Malware Analysis Report

2024-11-30 20:12

Sample ID 240504-phv92sgf24
Target https://github.com
Tags
lumma stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://github.com was found to be: Known bad.

Malicious Activity Summary

lumma stealer

Lumma Stealer

Executes dropped EXE

Suspicious use of SetThreadContext

Drops file in Program Files directory

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Enumerates system info in registry

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Modifies registry class

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-04 12:20

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-04 12:20

Reported

2024-05-04 12:22

Platform

win10v2004-20240426-en

Max time kernel

126s

Max time network

125s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com

Signatures

Lumma Stealer

stealer lumma

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\GitLauncher.exe N/A
N/A N/A C:\Users\Admin\Downloads\GitLauncher.exe N/A

Suspicious use of SetThreadContext

Description Indicator Process Target
PID 4996 set thread context of 1856 N/A C:\Users\Admin\Downloads\GitLauncher.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
PID 3484 set thread context of 2168 N/A C:\Users\Admin\Downloads\GitLauncher.exe C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\erode.exe C:\Users\Admin\Desktop\Fn cheats.exe N/A
File created C:\Program Files (x86)\hello.bat C:\Users\Admin\Desktop\Fn cheats.exe N/A
File created C:\Program Files (x86)\hello.jpg C:\Users\Admin\Desktop\Fn cheats.exe N/A
File created C:\Program Files (x86)\ C:\Users\Admin\Desktop\Fn cheats.exe N/A
File opened for modification C:\Program Files (x86)\ C:\Users\Admin\Desktop\Fn cheats.exe N/A
File created C:\Program Files (x86)\date.txt C:\Users\Admin\Desktop\Fn cheats.exe N/A
File created C:\Program Files (x86)\hello.reg C:\Users\Admin\Desktop\Fn cheats.exe N/A
File created C:\Program Files (x86)\launch.exe C:\Users\Admin\Desktop\Fn cheats.exe N/A
File created C:\Program Files (x86)\mover.exe C:\Users\Admin\Desktop\Fn cheats.exe N/A
File created C:\Program Files (x86)\msg.exe C:\Users\Admin\Desktop\Fn cheats.exe N/A
File created C:\Program Files (x86)\mypc.exe C:\Users\Admin\Desktop\Fn cheats.exe N/A
File created C:\Program Files (x86)\shaking.exe C:\Users\Admin\Desktop\Fn cheats.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133592988291498335" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\7-Zip\7zG.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\Desktop\Fn cheats.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3936 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 2068 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 1876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3936 wrote to memory of 3044 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9af77ab58,0x7ff9af77ab68,0x7ff9af77ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1556 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2240 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3084 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4332 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4480 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4616 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4512 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4772 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3280 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\" -an -ai#7zMap3998:86:7zEvent2399

C:\Users\Admin\Downloads\GitLauncher.exe

"C:\Users\Admin\Downloads\GitLauncher.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Users\Admin\Downloads\GitLauncher.exe

"C:\Users\Admin\Downloads\GitLauncher.exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4304 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1872 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --profile-directory=Default

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff99ebd46f8,0x7ff99ebd4708,0x7ff99ebd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2100 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2876 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3384 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5096 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5140 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4792 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3640 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5560 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5560 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5592 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5932 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,15670295080942907943,5495190161776887597,131072 --disable-databases --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5992 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2648 --field-trial-handle=1920,i,11119051437444820231,1587785177212297259,131072 /prefetch:2

C:\Users\Admin\Desktop\Fn cheats.exe

"C:\Users\Admin\Desktop\Fn cheats.exe"

C:\Windows\system32\wscript.exe

"C:\Windows\sysnative\wscript.exe" C:\Users\Admin\AppData\Local\Temp\FC5.tmp\FC6.tmp\FC7.vbs //Nologo

Network

Country Destination Domain Proto
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 79.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 140.82.112.22:443 collector.github.com tcp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
US 140.82.112.22:443 collector.github.com tcp
US 140.82.112.22:443 collector.github.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 75.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 22.112.82.140.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
NL 23.62.61.97:443 www.bing.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 auctiongutollyjkui.shop udp
US 172.67.216.141:443 auctiongutollyjkui.shop tcp
US 8.8.8.8:53 acceptabledcooeprs.shop udp
US 172.67.180.137:443 acceptabledcooeprs.shop tcp
US 8.8.8.8:53 obsceneclassyjuwks.shop udp
US 104.21.20.88:443 obsceneclassyjuwks.shop tcp
US 8.8.8.8:53 zippyfinickysofwps.shop udp
US 172.67.148.231:443 zippyfinickysofwps.shop tcp
US 8.8.8.8:53 miniaturefinerninewjs.shop udp
US 172.67.173.139:443 miniaturefinerninewjs.shop tcp
US 8.8.8.8:53 141.216.67.172.in-addr.arpa udp
US 8.8.8.8:53 137.180.67.172.in-addr.arpa udp
US 8.8.8.8:53 88.20.21.104.in-addr.arpa udp
US 8.8.8.8:53 231.148.67.172.in-addr.arpa udp
US 8.8.8.8:53 plaintediousidowsko.shop udp
US 104.21.53.146:443 plaintediousidowsko.shop tcp
US 8.8.8.8:53 sweetsquarediaslw.shop udp
US 104.21.44.201:443 sweetsquarediaslw.shop tcp
US 8.8.8.8:53 139.173.67.172.in-addr.arpa udp
US 8.8.8.8:53 holicisticscrarws.shop udp
US 104.21.40.92:443 holicisticscrarws.shop tcp
US 8.8.8.8:53 boredimperissvieos.shop udp
US 104.21.72.135:443 boredimperissvieos.shop tcp
US 8.8.8.8:53 146.53.21.104.in-addr.arpa udp
US 8.8.8.8:53 201.44.21.104.in-addr.arpa udp
US 8.8.8.8:53 92.40.21.104.in-addr.arpa udp
US 8.8.8.8:53 135.72.21.104.in-addr.arpa udp
US 172.67.216.141:443 auctiongutollyjkui.shop tcp
US 172.67.180.137:443 acceptabledcooeprs.shop tcp
US 104.21.20.88:443 obsceneclassyjuwks.shop tcp
US 172.67.148.231:443 zippyfinickysofwps.shop tcp
US 172.67.173.139:443 miniaturefinerninewjs.shop tcp
GB 20.26.156.210:443 api.github.com tcp
US 104.21.53.146:443 plaintediousidowsko.shop tcp
US 104.21.44.201:443 sweetsquarediaslw.shop tcp
US 104.21.40.92:443 holicisticscrarws.shop tcp
US 104.21.72.135:443 boredimperissvieos.shop tcp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 codeload.github.com udp
GB 20.26.156.216:443 codeload.github.com tcp
US 8.8.8.8:53 216.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 10.160.77.104.in-addr.arpa udp
US 8.8.8.8:53 96.242.123.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 virustotal.com udp
US 216.239.32.21:80 virustotal.com tcp
US 216.239.32.21:443 virustotal.com tcp
US 8.8.8.8:53 www.virustotal.com udp
US 74.125.34.46:443 www.virustotal.com tcp
US 8.8.8.8:53 www.recaptcha.net udp
GB 216.58.201.99:443 www.recaptcha.net tcp
US 8.8.8.8:53 46.34.125.74.in-addr.arpa udp
US 8.8.8.8:53 21.32.239.216.in-addr.arpa udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 232.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 region1.google-analytics.com udp
US 216.239.34.36:443 region1.google-analytics.com tcp
US 8.8.8.8:53 recaptcha.net udp
GB 142.250.187.227:443 recaptcha.net tcp
GB 142.250.187.227:443 recaptcha.net udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 227.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 216.239.34.36:443 region1.google-analytics.com udp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 13f5f4bd5a2f3e552e78d92932ad09b0
SHA1 24d0818e6d6594017a5144f4de7f9e7a3bbe44e7
SHA256 eb022b215c1f071d5f3001002af661c1f2db6fed4f1970586dd94fd611a8ff51
SHA512 d2284fbb601d3512ea89ee3d52cc7cffbf435e37f205c06e5e5f89e64229ed31eb6dcfb17aaf10ff3e05451540c4e5aa1698b0cea1f7839c639f618175c74ecc

\??\pipe\crashpad_3936_VKIMPLOAFTWLEQAN

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8dfc5ce77c84cc4b6f09be3fa27fb4a5
SHA1 9a60e51686adebbbdfc9be5f71872262adc5a554
SHA256 39132304943b787796cff306112832825b386d2f7d740ca3b2e8c7dcca0384e3
SHA512 a51747acd9f751c053552f3b637315398787ee770dd99e8ff2df8b1c0c88926df754ba53c45a0fcc62cdca5f831408de773b58557d54ca77f7d4ec644420dde0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\12001aac-719b-472c-8435-96bc060a67b4.tmp

MD5 baae8dac01f6cf95956d7ef8f580e877
SHA1 415496fa212aa84bdcfe5b4a025c1b7856d638c1
SHA256 8c7022cb88284963b200a9587a46e4ac2a17f25b688e9897c101b76ee22fc409
SHA512 4a9a5c726d0d319b043f83f34f06279bdfc363536618de7633fa3a76c4be7cb8e9d838efda263415e30f34940d9bf19c52b1eef989089d9381a8b068b4813558

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 284e060c87cc9e32681696b0841e19b9
SHA1 82abdb7f55328b63cc1e310b1d6289b48a3f4b9c
SHA256 1d728b969b86fd57edfe1542091629b12332c92dde728f5f3448291adf95191d
SHA512 496093d21355762d3998e6439e8df72c3590854b71d8a1e077b4e74f3591e7db198b08277a913d202b4c7afe45a6f9424df207c6c8726082c5c717100087b5e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 0c2234caae44ab13c90c9d322d937077
SHA1 94b497520fcfb38d9fc900cad88cd636e9476f87
SHA256 d8e6f62282e12c18c930a147325de25aef1633a034eaf7a3ce8de1fb8de09912
SHA512 66709f74b19499df1e06700e1c257e14a82ca4287194e4b177b3f333748d927f413c8c459a35e7e5a2f92d28410b0129f106d94e3dd85bc0dd0b986add83b18f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 a4b04ba2b9a56f5911fee0c29629e53e
SHA1 939e8e65e22ae978a6b63dd1400fc6f58c5015eb
SHA256 523d8983d24e050e6e7e1f43d0caca6bd77bef38ec046d181b13bf32702fc025
SHA512 1c3357e9ecd3ac0de53d14f5d4c8d8d0aeafd30cb2e0dd6cfd1be68cca4fd4e178e79938a5ffe9a17b43e4f60f6e8e08c1054fa44160377fea740da70761c80f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 e1831f8fadccd3ffa076214089522cea
SHA1 10acd26c218ff1bbbe6ac785eab5485045f61881
SHA256 9b9a4a9191b023df1aa66258eb19fc64ae5356cfc97a9dda258c6cc8ba1059ac
SHA512 372c486ac381358cc301f32cd89b7a05da7380c03fa524147c2ddf3f5e23f9b57c17485aaedc85b413461a879afc42e729547b0c96c26c49bbdb7301cd064298

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 80fe74d9f9ccae0733b9074b04abd7ee
SHA1 5eb360c59cad789cf729f385a24c8cfd6b92489f
SHA256 d3e71213254bc6f3f889d63aa5c63439f267bd2a83d20b3a018a6b6c8a31741d
SHA512 fc3ced25b1aa4f0d178238777b0a4831c59fe6655bfe3faa01a04b5ea68433608b0cefaf1550af5f2891a387db0f6550a6224c0117bcd02918389b3f5e2dd4e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1dc52e8da3672d1deea1c58f4b878637
SHA1 03ae491a3365555c9fbcd1784084ff9a0fdb32df
SHA256 b46a7eb5fe749ef0135b8427d28a80d78d4d90af4700f4c6385ae110c09fe014
SHA512 c567b2f81622a04ed34139e1c9120c711b0e8dca4f8c5791b5e996fcb7d0c69a20f25678b51f42d4a62f8608306acbab60c8f2af04e14897f3db235caaea0798

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a607d521a7fdb233d63501143e19def0
SHA1 f52b8f37ebf4b00b5356ec58696720c099d76db3
SHA256 46d96a84e92ccb8108f7ae078307ca3544f9050b7fe98d21585c1a39a7819959
SHA512 f765888c668ea2647414faf9542604854683542ecc881181cc7f8cad737ccf9600ebba6839106334be12ea86df0d9f47b4a5e7ac43401e0bf6f519c1fd9f9e5d

C:\Users\Admin\Downloads\GitX_Launcher.7z.crdownload

MD5 069f13b64164834c3a828a0fd97e534b
SHA1 4bc89d1c4f5435336003d8ba2c481bc55acbe5a6
SHA256 0c1f893bee868b0faa022118c63375416ab8911b11772e53bee222ad1eaa3965
SHA512 95479f2cddaf33121c0efead417a367c8d108093bda95a57197586b66cb4ae56246cd9531cd4824997241bfefdad3c4e579aa6683c1c9528269745996edbe38e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a053ac5676a427f5dbcdc63a846fc62b
SHA1 a95756944348207ea6acd1f092e5da23b8db31f8
SHA256 b1377f3b39f13ce0986880bb7a0821085178475a102efb7c0be6aae6cc3b96f7
SHA512 6daef2d5d7a5e6419d277c387bc9ba16c05d05dc6e05e2632c586335928426b15d6820d4e04988207fe5d3faaf7fb64fe4726089a1ff065ad5fb52931dafdd2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 45be7b4d96b75d8c33291d410035a704
SHA1 1c0b8ec14fb0abc702a58e6de6eb064311730e1f
SHA256 d137a4a51b65c7709bb535ab4ccaa78b1ae9a558e4aeadf3810362086c262369
SHA512 df6f1feef4ad3e80baeb85e6c02505bdff82018c54841138d3bf8092e731ef38b02a13e140accba5a88fc28203ad888b21778caa4679aff515dc262f3fd14dd1

C:\Users\Admin\Downloads\Packs\pv2.dll

MD5 be068132ece3f794f09c9d6b5ba20b91
SHA1 859599fa72d128e33db6fe99ba95a8b63b15cc89
SHA256 59dcecb111aa15159414819f4f522e7f90597939cab572b982beebee5dc0efdf
SHA512 13829ae9b7bd0cba95800075b24570f3c70a6c4b3d4b3c4da76b0077e37c75194e929d8d56a2db69e22a319ba5077d188a6f3baedd1f69f79979717d6f6d1b6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 36ddb7f36ff9f2b070decd94e3ccae9c
SHA1 2faae80292e9f6849d66ad89f4db2539e5e6ab6e
SHA256 11835abb54e21a72054a626f1211a1443811494306208afed1b0d2d0e566a88c
SHA512 682ac3b107ce6019b69f036dd95adb33602861e73440d902990310aa10c2803b57e67d66f598f57fd3880044ab94b28f27713e9df45e7c44c6b9a46c7eae5585

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57d66a.TMP

MD5 8532b9ee325adebe87d60027d8f54d85
SHA1 bee246c97ae86feccece52d8c4a5766482ee7041
SHA256 5ba9d7875fc7e2e23aaf56c2b9b76e3b1b788b9434f5a0913ff2836c1a22e981
SHA512 fda711b144aa3b786194c32edf92e70a5effb6a1c90243942bb1d7d14ad20ee2660948a81030ce40c1137a77b83183e8ff5956236af4ac1b66d794eb17e68b8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 bef762b4d54c1c438e25e375b6a97ad2
SHA1 166cce4f288b92b4cbd1755c8e5fdcab2e3081e9
SHA256 d5bec037177c1700e6294cdc3f887120ad22e275e2497341c3214de8a40cbf75
SHA512 7703bbe49777a77eff4799161fec96a532cae5232064c271e001cf23506d54734ef497e19c48d3c040373a937914140de52bdd071497fce029694eb71c000d26

C:\Users\Admin\Downloads\GitLauncher.exe

MD5 82d13b4eb079d6dbae0053678b6f30cb
SHA1 996ded004512c4719755ee19808297cf5df1e859
SHA256 0d2f692015a50d9b3dd7ba2133963b68005041af69eccfb79eb9326167cf019a
SHA512 d4f6ec199247d6b9139d201a0be5be83f31ccd0a34abadb0c18a3e398396c92ed6ed73369cf52c6983b15e1a0d5b14485e883cb307c46046d30038f7e30cc2d8

memory/4996-857-0x0000000000DCF000-0x0000000000DD1000-memory.dmp

memory/1856-858-0x0000000000400000-0x000000000045D000-memory.dmp

memory/4996-859-0x0000000000D50000-0x0000000000DD3FAE-memory.dmp

memory/1856-861-0x0000000000400000-0x000000000045D000-memory.dmp

memory/1856-862-0x0000000000400000-0x000000000045D000-memory.dmp

memory/1856-863-0x0000000000400000-0x000000000045D000-memory.dmp

memory/3484-866-0x0000000000D50000-0x0000000000DD3FAE-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cd295ef4ec5d8bfc3f179c0b248934fb
SHA1 7b39dbe778718f422774be141f3f418e2b764efc
SHA256 c090bcfb73297d2267dadc4e4dbd51eac69b5583e7737dad8d4107c9848bef57
SHA512 de38b21eba324c29d2b98c100bf5c85b73e96e98a002207d1689ec6072205cae08e27fb18ca4fddfa9fa9e6d06db93adce76e403d14d374219048eac82189cb2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ff1c2cdc18ed865a_0

MD5 24c07caa5a1f248c778e666a33d7fd3e
SHA1 573415540725fe1d691f215a9d4c7242f3eca423
SHA256 85c3761ee70bfc778aef71ebdcf1dfceee9a3583e62b36ed7c847b8b024af6a6
SHA512 59391a635e78f14b3b1df23c2509668d20a48cdbfd13ab7febe6f60129749899a0a4f739ca2da1b407d96885317ea72ff6893b4d852ab8f174c74fb888189d88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 279a08187fe6dd2fc9af819e4a104b4d
SHA1 9d3cd1b396cefa97cd2de96a327da6daa457950c
SHA256 ea3b8ac34dd2156a5c83cc7d282db609ac01c87e45d129839630580e7cfefddc
SHA512 9c19e345474f6535253fa4c6ff1a230069752b7c34141924a90c1c54975c26759851cd618d10af601c3b169593b935364fce8b0662d3282ef4520e23c3b0fe37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 4198d48c0b84377cd1f64674dc181d84
SHA1 1cde0394063127fca963b4c1b417020723608641
SHA256 c168d99398ff7ef9cb0ae9d9060cc460c6ce2a798d2ecf85c41c91a8ab0179ff
SHA512 73d6093479c6e085104f423d6c115bceccf6d0c239182fb9052eeef1215c8cca8b3a7a2ede071ad4e6c8f381005cea02ec94d02baa076147bc39d901f4414d52

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e3cd7e04cb52e4211d0aaf9443be5833
SHA1 f22cc0ff39b7a1b38717e42ebabea533c622d327
SHA256 94f1d23f7260bc9adc38ea8f3dcbfeebe2b1f9c66faf1f367934b525923a73b6
SHA512 b8932fac20f198078eb059317e2444f8dd9cd4dddb2d453a33817a7323eb828f6b239073ceeaf9e75377bfeadc52b290dc11672d41b6e639190a099210fdaf93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 fe89ee27e7f130e4806795596ca81d7a
SHA1 357056e5f47e714649f3e20a42175a786f103dd3
SHA256 31ba7886f30480f005778719c582b8f5819a4041331e56514ec25e92cac9ac78
SHA512 c36956d7b46c2df076a10659c0b233543a28e6cf2f8677add7306bb7a29d56fa2b116a719c5b9ce13691b744ccc2535eb721fa24587cc16a73680c81e834f9f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 36324be5f26f8e2388374ca586ffa32e
SHA1 8dc454a0de80decb35389e53fb43ba6ab9a30f30
SHA256 85ad65cd37af13e9ae54c2a185eba242155a667cccc9ee4f19c42c3e27b331c7
SHA512 dbcba9d3a53b4ee9a760da8547ec531f23fa868dc6c5fcf87c5c191706cf58a0dfe42653f79f416a0edcc9597bbb57219f90180f313c85575698345a0e8824b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 015809c7fedadbee9101f6f4e4b04922
SHA1 f2eae69818193ccebac7a13b7e497f3b1110a2c5
SHA256 12147a4e7a3e964607b1e6c6350e39af8e46cb380b03259b7f6ff66da6b8ca30
SHA512 2bddf1f8ff7e2786a74a689d7c542651ea97b497dc301db11f445b5a8ab631c015227c38aabc1109fcf5168a5c23be8894de567114f773c906adc6dc4ec4f944

C:\Users\Admin\Downloads\Fortnite-free-cheat-main.zip.crdownload

MD5 7bd22ac23476a1faea5638d44b218584
SHA1 9d1a10685775a4f213ab63a2eda60571d0d179c8
SHA256 6268b944bc19b7d342f6864fad29227bf88319574417bb635e7f421aa6e0262b
SHA512 c8979fe457a9dc6191d5297e5812ec4062c660e1242afe1b0f3a2717694c6013ff60a0348112ed995eed386ad9b974f779dd75200f07d4f5a932d811f1a615ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 091074dfaf748e189790cd3803223a1c
SHA1 bd2a190d71b992b894c56b8d071a6598fad89af4
SHA256 8efd5d84c907f4a67724333a8e8139cdfc0a375fa177b20fb0a976163d7ab21e
SHA512 58334d2c5e2c3f139bd1cdede32b8eeba08c6781b2093a2ba87c72a98aed8455e5a3fa423953d62740ea07b0d30188494b744c1e94e3d610bff8695154336ed8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d1b7d88e6f0e2afe06229c0d6ce2871e
SHA1 d5a1b6548113dd5e7b2cf9e25f9edac3d29866d8
SHA256 f2cff956a1dc47c3eb10a5e9c1a952121392b63b9dc637478ece31487b911bc2
SHA512 5b9b746ecf47ac1c79bbc6a5467156842d49c998f727e8422e1162e0fef8731757dea18dcf0114cb4fdae5f74343030f19717d52a2d301a6066cfed224fa1f0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 df702d826f008320e42a9139bc80fd40
SHA1 659011391c621d79ab15c19fc00b3418fd036e04
SHA256 c2b2c777534a87f48b068d0354c76acac18a2f0e386d1779cf7154f6937cc973
SHA512 5b958bb2c3022cb828f2bb61d4e4319d7a18bed85f50aed87a13bd0a2ada097377071e55b4a9581a3cc5746c2f4c5d7a3d942d00f7dae2cd8608d84aa4d15c53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5ade9e22697109d2b19d33dad5ceedcb
SHA1 751ce0da794b82131dcba84eaf7a2ada8a6410fb
SHA256 30e3ea0633c79fb6014d4b6ff0c3d606bd5732f4ca953954a588d77fc3e0aa5f
SHA512 92e85c46941b0768655f9cc2a514d36dea18407cc19ecc4bb9413b52813f0fcb5eea4cbe49e5a19c08d30ebc4b8558ae4ae6a6e34d65dde8b02ebd8275edfebc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f53207a5ca2ef5c7e976cbb3cb26d870
SHA1 49a8cc44f53da77bb3dfb36fc7676ed54675db43
SHA256 19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23
SHA512 be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ae54e9db2e89f2c54da8cc0bfcbd26bd
SHA1 a88af6c673609ecbc51a1a60dfbc8577830d2b5d
SHA256 5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af
SHA512 e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 565fceae2f9903506c15ed5275f03805
SHA1 fcf055c2eb6124e750cb29cdc4f2474310b6353e
SHA256 6dfbba09a8b4b0342c65fc05a4ddd2cd00133dd2d5a310747d7aab2c4deccce6
SHA512 fd729d333a9c4f38edf3b5bc486750574228c145f72566b1d51dbb315eab7081b1cf661fc853fff453f43389e197dcb4c7b4c2ef9f89a9d510052825d3d45098

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0457cda3e4f02858ee5230b888e22ae8
SHA1 7d82bcd34e2ce8b5e6af78e61e64061c3fc1de01
SHA256 60ef070d09982cf4d6b6027fec0612b5bfca7d5565c21cdfa147722b67e7d20f
SHA512 8279e330685fa686a0002b62713e0e3177fc2dfe29d952df929f6158172af954db0796c40b046efff23e343e87dc608b97ba72adb072a5f027771479318bf09d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e5a9b2ecee84db4c8e37d5f112671c79
SHA1 2a9cd716aac7042e3ba683a002e9ae5b61a2dfe3
SHA256 922c7719010210794348c0f0ee25275c0c9a78f51342042d81cde262704ccfd6
SHA512 25ffa19dbf50a3c19e87a929e5c8ab5a8df40b0c1f1a5385d81317156cf63711b40fdffc4fe0ba49da56356f09896e8013e5b7f218dceafd71378124eb942a75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 27f0bc9ee2cdeb058f542ea758579d7f
SHA1 08ce0cbb66da43c61d9c2b66463d1d5848f11b48
SHA256 9240899804642c81cf20d0412e00d6c5f8210aae67b28b750e538634457347ea
SHA512 a4e06a2e1b37d0c54fa38ce912befc253b137f06e2c9702ac929c35e741cf7b744dd43581fba3ba090b10e5b59fd8d3e23b929841497b87590b7f850be22059d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 d4ac20cd23ad6244a71763cee232aafe
SHA1 0153a4973c62b35fb568b3fa1cd92aa6732e5c59
SHA256 2503671e4e05d64d3231d5ff016d0ace1d1beaa7820338da67f250d3663de387
SHA512 feacb0a6da2ab5d908f84749a0c8b2cb95870d3cec2f5136fc6b118cb432340d54985c90469c4144babc9125900aaec2e3056c4c0014ee7aa1d973580cb48dfe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 350b76dee1d00ddc783bc5fc0ccc42df
SHA1 6d68d30a629f029d946809bc9f8e7160663f092e
SHA256 5c61064543bc182e15e7351d338151f46d962a1117e8ddc3d6ac368d431bdee1
SHA512 c9ff78991ad9e5e684783540df65e1125d4dcdcfe2e092a8583b2f8fc24072ca2ad435bd3b4e1e92c742839f966b4179fb857ff4af58ed6e523e8a1c849899ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Temp\FC5.tmp\FC6.tmp\FC7.vbs

MD5 67706bca9ceaba11530e05d351487003
SHA1 3a5ed77f81b14093a5f18c4d46895bc7ea770fee
SHA256 190a0d994512ed000cf74bd40fb0502988c2ac48855b23a73fd905c0305fc30f
SHA512 902ac91678d85801a779acbc212c75beba72f8da996b0ed1b148a326c2dd635b88210f9a503fbbffa5271335483eae972e6a00acbc01ec013cf355c080444598