c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 bc6142469cd7dadf107be9ad87ea4753
SHA1 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
SHA256 b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
SHA512 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 009b9a2ee7afbf6dd0b9617fc8f8ecba
SHA1 c97ed0652e731fc412e3b7bdfca2994b7cc206a7
SHA256 de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915
SHA512 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 455928d3b552d5694fe3b6f122c472fe
SHA1 d96d66a64b8b244666597f9f4cf36f005211589e
SHA256 a762f083c39792b022cdf1966b0c464694048ba5c6b37a1fd06b1a62967d7d14
SHA512 d812a07833240b101f91a9a8cfd6334a8b29a3877ceef6fd68788548814807a08c5d00013bc93f9c0c35980fc8575339322e07fda6f9472ee2e31bb3571dfcac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

MD5 72ce4e36787a17b52fe77b6c0ab9ba43
SHA1 06e84d3f2f0d99d44064b05e84c9e4094add8fff
SHA256 f37634cc0f922650bda2852d998926f2ddbd7104eed9641774e4e1bfa90739af
SHA512 60a28da6fd6741b81727d5c391e166f0b1148846107237a3ab94cdc18212f7e30ac2a3e9fa55273032af839c794ad33dbb364660b3f989d8889b7c463e066adb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

MD5 440095f5b22d11b70b84a3ffcdffed75
SHA1 567c09d8ff0e8ab3c21598ef77270f28be2a6f80
SHA256 958c88f51f2ea45153bb51a8cef58c3f66d0cae019527770ff43d27e018e6eea
SHA512 14b485127dd045eb5f8bd007a4fe5dfec18a3877ec058ecac7a8a67e0261dc54ade3e8d60f7429276b497696b3d98f869b3e61fd567afcb9403af331736ddc87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

MD5 18217e12b9a6780c97b07ffdc86344e8
SHA1 f429e8b4fae12cb2ca6bb026ae7ed65fe357fb74
SHA256 d0ae1460084460ab2fcd7e361e9ade3b58c95ecc90d4e2e8a7b10f509d9b6113
SHA512 46db205c0877c1ddb409b9af3b35b7e336b72c1dc46d29a8604485c78910e6388662f69aee976f5adc4a95aac86b3662547d251899843393d082578ecf790f5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 1a81f500b463d9db19662ee494c7eb41
SHA1 41ea7fef791dc238156a69ddd9e380fa2f29ea6c
SHA256 0be4941bb0be1f91c484ac2076c2a89fd0bc5b3599b4c025f804aa5c5df699ae
SHA512 6e8263e8f5adbe98e1cd10da1f9cd2972d3d39ecaa01967b1801209d0a6c34c8a9041a2d34da4b39df5746873f3f3f8cdacb90a415584628009403347a182f3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 6a2c568cb397fda8906149200b696ef0
SHA1 635dedf6cde57a3a3c82a26598a187252816ecf4
SHA256 efa84572ca636981bc0cb766725abde6acedc23991b09520da99be2b693157e5
SHA512 b057da712787a853bacae5839713f87d32251a27d9269e7ceb01f110ca843a23b0bed928628d91bc85087688d16868864a1cb74f2e60cc2b89e3a462fe8dd3bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 eda13c6b6a5166489f77c8d20050d7eb
SHA1 83d1706bc1bb4b7e491045b945c3b50db09f58dd
SHA256 6031816aca7ea5570e205613e1d9ca27f99dafad04dfaa478b78b7127acbb637
SHA512 b8cf001a29d1c1a1d9d075e7e695cd913d946ab657b77ef1e23bcb452cf301f7c6a7d7c6da921e49b56108e7794ec974ce44c0fe058180aa5c9e7771f2906357

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 53b61f5b29c1179b0279fbd9498a1536
SHA1 140f44cd9d51ae81295ed199ccee46a7d37430dc
SHA256 197e9e4a9e3855014800c3bfb36a9e2c2082dc9ebd743cb7a3cf43736fefea2f
SHA512 e7c6ec98a1e299e4a6c711d02d1c3a27cb3d22be2480f02ec458c9d119e48f70843d441729f3cb52c1f2ffcf4581692eb61ff644f99f88eebaf7c9af4d5cd57d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 47ceb250999327d8551cbdb9c52d06e5
SHA1 46768652f80b7c347ac42472e432c90c511cdb4d
SHA256 120983da1fdc9d9bbde9e9d07b8371cc5aacb5cd8052dda6c401620a932dd3de
SHA512 d3f481fcb52b99a1550f1b27b30ef9ede97ed594fd45e9ed179cd20aacc661085c1cad4feef14a26b44d6c78f17c09b5ad24d3df3287d266dee70eae5d50bb92

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 b322e56a86b24d52ba6c2a10614ce78e
SHA1 9a990a198453af55e2c86f8a85ef6eebcb296f4a
SHA256 3df48c3c951cd9bde194b92d644cb82eacb0ea91d01761fbafb645c4462b816e
SHA512 0aa6f828d3a3472325651075887379ad159c348c4399b10e0c3b2556d52f879e1f57b4e8a80c77c1845653d0fa50c8b228c5ac684ca70b79b98c245e4d38ebe1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 acbba8efd7406773a77ea92db434a8c8
SHA1 efc04737d4cdefbb2d0f6e29c0a6dd745642fb76
SHA256 66964627e2b7b1aa50e647cb7278d6a04ff8632cbc786563977962bcfdfc1bdd
SHA512 ecb406ef6b66490f88bad589660c819faa4887c1b6ea45e596859232183aa9204139a7cffa2bc969d9c08d59db83b0fd92c02fc8809442e02e4eeec7207f61e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 c2466359cd8549f908dd0540c3d0c5bd
SHA1 e0ea33e5b97d325f112657c75a7975c1d56f297e
SHA256 35d742ed94d24e6fb9e47d96aec2b4e1021c130b85357ad1ace310dc48ef6d42
SHA512 1f8f2b025e6bb6a46e5fc35a000f32d86ad063de67c1394bb48ad00e69e76b8b4605f4a93801220224c41de66f1d8a073e47ebfdb08ed2e0d73e323265a9d9f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 c8e40ff28cefa80342ea0e35a7f6e641
SHA1 a75971552516e2d053ff79ba5918eed2b3dcfce2
SHA256 b178f5be39a50c3b4042ae323a9e17179f2c6de407402b5d2528287d97675b97
SHA512 2b71c3b37bbba3d2ed50d0b372a4fe5954e87eb3d7d427ef8090660c2c4081d48159afbb78a9d3cba2595b5dc846545aaa29955c78d8546b1292a920a77f243b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 3cce7ef83eeead9a0b133a747cdcf3e9
SHA1 8137db2647392eafb63bbaf90aad6722efec929d
SHA256 7851b8e28acebb08259ac20bcf37445d746866fbfaf0be2add2d6bb16ed1fc8c
SHA512 965a297733d9aa1cc5a265a75771c2b0600762059d4d382cc99324b856f4be267aed65b6ffd309ef2ba40bc3bb80a168e0507e2abff25a781ef6468ae09b6536

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 88e2889f5d2d09fc70887c5934970974
SHA1 2e9695099aad31364dc7939930f0d8be967c67d9
SHA256 c87da019e49b334a5de89017a9051d398a21d3b7269f2c3fdbe070079b17e803
SHA512 4c4082313f64336a4beca76207c728edb7157d65777444c5a2d31f28f2b97cd0e0a341c95af6fdc3e4c159cf693df30965bdae3e0fcf1f23ad78d688ad092caf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 495145572ba8cf053501339a12dc2da2
SHA1 774d88f8f1b4e10a7bd5a8e5084d9014e208c492
SHA256 c4baa979e65c7592d6ae70eaa6326b49cd8e6235c4d80e02e6e0a95efe012b59
SHA512 d4bd81b5ee743ee816f3d5e7c274719fe244f81932e55f338523dade50cf2a5572b723f5cc4bc5f28b11499b756cc9505d57c711c1e9f0f48b5a45e2eff63c2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 dc9aab8d19ee9acb36be9256bda3a2d0
SHA1 8c45e1d4ed082be38ba5bcebbf34c55567199994
SHA256 f49d6c77cc4444c65d2b60177f44efb915cb50a2d04ef1727d7f911707c3ecc1
SHA512 5a1e9403f20e2d39542db87f21f9640f153a55a3e790cb2b9b2609ef6a7aabfc6fe20c2e32c3490487f28a6ab4f16ece4c2ed9b91be5e91baf164d18dcaba105

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 a0aba3fbbf5ed5bf529c3f2e1d56faf2
SHA1 55e6a336a1439a4425a2d89afbad01663ba18bb8
SHA256 834b1eda45671290a9af3d614425f2b4d459d7bb305b97359b253d28dbdbcfd6
SHA512 898c7dae4237be2e12157f54ec2607be0d5fe72ba5d0781a941ae3bcbc0eb2884aa435d9a99c08de835c3fba0c2962e1379d249d9368906f27697598137cf734

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 fa6887ebe17123a7762a9c4fc5d6c52e
SHA1 88befa8d55868df4413e12b3c5890f0bc6b305bf
SHA256 9270b9d2235c7b4c45e171e6a36b2ad66d4b5c8868bdbfa40f346e1a0bfad3a0
SHA512 096d2b79a5add6128bba6a6d3b7277eda2d687a28de04e4ebf3fdb3e74544206fc432ecbed59f4788151a3fedf0c02584a195f83494e4190225f82b3f5168f9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 495e4a6150485f253c6973e4d512b294
SHA1 f7be2aa6005c699b3af543e6fed698caeb90d9c3
SHA256 73a77a6342d7ee75542f2b9491de675b11e39481e0fe02bdca4af213661fedf1
SHA512 02b509e5266f0681ff871bf327921543252954df6c697fbd89b5901ba6fb21fc4fc14fbf0f7e4747443b2211ef14f6e7e50aee125ebe47b67e0cbf0c3623c5dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 4d9eff8ab0e51745fa79cf9ec849ea10
SHA1 0678c3208d450dc4e7578b90976e8f3c7157f69a
SHA256 1d96f3cf37a256e1f17c57bf73b978dd1f6c884c2acba7b342bd6b661e42aac0
SHA512 7f57015aa568cd761b90ae9a5ea2fdc0fe42f5df398c289b5ea9d1bda0b30afe55aabb16b66c6e58af91da52216338a94068ffbb46cb607d94221f8dc2834d8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 895d487a341b28eac9035d0bd2a1f1b9
SHA1 98ee4597daead0fb3905c86f1017ea1933d5e5ae
SHA256 5034f1cada989c8cada4750c28eaa518f5cac079eaa19c9dec34714248038c59
SHA512 7605f6c3c1e04fb3c7227806dc34f0c5d94aceea680f21f90a7a2889233acba647b6459492700e5629faaf0a08858b44341bdf4e0782be56d34aec8054f397eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 705e164f5eab13871f7613b6b9d4d130
SHA1 47fbe9e10cdcb7fa74899f439a9f7a33d9473a31
SHA256 df04952476bf59021890d4c1df2bde7074a8dad5be4a42db3a0c2e4733205858
SHA512 8175f658fee99ba49cadaf359f9ed8688560bf9f8c91ecd27912845a41ea2aca86741d9938342e2d60b6842f313b7c25081d6b3ac3d5f07b86ff170352bb33fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 4d801c5f155db2b384cf138a4d7797f0
SHA1 2b61a9cd3361bafd7dd259f20900ce1646d30667
SHA256 4ff63ec1e2dd3f6a11616ec7552a2b5eccb9c2583810e0fbfb38bb28d43f513f
SHA512 4704adab811525bc7028ffeaf694f05e509a98abde5c9f9b07ddcc31de850bf2a373533a8f62251e1182aa1d346cb8987873d16f8a25dbb6ee6023eb13e545ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 60a6807a49c08a85c842d1481f0c73b3
SHA1 1d86199d7b0c0ee496c9b2e539de04640cd7e068
SHA256 7b24f0eea6a4de93b6d3f672b8d319bf31385f3bfae1f08e16449689106a771d
SHA512 776a5fbd3be71b6663ceb78fbeb734a3271df64ee4853881ffcfbaf137d5c184b96a94b3d09da366ed16cded805e7ffdcb10f4cbd83515d2804ae0e7f8037c10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 653cda08ee4f3a7f2977f438c0a40d30
SHA1 ff626a7a33907c59b9b4c3afd0abb0390fe9ea0a
SHA256 c27d085d883a0070cb857435a25116fa04436230ea3a5850789e75a39102a68a
SHA512 01d915d0ba201d4732045fcd5c04c450345b580156705eadc26582172362f7f26d8faf36cd65eb7c9a63b80a5473bc822cafdfc7724c2168113ed3782b1ac3cf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 f203d75a70ada036423e83070526987a
SHA1 06e072c8d3880fb8cab740f01308fc44cd211029
SHA256 9eba99bb152b450919ff7bddc78c09e5eb0c857659b4fd593c94087d289ab255
SHA512 aba05ffe088c648093719cf2d25fdf46a7055583aa496dc8ef6b15c2ccae8d82c91d102edeec3bca5d6556a90c6d9cb03d688f5ba83f7fa87e1745c06a6d5f04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 923a543cc619ea568f91b723d9fb1ef0
SHA1 6f4ade25559645c741d7327c6e16521e43d7e1f9
SHA256 bf7344209edb1be5a2886c425cf6334a102d76cbea1471fd50171e2ee92877cd
SHA512 a4153751761cd67465374828b0514d7773b8c4ed37779d1ecfd4f19be4faa171585c8ee0b4db59b556399d5d2b9809ba87e04d4715e9d090e1f488d02219d555

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 7d4c16740b6ecbfaeb2d7e372168f4ad
SHA1 b389892976afab87103fbb8db8d46dbc8cb8a952
SHA256 ead84d39466f581148d4fa1d7a4e0816c2c5a79e679351a8f7d8a3f3f3ca80d5
SHA512 42d1c884c1da218da0ae3e3b5ee9fb16658f61a957f5c9691fa8a59076cad03edb0396cdc3ea42c9970dc237ebfbdc7d3fbf830bdcc60f032a4c0ed10fd3ecb7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 bc8ec6d0e3f746a78c43cf4f98312a02
SHA1 22a3fdaf7f8e3176fbcd24c760214736e78ac8dd
SHA256 bfd346deaeb1162c3c5d895c452e104f3824cc8e4d737ca78a4800d0f1c74b21
SHA512 5598235c508347c310348c3fabed174c39f639e4ba3513f4419332aa5d4fa4e925945eeb0f4b56bed923b84504d3aed5d5f5d70e27406a194fdbdb3f5c10cfc4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 8aa206d07c5066fa7d4ea38a2280760a
SHA1 d6bc318a5ac13aa1a7108e9ffaa5774c610477ff
SHA256 bfb10bcc94c2c5ee0d093659f24af802aed9bd20e8b13e9d565f9f69150c7d5f
SHA512 fcbeda5e3b20d8e82c93e32928856424f7e42817173f22f5bcc53222311e6725ea08370ba45ecb24f49804fac42cb05d03d4492465fb12f92ad2762fdf1b45f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 e36b01531654281aae9d1408927ffead
SHA1 1549868a2625cbba61eafcea06a13f8aaf82052e
SHA256 3c4c677bbc82fc34a874c4cc84ce9648e1519281d28deeb60f73f7560650d0bb
SHA512 43e4ef81ec5ffd17c000d978d019fbd4965b828676f3c9f3c8aec37e51e69127321d52cf7cb3c0e68fdec2479bb6096796e809cd7cd774d7e6150f24078557db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 ce1daea8e606c82dcdd7ff47624187af
SHA1 f697462b893da4b7282266aef314a8ed69a7e101
SHA256 266939d074da6fd10411f2020e62289ea5ea344ad296602408bc20cbef197730
SHA512 52daf5c1be08576261a8a0c9c3d7942205cd87b7c986f0864b734e9c67467e241d494d75e5e1aec3273cd7b5a75aeb1782196579f42862a98466129ff8b26574

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 406b52388b94b682da1c31ee77615781
SHA1 355f61274ced2050f25eccd88a530d496b496afb
SHA256 ceece295df4bc3bf302bd2b2b37acbaa4b95254a06f1a8afffbf674eb7b28afa
SHA512 b06ee0d8f8e992de0013328210763fb0f6d92e9077200eb42e4156953ccc154d4bb1f25023b50ccfb7a75e8de884bc10866d0a42b87625123424d6bf8bd23b22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 901c72bc7dd4c747e176305696bd722e
SHA1 df3293c8e15bfdb5103e162cc1218e21107501f6
SHA256 67358d8d26014ab1c4737989f930a36183e762a4e5e3816f5a51e8b905cfef97
SHA512 f713449b7b8c62a1fd573defb0bf1246d427c873b239accbb3c0297b8a9020b26b5b10a2794a59e972112fa00a63824c510040704cbfa4d649d225464fadda68

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0c43162f95aa4c237fa83f62816292ad
SHA1 7d80c65e7c500280e7ae2d25f4d794706b02adf5
SHA256 8db985ea3b0cf08280470c4333bf5a25d46846075aa6c8a1e089c22eba793b21
SHA512 59cd9358cf1a5971243aa19f7f4f5e86a8620411fa7c4a1c97fbd742196d5b662646b189017c5c56b8170705ee107afe8ea02736ba13dc68f8dd24513e0344b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 11adce37e8025938d6d572cffce95dfd
SHA1 f842047b12afa2e9f35e572e21aae3b960b0546e
SHA256 a0f60517d8d105c415c342b5d7d655ef870d787f67b79ebc19fe6cdbe8c023ae
SHA512 4765d37a54ddfb6a5f3618230915b3fb45db4498b0904323f92ef7ba8fa18ce8e5e3d94e47c71b048744badd858eb3a0e2c334795fb165e6a51a775f7997c65b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ecaa8e8c7dc8d3fe578815c2123d25d9
SHA1 542601f139f98c01e1f509d8ed7ca973cf0b4797
SHA256 7928c39e46b1beb4a1a1bec1e01a2b900ceae8fc8fa03cfe089c3b24fb4bf4f8
SHA512 dba7e515d65a5c83effe5b5931dddc9633a516d2d790fe69f0f331b14375fd18e56f5490ae1ab0372a03f67339a4aba1d6be050ef8f9b3410eb8de8f9ca4a0e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b6e159c14f1d4235fcacb0fcf236a2e3
SHA1 c3b56e9253f1e5aa9858e12158e47bfe4bab93a2
SHA256 7bcaa5adb863d15c4bb0fd1e845578244c6ef12f037164f1787c8df0fb39c6fc
SHA512 876a551ed06e1fb42662b638dcd1f52d24843271fa6a66bb41e6eaba38bcbc110623c672e7f30552dbd30d050bea06c14fb3a4f9663b325bce16132b26563212

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 add32d7100881124bfc01a488915752c
SHA1 2fe6d896566dca88f4e4e421fb503559ac199f0c
SHA256 d87f93222659e7c415b9a2b2922af189a451589b7b9c1e8dcd2e5f03871e46d5
SHA512 8bf00616527e7ec9a607e321df4d40ef50c870a420168bd1b6694fcb8d0686e9f03ebaab87963c70c16e4efda959fbdf12af8810c840e6ef5f0cef42b470fbb8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ce873e8786a3ac33d3ddfe488e17e941
SHA1 f8bc7ba6713bef1001e67abf0160753b71731aaa
SHA256 e008cfefdefdfc55850fae9474fccbd0b935fc200d5043c473101a004e7fc7e8
SHA512 db7065ded017b97b09219755225b9a3a184e717b257d4391d71159c3465efa824477f2f783dd42ab89010344218883db3f31490b1cf9c8444f14ca4199953651

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 da31740f08af5e3ecad58c9998fe9b2d
SHA1 38ff38b1bc8190d549597a49dd25ddf2cd58eec8
SHA256 e5d39e1426410d6d1713703ff87bf56e9904d7f4a0b57f07d7b409d381a43b6e
SHA512 f596346f1d69d73f93d6102a0228da483fb3d60fa30b9cbc265915d755d49c3d61ec984d4452ef91cf361e7bb0087688ea653d2a18c77e03d2cf58d458a7775e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 f467797dc786f410cc462ddc0e3aef61
SHA1 6d4cacb49d5542725ecdb066eff1788e765df38f
SHA256 ed7ad2df17aa5ca2fa6bcb5bf62f02f18e4704a0d59e72160068480ec3b8f9bd
SHA512 d8ce0b7228b6d644ce80b3576acc5d10f2c2229a48f3e383bb07ec23f04a8c6733a74d3ff97da8cc8b868589854d838f69f3cab79781ca3de3667ec64a187479

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir1904_1957804019\Icons Monochrome\16.png

MD5 a4fd4f5953721f7f3a5b4bfd58922efe
SHA1 f3abed41d764efbd26bacf84c42bd8098a14c5cb
SHA256 c659d57841bb33d63f7b1334200548f207340d95e8e2ae25aac7a798a08071a3
SHA512 7fcc1ca4d6d97335e76faa65b7cfb381fb722210041bdcd3b31b0f94e15dc226eec4639547af86ae71f311f52a956dc83294c2d23f345e63b5e45e25956b2691

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir1904_785640206\Shortcuts Menu Icons\Monochrome\0\512.png

MD5 12a429f9782bcff446dc1089b68d44ee
SHA1 e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256 e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA512 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir1904_785640206\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 7f57c509f12aaae2c269646db7fde6e8
SHA1 969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA256 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA512 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a6ad3bf0-5b0f-4ecc-8d11-51acd15b48e7\index-dir\the-real-index

MD5 07740e7256023b88862e501edace786d
SHA1 863252aade2882d96e4665e580a3102f314213d2
SHA256 210f55679d7c2f75b4d35ab68195c99dea8362a3161341685721e8530ed61549
SHA512 c0f10c33c89c7fe30b1cf000deaf9f4eb5fe3bad4b782917e4ac521aa74cffa405e84912180db36a2d3f539e3ef09153a849f9e9b0a50eb698fba7f27ebfd17a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a6ad3bf0-5b0f-4ecc-8d11-51acd15b48e7\index-dir\the-real-index~RFe5973cf.TMP

MD5 c53bdcc030be8c6750d82a506be9b789
SHA1 5431e62b5f95ea6c78737206e7eb0b224f561fd5
SHA256 15fdbac5416fba1788b87c2b9f8bebd16aab55ccbdb35f462cd9c364e2ba9e74
SHA512 aa3b1af654c25055120a1939204b7a14f2781c5c5cb64871af2151eeeb7576372af775103918fd4e902aba955eea599db57c38dd83e1e32ef3fba15439e9720c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\a6ad3bf0-5b0f-4ecc-8d11-51acd15b48e7\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 a26b8847da22c77e539e22b797ec81b7
SHA1 469fcde529868c1ec30c8c9ff5d4ccc449a810f2
SHA256 53a1d738ed25475201eec2e81cc51fda32526aaea4e60f9859b2a1948532f243
SHA512 6bfbf3d0d6e0318679f7b1d317a7c34f040ad21dd360d5972babf392c45fe6d3f82b1ba32d961da449d4a9b69971be3f2b14d8db3e7ba9ab19a8979073bd0365

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 92174bd0e92632373aad07eca0fa2382
SHA1 33943ac37bccbd64cf468e73306fb40c8b61dff2
SHA256 0d4299b186e66d8492ea5d6827d1bc3192d9065fedaa653ddaa7b3e94a8935c2
SHA512 cf794d879a69c60248733dc9519d18d585bae8938dc5b0ab6ae7422f795d66ac04ebcb07a3c063e7bce2d7d6a69eaf79512a09c9606aed44edef505b5ad8b1d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

MD5 9ffdce604c9c4c94e72d5751ab1ff10e
SHA1 dd50dc9e2c6fe01d5da6b8c08cdaf16386debebf
SHA256 4de32d3ec6d28b015f82c85d11e1726c6df4382a5771d414dea0fac6b450593f
SHA512 f1f0f8713eb0c33db8958afe99f4e5d675275eeefc5317113b1fa54dc0a6d722905d9b340f07154ba14a4cb9c9226f6c62692b1351c4c74d3918f0b8523a7072

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 55961b9f013673e3e201cd2ebc0f7195
SHA1 ee65c1beb3daf610781285d7e5618a82a90dbdfe
SHA256 175a05d45212e97872659c071b2d7b885d59a939911791585899211bbfdb40ca
SHA512 95b916452a60df256e155f1672b18516db6762a3d7fc1226f15f9d6fa611921d576b6e3ada2cb79a71e66604866ebd212339719c4e1a84f3be2e17215e59dce2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

MD5 db58814e73b8dcf7bf565f2cab11d7c0
SHA1 68a11b423c9cb3301955a360f2ee7c37d216afde
SHA256 86884c4eae6f40374250b89a320b020427ddd9b01cf598ff6f6b9a489e804f67
SHA512 2244b518e697dcf61cdfcd13a614c605df140a789905967318a790e1d990713e3e79b25d051b2c8fe168da212bb7833242df7c0de81f7d866b9f5817b3621f34