Malware Analysis Report

2025-01-19 00:40

Sample ID 240505-1f6hsahf35
Target Alysum_dump.exe
SHA256 b28e4558ee0fb41cf2b2cfb687a60ca781137dee7129d97ed4866979ac2dd5ae
Tags
microsoft phishing
score
5/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
5/10

SHA256

b28e4558ee0fb41cf2b2cfb687a60ca781137dee7129d97ed4866979ac2dd5ae

Threat Level: Likely benign

The file Alysum_dump.exe was found to be: Likely benign.

Malicious Activity Summary

microsoft phishing

Detected potential entity reuse from brand microsoft.

Drops file in Windows directory

Unsigned PE

Enumerates physical storage devices

Suspicious use of AdjustPrivilegeToken

Modifies data under HKEY_USERS

Enumerates system info in registry

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-05 21:36

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-05 21:36

Reported

2024-05-05 21:37

Platform

win7-20240221-en

Max time kernel

48s

Max time network

16s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Alysum_dump.exe"

Signatures

N/A

Processes

C:\Users\Admin\AppData\Local\Temp\Alysum_dump.exe

"C:\Users\Admin\AppData\Local\Temp\Alysum_dump.exe"

Network

N/A

Files

memory/2100-0-0x000001BEC7890000-0x000001BEC7950000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-05 21:36

Reported

2024-05-05 21:38

Platform

win10v2004-20240419-en

Max time kernel

122s

Max time network

127s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Alysum_dump.exe"

Signatures

Detected potential entity reuse from brand microsoft.

phishing microsoft

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Debug\WIA\wiatrace.log C:\Windows\system32\mspaint.exe N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133594186986384170" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4800 wrote to memory of 4448 N/A C:\Users\Admin\AppData\Local\Temp\Alysum_dump.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4800 wrote to memory of 4448 N/A C:\Users\Admin\AppData\Local\Temp\Alysum_dump.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 1240 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4680 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4352 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 4448 wrote to memory of 4220 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Users\Admin\AppData\Local\Temp\Alysum_dump.exe

"C:\Users\Admin\AppData\Local\Temp\Alysum_dump.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=Alysum_dump.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff36cd46f8,0x7fff36cd4708,0x7fff36cd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2032,5620875757822352061,6848254727451147487,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2052 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2032,5620875757822352061,6848254727451147487,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2032,5620875757822352061,6848254727451147487,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2860 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,5620875757822352061,6848254727451147487,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,5620875757822352061,6848254727451147487,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,5620875757822352061,6848254727451147487,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5004 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,5620875757822352061,6848254727451147487,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2032,5620875757822352061,6848254727451147487,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,5620875757822352061,6848254727451147487,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5404 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,5620875757822352061,6848254727451147487,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,5620875757822352061,6848254727451147487,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,5620875757822352061,6848254727451147487,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5604 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://go.microsoft.com/fwlink/?prd=11324&pver=4.5&sbp=AppLaunch2&plcid=0x409&o1=SHIM_NOVERSION_FOUND&version=(null)&processName=Alysum_dump.exe&platform=0009&osver=6&isServer=0&shimver=4.0.30319.0

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff36cd46f8,0x7fff36cd4708,0x7fff36cd4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,5620875757822352061,6848254727451147487,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2032,5620875757822352061,6848254727451147487,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5816 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7fff34a8cc40,0x7fff34a8cc4c,0x7fff34a8cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1924,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=1920 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2196,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2432 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2248,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=2512 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3172,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3192 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3384,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3400 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4624,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4588 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3176,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3732 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3752,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4772 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4796,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4996 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4880,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4884 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4696,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4780 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4412,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4996 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5304,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5344 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4400,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5420 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5272,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5548 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5016,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5672 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6100,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=6152,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6208 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=6080,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6148 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4564,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6108 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=6344,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6784 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=6768,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6964 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=7056,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=7080 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=7064,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6780 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=6216,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=7088 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5796,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5444 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5456,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5468 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5436,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5408 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5476,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4616 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=5540,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5380 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --field-trial-handle=7480,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=7452 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --field-trial-handle=7380,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6496 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --field-trial-handle=7420,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5404 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --field-trial-handle=7080,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=7336 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --field-trial-handle=6936,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=7040 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --field-trial-handle=7532,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=7616 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --field-trial-handle=7176,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6732 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --field-trial-handle=6756,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=3748 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --field-trial-handle=7060,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=7096 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --field-trial-handle=8004,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6592 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --field-trial-handle=4852,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4868 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=6640,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=7912 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8292,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=8304 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --field-trial-handle=6228,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=8472 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --field-trial-handle=6180,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=8460 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --field-trial-handle=7624,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=8276 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --field-trial-handle=7640,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6788 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --field-trial-handle=8268,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=8888 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --field-trial-handle=6616,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=8248 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --field-trial-handle=7376,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4616 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --field-trial-handle=6940,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=9068 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --disable-databases --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --field-trial-handle=7684,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=8228 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7048,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5020 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7364,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=4816 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=7740,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=6652 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8008,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5512 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=8048,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=9128 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=60 --field-trial-handle=8016,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=5512 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --enable-chrome-cart --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --field-trial-handle=6712,i,4615512168031035337,13431215783809317618,262144 --variations-seed-version=20240418-180204.077000 --mojo-platform-channel-handle=8080 /prefetch:2

C:\Windows\system32\mspaint.exe

"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\Desktop\HideUninstall.emf"

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService

Network

Country Destination Domain Proto
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 136.32.126.40.in-addr.arpa udp
CZ 23.212.110.202:443 www.bing.com tcp
US 8.8.8.8:53 202.110.212.23.in-addr.arpa udp
US 8.8.8.8:53 learn.microsoft.com udp
CZ 2.23.10.19:443 learn.microsoft.com tcp
US 8.8.8.8:53 wcpstatic.microsoft.com udp
US 8.8.8.8:53 js.monitor.azure.com udp
US 13.107.246.64:443 js.monitor.azure.com tcp
US 13.107.246.64:443 js.monitor.azure.com tcp
US 13.107.246.64:443 js.monitor.azure.com tcp
US 13.107.246.64:443 js.monitor.azure.com tcp
US 8.8.8.8:53 mscom.demdex.net udp
IE 52.19.147.254:443 mscom.demdex.net tcp
US 8.8.8.8:53 159.113.53.23.in-addr.arpa udp
US 8.8.8.8:53 19.10.23.2.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 target.microsoft.com udp
US 8.8.8.8:53 microsoftmscompoc.tt.omtrdc.net udp
US 8.8.8.8:53 254.147.19.52.in-addr.arpa udp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 20.189.173.16:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 16.173.189.20.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 20.189.173.16:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 57.15.31.184.in-addr.arpa udp
US 8.8.8.8:53 198.121.18.2.in-addr.arpa udp
US 8.8.8.8:53 203.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 88.121.18.2.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
GB 216.58.201.110:443 apis.google.com udp
US 8.8.8.8:53 3.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com tcp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
GB 172.217.16.238:443 clients2.google.com tcp
US 8.8.8.8:53 clients2.googleusercontent.com udp
GB 216.58.201.97:443 clients2.googleusercontent.com tcp
US 8.8.8.8:53 97.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com tcp
GB 216.58.201.110:443 apis.google.com tcp
GB 172.217.16.238:443 clients2.google.com tcp
GB 216.58.201.97:443 clients2.googleusercontent.com tcp

Files

memory/4800-0-0x00000201459E0000-0x0000020145AA0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 850f27f857369bf7fe83c613d2ec35cb
SHA1 7677a061c6fd2a030b44841bfb32da0abc1dbefb
SHA256 a7db700e067222e55e323a9ffc71a92f59829e81021e2607cec0d2ec6faf602a
SHA512 7b1efa002b7a1a23973bff0618fb4a82cd0c5193df55cd960c7516caa63509587fd8b36f3aea6db01ece368065865af6472365b820fadce720b64b561ab5f401

\??\pipe\LOCAL\crashpad_4448_WCXMWNPRYBIVSPCG

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 62c02dda2bf22d702a9b3a1c547c5f6a
SHA1 8f42966df96bd2e8c1f6b31b37c9a19beb6394d6
SHA256 cb8a0964605551ed5a0668c08ab888044bbd845c9225ffee5a28e0b847ede62b
SHA512 a7ce2c0946382188e1d8480cfb096b29bd0dcb260ccdc74167cc351160a1884d04d57a2517eb700b3eef30eaf4a01bfbf31858365b1e624d4b0960ffd0032fa9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 9d5777d3d97882be105d89c11e3c051e
SHA1 5ae4715c48532ed36fe8418c54bc72e1bb70fd2b
SHA256 556e16c22c6fc3fb0d7781385484d36d4397fa70c1aacfc802f0d02f7492c1ed
SHA512 846f497c468a174a7ea9d9e008b72f61fdae8cd8974d602093865e5439d679dffa8e60c116f0f1117fbd0679db9b9ae49bc44b5434db266fba120aa3e27e2129

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 153c5ee84bb30ab20b66c506ba664362
SHA1 5d613ae85608bde23873178c83e86bff3d51ccc8
SHA256 ea0955ddb49a64f8d171cbf6d2e355ad3b60d8505d1f8836510f6e2d059431ae
SHA512 41cbb985769e5a183739890f38f94dc21d6bd54fdedfc728f16b0e751fded55df62ada9840102cb20cd9dc0e75b67f75924f55c73ab3b72d85b0b5a104ed2d9a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f8c985272ce7a90c8eaf3533639a5518
SHA1 771ab6409f17246eab615560b2f836bf4b3e3379
SHA256 aa5c09e18c4b52cc1c22349aa6f17a3b6fc6aa7de06b299ca0e03b0bf1b78b9e
SHA512 d03a9a217c04ddf139e5b25f83438e0c081ca992d22b1b5f902d29390005472e4bb8aa66ddba0da1445689fa35856c26f8ab144d8514c4f56fd0cfde1a931106

memory/4800-81-0x00000201459E0000-0x0000020145AA0000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 567134bc90cb4978e789dfbcb916ebe9
SHA1 a853b2ee9a5b4bb6cca78f8169442d94ed8f84b5
SHA256 2abd34be32eae77cf2f8677625f42881e7ddb8896ab4578d664561c5fff77e3a
SHA512 8e1497602f1d28eb662c731ce517050bbc4b28f170d5823f2860f330b7dbb6efd3e12d03e6e356d9947cfa1ab32fbe729944d2b1814bda12f9a917c4e7f365df

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 ec25c1999297bd09b27563557605a07e
SHA1 490462a21a87fbd24c4f667457fdd0df60582372
SHA256 baee826393a3eb922b978393e9ad6fd34a016d44e7c961cdd8dc8932687fd831
SHA512 bef6bb1bfbe0ab44c43d1dea485f88a02d7159dd6cc6de7a58cb25d1ecbc599e6a513b07fe60ed9d7c66daf17c091f34b877dd58712a5d27650a016c35ce50bc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity~RFe57b9da.TMP

MD5 423679692831e0cb28a3cdba0e07e21a
SHA1 f9b54ab9e296cf69d6c88d8eca1da1111053f416
SHA256 c23d86d76dbdba8362148d0d5016df63fe24063e61b51f97705861d89db0dfe9
SHA512 e0c90e982b3b25f9281e218942b1c075b111677904edc64e160c245b5b51f91743425cea1ca74f184b07c89e739f209d1276f1ad2f056180855472ba6505326b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7ffe537bc94a2c0d1f03eda882e2d980
SHA1 0697c0bedab62b84e0e89f6fefd8664e859808f7
SHA256 d015c0b7d26d1501595501e5322b70d4ace7c4130e50e60466a11005b2484ede
SHA512 d39345e20bf56bb158373fd8cc3f675fb858546303778d3a27260101accfd9cc2587681ca681e53861b541a6a0f1571595ca23c1a3e40794f8d3999f69590b78

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 9cc1b2562a054016aed98bc0bdd4eb09
SHA1 a763f107184686814eb14c36996c3e41d5dbced6
SHA256 3771f501d38494efe6abb34b4e5dba80c24e26b8c52c293bd069e2c3b1a236ac
SHA512 0b654243844f1a114cb631bb69160d16ef5250fd492d9a5ffaaca44a9651fab1f4517a65b73de9ce5d8087e611fc9e58872779e993d7cb21c1414a6f892adfea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 16845fc4c1baa207236e740149e667a0
SHA1 6679b551902c3c7f10697e2dd8a4e994d9c832d7
SHA256 bd56d544cec46556e1b43070ff19b8a896a85b1b60a46c1b6a1a00389215fd3a
SHA512 8a51caee214309e6203bde827b55db261e25587aa5489e7de7ac8f1799bd6173507726c3b0945a1487cae0ce2d7efccfe9f6ba760fdb51de86aefdb5c04da28b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 05592d6b429a6209d372dba7629ce97c
SHA1 b4d45e956e3ec9651d4e1e045b887c7ccbdde326
SHA256 3aacb982b8861c38a392829ee3156d05dfdd46b0ecb46154f0ea9374557bc0fd
SHA512 caa85bdccabea9250e8a5291f987b8d54362a7b3eec861c56f79cebb06277aa35d411e657ec632079f46affd4d6730e82115e7b317fbda55dacc16378528abaa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Sync Data\LevelDB\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Code Cache\js\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Site Characteristics Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico

MD5 c857bae5a9eab59c2f5080b798de919a
SHA1 c2db3057371e0fdef3ccc33b511b76ac41bd72ee
SHA256 78a819cebbd01fe4fdd106df46172a0b254f6ed912bfa12ee8959f744feaaa88
SHA512 d6db75919dec2fe780822906ea4c838b7f2f0407dee66165b6a93e7a0338b0864056aa6a9421a06462eaf330149fade42fbf77ca714ce9b4a5318941a7724413

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\GPUCache\data_1

MD5 d0d388f3865d0523e451d6ba0be34cc4
SHA1 8571c6a52aacc2747c048e3419e5657b74612995
SHA256 902f30c1fb0597d0734bc34b979ec5d131f8f39a4b71b338083821216ec8d61b
SHA512 376011d00de659eb6082a74e862cfac97a9bb508e0b740761505142e2d24ec1c30aa61efbc1c0dd08ff0f34734444de7f77dd90a6ca42b48a4c7fad5f0bddd17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\f3888c86-0160-41a8-97ac-c7eb207f3aaa.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\Desktop\Work - Chrome.lnk

MD5 ddcf3ef0ceec8c005fc227ec98f2b6cd
SHA1 77b27ed0081a9d3129889e6640ce67fa8b53cd0a
SHA256 f3a97d0feb63519b0b63a11692718c278640c2a2e18baee9375e40d1c4b49570
SHA512 5e6b3b187408508d4ad4ce9d586330723494f6edf88bc78bc95d1bd7a47140cf481d9e7b097176b6204635345190224f12bdd0b307c360d14e2e300cd79f8b44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 7f1cefadf474944fb565436d42e0beb1
SHA1 64bbe7e2dafac91540ab15fdc5306f0307472993
SHA256 bd6ce38d71583c80d3f590744355433b5bc025fd7c11466950d75a185fde9107
SHA512 22ad0e7c13838d684583c02acaad92b68c2814f9c407a2fc5feb5bb2c913ef54c328a4c97babc0cb8cd2b4ebf5870970a69a52e0234fe2c17d9fb70132741db9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\fmgjjmmmlfnkbppncabfkddbjimcfncm\Icons\64.png

MD5 9ca95e4d4941acee74cd1bef23eaba35
SHA1 1717e5136bf97a89b5dca5178f4d4d320b21fb48
SHA256 80c1e2f4d89d5266f82dc0295f232eda894812820c5c625a036adf980536e5a8
SHA512 9fb11e36e626b0d9eb43548ba0e90cda27e70d027361c52437f01287e94f07d07da01a385ee2466963e305516f56e37020644ce03d1132322d7e796440c633b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\fmgjjmmmlfnkbppncabfkddbjimcfncm\Icons\48.png

MD5 f484337ddad3b425b5788e5ce7082bc8
SHA1 79c7e4c0202a06ef3a287cc76ea498fcf26009c2
SHA256 fa58e3209e408e4f0d60a7ed330d6f62884ccf9b593e37cde03e7916c116dd1f
SHA512 518a8e3d53fe86dc714a59cc70f8f0c44396d7569d25837c1cfe6212a10204080e0c4d19c43729f1815093af9f075693decbb9496700a2f00bd57dd3ed0b0a3c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\fmgjjmmmlfnkbppncabfkddbjimcfncm\Icons\32.png

MD5 cfd1c4fa219ea739c219d4fb8c9ccf8d
SHA1 1bd9c4a0c08a594966efe48802af8cdd46aa724c
SHA256 36670568a87c7b3cd1a4448ffe5bde9b6fd3d65b58e6dca38cc4ea2e9e8c11b3
SHA512 59918179057447aa18668abbdaacd11ee3f5e83c25a93f916a050a559ea1457d6ab61abd3db9def22b5214a1767911e9cf9fa8e638852032cca3696424c6a903

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\mpnpojknpmmopombnjdcgaaiekajbnjb\Icons\64.png

MD5 6078ddcccd0966b6c8506d28eed2026f
SHA1 86b7c92bcfb0e02d9a72bebaa6731891fa90e29f
SHA256 d982bca9f433bfdf7f7d8f759576273ee8a131e676a784a6d6231b068e21de25
SHA512 850dd615ea2422f00001b37603f25756e6304e190669aca90aaab08d2ca97d163402b3fe7a4747e76040fc9dd944861b5639c31d1b40528ca806f5f920fa3d4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\mpnpojknpmmopombnjdcgaaiekajbnjb\Icons\48.png

MD5 b7593fa2971ae16ea2aaefefab67658d
SHA1 df5455a066a4aa91aba3d2ad0df25e3634d04a49
SHA256 1407047a49f6220843e0b5eeb147273ac894fffb489ff02b7e920096f1cf23db
SHA512 0036d5d5b708feb7fa9dc96a705e0ef98c8dab39ee182e760515ae008e100200ee4645afa75359290f09dd1fc7f16c7830e39faaa5e302a8dd6a647adcd431c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\mpnpojknpmmopombnjdcgaaiekajbnjb\Icons\32.png

MD5 1958a9b92332cc7b500636c414649c72
SHA1 3433cd43afc96397650ecaa2f3d4c82d985aa86b
SHA256 282c4fd7aec92fbe494f71a136c9c9111a453ff07f701ba21cf2f14b24f9ff15
SHA512 9a6791a1ffcd7b2442ffa33a132b95bc66dcfa5b2814bf5b84d8385e69b7243bed9b6e4a1677c3b88cc9de421067468ef186584c43a90b7aba78e2e19a1fd81b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\aghbiahbpaijignceidepookljebhfak\Icons\64.png

MD5 65e00211feede352e87ff869cd3d1b1e
SHA1 2ede8e165651f24a165f31bd2b4591d124d5fdde
SHA256 dc78a4be5b92c40c32dbbd4bcc3c65057105db062c088fadcf835a5e161095a1
SHA512 1fec808d0591868de3e27863e095ded619cfb825239eb05aab61f9ddb09bca28534e5a1a6f0d39a47affb7a3371d07cca9701b8dabcd297ff2fd116c9123fe61

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\aghbiahbpaijignceidepookljebhfak\Icons\48.png

MD5 9e1a6c45e7a5b26e6dfcb060fe4ec411
SHA1 8895839baaf4a6ce1189fd8c5572c3c8298ddcc0
SHA256 102aeb88e02ce1cd5c91ce4ab3c5880be33b6a440ee7f24c9e38741e79b46273
SHA512 323180dbdb0ebed3f398d5e7233f681ec85bd0815ef463d8351e17e99ee6f9f47badc9bdd9ab197249fe85e2c0d2457760f7bb7550c9c55110f333d13bfbe8fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\aghbiahbpaijignceidepookljebhfak\Icons\32.png

MD5 40c4ea664da063cccf37a00d0dea5f88
SHA1 f524c4c8544d5e8b7d5a29ba74fbe865c0fa303b
SHA256 91289705a496311822aa52d067f2a029025293f1c22779f3a8bc483e211ce1d8
SHA512 bbe182958560fa196423bc1b50575b078e4a3b2b170427074442a42a3f21ae7d91d3115e75f38335c778070142d2d1bc929bfa22bf0fb2ae644c0478f6d58d51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\fhihpiojkbmbpdjeoajapmgkhlnakfjf\Icons\64.png

MD5 fa9b6bd6c167dc772018d4105b7f3afd
SHA1 5a8b1a8bec14f864d559667c79683735508a8036
SHA256 2a8f1a1cfac4fbe96a6cb69e9e621201875cc45b2e60bc75b08ea193c759e346
SHA512 db8b36ed049e357346a6c249dacf54a78bf7395ab8a3c8f8d2aa8d575193f59959cddfc7e1ec18b32a029aa1cfd42ffe30149d74de56d88baa0583a6c00d9a9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\fhihpiojkbmbpdjeoajapmgkhlnakfjf\Icons\48.png

MD5 06c47df56a44e6ec6ed68a0c1b13fcf1
SHA1 d081069ab4c69925e2c5a8e7bb9a683f620dadb2
SHA256 6e21221baad8ccd2b71542f9d3194dc5868c0f424fea640cd4915fbdb32f4804
SHA512 e23731119c43850604eaa83c7fc17cff43681890ba3e144cc0b97cc8b33dc3f90a5370c7ae599c5469e33fcffed6492308451a0f3699bca51df665a70329a569

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\fhihpiojkbmbpdjeoajapmgkhlnakfjf\Icons\32.png

MD5 ca6289a7d8f9ecc17f8de717faf1af27
SHA1 4ccf3c6a9291f0a8a3090c22aca6f1872c860073
SHA256 3d7283090cf1a87baae4032266e4d144f7ec2ea465e7b2bf02728aa394c678f0
SHA512 100fb108d3eb74eea016af82a5a6758f22173b3d9a60c5237e9a570aa14549397b224d9d4234661855ffec47930a33536d05c0eb56ac61c551184fa89b18697c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\kefjledonklijopmnomlcbpllchaibag\Icons\64.png

MD5 ffd2836b1dfc3a7f5c24dcc4845f3b3a
SHA1 16b4d188780f05e0845014fb45ad6ebaa6b4d2b8
SHA256 f5eb403a4afbb48114e67cb9eb55ae136b86a2c8644167d53006848c8efba562
SHA512 810acdc6d1462416572b79b6e16cca23988a4bccb886db303b1dc1487d4a1abf36f94dbcf7fea7a22ae9892a3f9ebf98516ff2dfbbe424d82c735382f34adbde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\kefjledonklijopmnomlcbpllchaibag\Icons\48.png

MD5 67e185e7131868c3af81ee10251a3205
SHA1 3f52bcd8f6dd96a2613d4e0023a6ca87f54d2bde
SHA256 fe6cef43018dd0cf284366ab4c5bc75039274374a3654b58197bfe5ebb3dcc46
SHA512 d155a9e9ad4c0e85c97bc3ec8432213b3637cece3dafa8338662055c0c593e3ce10405b5adccfc92ee6da96d01f7cbf29623bff6204653f7960a84bc782aecb2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Web Applications\Manifest Resources\kefjledonklijopmnomlcbpllchaibag\Icons\32.png

MD5 e21251a768b30062a5cd8e0b01e512bc
SHA1 3fc0c1af7c6783f743021a145016023ee73a69bf
SHA256 280a7fc31d9ba2169f4d0801c7c52bb970061c17c7b4a7959a07e8313c055df0
SHA512 f6104bcce1f2613b5f6baacd354fa6dfe448273b79e5579c7c93ab703e953e49711459bd6ef3d10ee449d9d69c4bf6bca62ac9d6e864670f4503a618425f389a

C:\Users\Admin\AppData\Local\Temp\e751d172-24c7-43c5-b0b8-8a2b8e8bbe9f.tmp

MD5 e0bf4de8cdda0b744131562838ba81d2
SHA1 44990a237dce7eb1543b4e2c572fd098af3be4f1
SHA256 506e1674928b76193ce69e72bae0e0eec9484337eee6e241267678c49a5623c4
SHA512 8d976b8f1aef23eb8d3bddda99d2ba8a3c4f686be0a767a373a1ba071bfea701cf3247b0202df79130293e73ac85c30ff1d94b41f04c319588f97b8079e1ca5f

C:\Users\Admin\AppData\Local\Temp\scoped_dir4672_152213363\CRX_INSTALL\_locales\en_CA\messages.json

MD5 558659936250e03cc14b60ebf648aa09
SHA1 32f1ce0361bbfdff11e2ffd53d3ae88a8b81a825
SHA256 2445cad863be47bb1c15b57a4960b7b0d01864e63cdfde6395f3b2689dc1444b
SHA512 1632f5a3cd71887774bf3cb8a4d8b787ea6278271657b0f1d113dbe1a7fd42c4daa717cc449f157ce8972037572b882dc946a7dc2c0e549d71982dcdee89f727

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.76.2_0\dasherSettingSchema.json

MD5 4ec1df2da46182103d2ffc3b92d20ca5
SHA1 fb9d1ba3710cf31a87165317c6edc110e98994ce
SHA256 6c69ce0fe6fab14f1990a320d704fee362c175c00eb6c9224aa6f41108918ca6
SHA512 939d81e6a82b10ff73a35c931052d8d53d42d915e526665079eeb4820df4d70f1c6aebab70b59519a0014a48514833fefd687d5a3ed1b06482223a168292105d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.76.2_0\_locales\en_CA\messages.json

MD5 07ffbe5f24ca348723ff8c6c488abfb8
SHA1 6dc2851e39b2ee38f88cf5c35a90171dbea5b690
SHA256 6895648577286002f1dc9c3366f558484eb7020d52bbf64a296406e61d09599c
SHA512 7ed2c8db851a84f614d5daf1d5fe633bd70301fd7ff8a6723430f05f642ceb3b1ad0a40de65b224661c782ffcec69d996ebe3e5bb6b2f478181e9a07d8cd41f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 591bdf22672cca5c0c6dcad44f0347c6
SHA1 20d41d4c104f98ee88a67b71a9b03c3ef4e95cd5
SHA256 c9c29daa4cfdb824d8afe18e8b29a2cdfbb9f415e7fc09074a1ef208f0890e89
SHA512 9951d05f037878d0bf8299b145e871ed8d7b0aa3bbe72b3bafcf56891e89d57269521c3610e9cc6addd84a2b8f18174c09d3d270de7d39c5246267b8b9210965

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e7059167e4b0bae9e4e9ac7a5c7d9085
SHA1 bd8fb466ae1d4872c7219c9268f53427cbc24127
SHA256 f30f249c1430785a30f4e8218e1b7f35c323f0227ff07dad2ae12984c42700c1
SHA512 980ad8fdea40d3d70d66bd163f62185aa2904b665e64cdc1650ee604e46e7d1f27ee3658a636bb40829143c5d8e5ab81e3b782b41645af2502a551f26e847d5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0d839b498fc3dd87b20b9cdab684920e
SHA1 8c647d47e238db82375927d5ce7f055c18e9aef1
SHA256 7ece06f3d8d4fc3e4fe3dad297390e55fffd16bcc98938ccc0015e500dd329c2
SHA512 3e0875add64cfb54c72817ef65b35d2b6d750e1cd800a364735e100908ca529a37c7af92c0e45b0072f7f76f654de25e83e3f022fcb53a6a213596d925042ba9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 8c6a48babf354fa59836a413ceace304
SHA1 c71414c8475fd8e72bebf47654e328cd0f5e2883
SHA256 b7f6c0b31a44a40ed8ef1907ffa8f5e0ef82859381c16a725820d05155f96718
SHA512 ffd0b959501bc93e174371deec8b55621836b07a8c6d132db6a71d0b6f94478c7a618c161cfbb99562750075ed51661f058d90a51f9df6fcadf7d752b0755ce3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Google Profile.ico

MD5 85e84abd3e463653c93375c0692ec454
SHA1 e81883193ce7a24604c8d19ecf2cc655a49cc8a5
SHA256 83d08d40c611755612b858c878e89b3a94ea9b029f7dd26b39b6b1ea104c1940
SHA512 e56284439a2be6575b65a4f488feca22cc2f0a60eeb035dbda01c216b6cb1036509c1f37635c266dce31c33c0ee32df8085aff1bec06ee8f7159347bf7d175d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\DawnCache\data_3

MD5 41876349cb12d6db992f1309f22df3f0
SHA1 5cf26b3420fc0302cd0a71e8d029739b8765be27
SHA256 e09f42c398d688dce168570291f1f92d079987deda3099a34adb9e8c0522b30c
SHA512 e9a4fc1f7cb6ae2901f8e02354a92c4aaa7a53c640dcf692db42a27a5acc2a3bfb25a0de0eb08ab53983132016e7d43132ea4292e439bb636aafd53fb6ef907e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\DawnCache\data_2

MD5 0962291d6d367570bee5454721c17e11
SHA1 59d10a893ef321a706a9255176761366115bedcb
SHA256 ec1702806f4cc7c42a82fc2b38e89835fde7c64bb32060e0823c9077ca92efb7
SHA512 f555e961b69e09628eaf9c61f465871e6984cd4d31014f954bb747351dad9cea6d17c1db4bca2c1eb7f187cb5f3c0518748c339c8b43bbd1dbd94aeaa16f58ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\DawnCache\data_0

MD5 cf89d16bb9107c631daabf0c0ee58efb
SHA1 3ae5d3a7cf1f94a56e42f9a58d90a0b9616ae74b
SHA256 d6a5fe39cd672781b256e0e3102f7022635f1d4bb7cfcc90a80fffe4d0f3877e
SHA512 8cb5b059c8105eb91e74a7d5952437aaa1ada89763c5843e7b0f1b93d9ebe15ed40f287c652229291fac02d712cf7ff5ececef276ba0d7ddc35558a3ec3f77b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_110531163\Icons\128.png

MD5 c592b8809b071c071577fff963bd1ad5
SHA1 f628a6edd48da4aebdfdc05ee3ce852b27706cee
SHA256 8a9434f0ede8c6edf65f8d5750852be574847a62a4534e1b6b372078463b6d04
SHA512 418f074fe6b91e4393bc670a75d26db28ddfa370e3b33c17db2a402dd008175be910c3fe9714051d55c13fb28d3901fc6e7e81f73587144d053d8b25bf9c8c90

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_110531163\Icons\96.png

MD5 00d0e0d7efe7f77992aa7a8a22c5ed88
SHA1 14c486c80d3dc19c8957b91667954668d5372da0
SHA256 f6b60fd8e480d7f9299cb636c9fa178248776573f80a2d0578eb59b0b00f399c
SHA512 80a056cf81d3bfc257f98f4b625d2fab7d613c4d441182bd86016412ad33bacb9e9f8d23d7475f9f8283c01437ac960164b4c36e2abeceb31a214b7d97b614ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_110531163\Icons\256.png

MD5 3de31cf191b30dc4e1badb0a1f90f557
SHA1 7eed9c2e5e3f00ed61dda1bafcef44dd98ba288f
SHA256 f4727cb21b530f3cb5b64921782fda264f79abb914e3575167b451c9de1a2db4
SHA512 c108af0e3fd76e820caf723bc6eafb23825fa8ea6411632774e7aa1cdc1e9335de7adec7f7be383397e516cef232823201523ebe03fcd2a094eaee4ee572b891

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_110531163\Icons\192.png

MD5 a3d345a7f47f8b77f04242bf889579c8
SHA1 7cfd4f5d719c850bd2961e4bd861059973c58b53
SHA256 085ae339d9b0722f67b690365c62b6757cafd5b36f101a2ec8439e94669ada90
SHA512 264e46adda0a7db621e1bfb5a5774f2c4d32cc202df28e87679d598ff5bc7e86a0dca5f7bc1f571f6820189acb4548b19560e52281729379a859a71c4815f896

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_21805856\Icons\96.png

MD5 a8634c3b8cb35c440e8602b83232b95d
SHA1 980c9e29c7a8e1ffde703dbf48e37d26fd6a47ad
SHA256 1f1ad168d3a6a9ae77ed46f35d562c8cb83a2e5b79c408b6e942bc8312062b63
SHA512 202538755cf3a93dde4457d11cb0d3ac52164f875a9853307bc3b61fe84f5e18aa539550e37d48cc148cc3accf85d386db5e7394e46c89261bbff12ff73fd358

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_21805856\Icons\256.png

MD5 be3fffb96bd80cf7f24a6d9726789c98
SHA1 57bb7b79f050d505d83f0fa25c7851b402b09f9d
SHA256 40519b5d61f4b468dd7c3fb49845c11ae714ac47b25c3e334955c141a8804d2a
SHA512 375591134b055c85e340e6094464f445ac3a033f44fb1b25188980f9582b0d2190899766aaec6b6982a879a2e805168e246dc6107edd5747526832d648010411

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_21805856\Icons\192.png

MD5 c6b95c298f1444efcf5987a2dee77d7b
SHA1 bc29ff4d36de50b3d5ec2f2221d13c3b47f5cf9a
SHA256 6d933c584717c68035ed8117711975e40334850c11f019570462ca7781da070c
SHA512 4c96224c58393618f3bdf13cc10c49dee0e4c93d061d50164a931782c0d4adff8a7c5f018da032638dac63937a46e028c6ef6a4e2a140d3c0b3a21895e9f56c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_21805856\Icons\128.png

MD5 928ca6910bd5042fada98deb1cc97bbe
SHA1 9bbaed82654ec6c206c9fa94c955e79003305a48
SHA256 d2cea6bfe486280d243598d6e1f3c53ed48e445f36bf63c6df8b688622065e9e
SHA512 a7d3cea72f0d53c4c0f6190df091df485749462c912483d2997233a25ab2776f1f9fe08dd5c559d1134d89b5666d0bf0d9e9885500721fbbcd103665ed8c98db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_748603294\Icons\256.png

MD5 60437d9e383754b708a322a742b3bd57
SHA1 d329fd38dc7652afaff8a6231a1001e680f6c62c
SHA256 4e09d944b6b30ec9be9d0cbbac1127c1879d49a0781753ae40de30195a178282
SHA512 63e4d39d0993c4587745373ed21c4a336d01a70f3fcd8b1dcc42cdeeb28e611cb38f7fde01bd86f198d0b6933f7ed7e8f706b43228b8d40b9df5fd24dfcc3796

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_748603294\Icons\192.png

MD5 e0d1f994774f55a81a52a13a0a2f3ff2
SHA1 7b7e7d175755cb7ac6dfc4e8c346edd2df5f1412
SHA256 a1911a1fd8d9d59b4a4732e15575733b3554d4d5204dd25898bee1f2d2bf3055
SHA512 15219f563936edaf16e4796ff91b41b1bd66dfe0d3acb03b926cda9dca7ad750a3590fe546805b40bebf8ba58b7c96f72078d458105e0c865efe6cd5b0b05bb2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_748603294\Icons\128.png

MD5 8eec20e27dd654525e8f611ffcab2802
SHA1 557ba23b84213121f7746d013b91fe6c1fc0d52a
SHA256 dc4598a0e6de95fae32161fd8d4794d8ee3233ab31ba5818dfbe57f4f2253103
SHA512 b19d628a7d92a6ec026e972f690bf60f45cbab18fc3e6ab54a379d8f338da95e2964ecdc5e2bb76713f5d3ab2ced96766921e3b517036e832148d1fe5fe8aa6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_748603294\Icons\96.png

MD5 feff62cbff77f38f36cdd6d3d108f41b
SHA1 119888e950fc6d871ef739a83280fb0b876f5117
SHA256 73a89fc3e88b56669733a197a994bce7689d3894ffed48779da3610febb29230
SHA512 0b80f973ce93bc11d9e8d635cc661558d8d5bde9fbeb192618cee30f8f0560ab7aa421a6cb386aae3f67e42cd06bb0569f51a0298fdf54d30f62537a864270f2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_961056281\Icons\192.png

MD5 60018f74f6704e8d7550709dc87b8481
SHA1 9331dae4f8e9f3cf688a06ce591551126c061fc2
SHA256 0e44830b55a89d3648da7108f834c5dbb84cb71e6b17ae9914353c7c79d88f9f
SHA512 0101ad78476d5fb069cd28c53cde480af9c0cb03fd0069da62d0483b25cbb158387293de4301adbc1bd5cf29a9832526a18f7a9693515f51dadfc2bedb32afdb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_961056281\Icons\256.png

MD5 94c400bd598b3d4cfa95867378056db4
SHA1 f569b9b161787e1a9f1f3e1024b6d9f00e860b21
SHA256 30676db62a7180eb0034e0549022ce6f49e21e8ef5ec1e6d1e2bb4d74b9b6d45
SHA512 4f09fb0492fde407f692824a7ee02cd06097919afdf5aef17012c55927638ee32c3dc148766324815cbe9ed5c884453f65d13148dd0fda29f95be8cef39c9262

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_961056281\Icons\128.png

MD5 318ec530ab8ed61498dc0b96bc9eb23d
SHA1 1ed7f0041844aa0b17dc51460224d8d5e6f5531f
SHA256 f2d0d173c86cd7df43fc6ff260f8dff4577d6d8b84c5a6092f3ef2cf5b21492a
SHA512 bcbad5aaebcdb2b17af9d9452c2d0f2434ec3c841d3d7a4add75ab5ba2c08c4a08ed79a6ef93a966b5c3cbeee8548707c79e016e304110642e39f24296f719fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_961056281\Icons\96.png

MD5 d8044938d8abc2c05c50abe41c160efe
SHA1 2f4d37983f1198520de252c6ea31eb4e3fc7b0ac
SHA256 6ec06b3bf26fd39b3d06233d2d813e42e37b3d2afd4b87732132cec15555fd41
SHA512 55484a2c375b2cb96adf6ffa0d835588dd89c8db15851f06ae9db67e8b9dc2e23a2fd75db5645212f17c3e4da69419012ecf2ed3e50b2a26e38ea285ea17837a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_194806201\Icons\128.png

MD5 3842b028fc967344f5f68cb67505b4a3
SHA1 27a15f8b3050a452f0fd6ff58cbcaeb0eeb363d8
SHA256 f4cd72ce752c3726342f5fae030f30659fc5582a04ec9bda620e5f0450457ab3
SHA512 6c016bcfb0b69266f318c198ac4adaf2eff76590eb4bebaacb8eff31ed0a6abfec0fa081856b3878b6f5f2c5846845b96536018e01ddda8fc54d0bd1dff67569

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_194806201\Icons\96.png

MD5 f99fc6217452717e179cb4c9c3591c02
SHA1 25db1ea828887a62fcca0da99ba463742c872276
SHA256 8dbca3e3a47f32375c795db9b3398092398ca2df4dd09b5d3fdd695dc3cca0aa
SHA512 f48ccf43a9ec9419754deba688c1effb7b06e924b03d2145ba49d1fed657a1e78ca33d2121b9af9afd9cc1b6d46ffc8871264f508109ae1e11b7d594ba96d602

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_194806201\Icons\192.png

MD5 d2935efd82ee8b99bdfb74ec67f83b30
SHA1 09a44b0db996973678ea0a6c65b9d763bee9eb2a
SHA256 7e21639c2093e0857c4f990fc0efc55831ab24eab945b66ad26e23a9d2112145
SHA512 2ae048b4e55290cd5979cfa0357b8a8dc2776de053ed93298f740e8df8acedca3084355baba6ca8ddb7a5cbe6f5a6dc4d49cf895328e0fe59b6fbc4e49ed8b53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Web Applications\Temp\scoped_dir4672_194806201\Icons\256.png

MD5 1c94f7e8de3c6d5e9281c8ae3953c8a2
SHA1 27d816cb31bd9bc599101449854b8809b89a800e
SHA256 faac1a17b2948b62028c87ada3bc0d678d078366e7a56c4ce03d62f01bc80aea
SHA512 f57b59fb932d284aa3a974dbfa66fd46343cc898d4c8203e833630a89fd03eb510c309251129ca9fdddc2e9a8b07a5fedd66bd1054313e6c28c4f586c4688e07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 09b0d288e6de4960de71c038dc5d0ce7
SHA1 83af4ac47706490bc1bd8d820bb297d31075f760
SHA256 f05c7f0b02f9b9fc4023a3ddd3ab9bc12fab8ebcd44e87503fe2e833ebf41ddd
SHA512 1de9ae43a396a1325b8975294ef75b85069c90b7114c2d41f9df9a534c1dbf1f979930d7c993a1cc4bfa8222fcc3b812b1c1651925bd3b1ddd125631eabe84b4

C:\Users\Admin\AppData\Local\Temp\scoped_dir4672_1199337612\CRX_INSTALL\manifest.json

MD5 07d4460df4024f7c92f4c167b84bd07a
SHA1 48d0aa12f33de0064317b0397b8f61668073d743
SHA256 e97abf0dc2718d5e28975af27f41fba1408ff77f5037c8840e44b87bed6c353b
SHA512 30bac36ff367ace40dc8197105ae1b97cf84826769bde1fd9bb053b740e4c715ab857bd010e494588911acb3bcc662f9dfd60f56ab3f81d2f975b7acd747f064

C:\Users\Admin\AppData\Local\Temp\scoped_dir4672_1199337612\CRX_INSTALL\_locales\en_US\messages.json

MD5 64eaeb92cb15bf128429c2354ef22977
SHA1 45ec549acaa1fda7c664d3906835ced6295ee752
SHA256 4f70eca8e28541855a11ec7a4e6b3bc6dd16c672ff9b596ecfb7715bb3b5898c
SHA512 f63ee02159812146eee84c4eb2034edfc2858a287119cc34a8b38c309c1b98953e14ca1ca6304d6b32b715754b15ba1b3aa4b46976631b5944d50581b2f49def

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.76.2_0\_locales\en_US\messages.json

MD5 578215fbb8c12cb7e6cd73fbd16ec994
SHA1 9471d71fa6d82ce1863b74e24237ad4fd9477187
SHA256 102b586b197ea7d6edfeb874b97f95b05d229ea6a92780ea8544c4ff1e6bc5b1
SHA512 e698b1a6a6ed6963182f7d25ac12c6de06c45d14499ddc91e81bdb35474e7ec9071cfebd869b7d129cb2cd127bc1442c75e408e21eb8e5e6906a607a3982b212

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.76.2_0\manifest.json

MD5 3005a1c4f019ff9d3eb0a46ae18f3777
SHA1 49f32dd0ff7a817dc3b9cb9acec8ec9c8c7d285a
SHA256 804d8d218e13e5e2a06a1d082d12da721e43e4f5973599fe40152865e8e1403a
SHA512 7e9db14ebb1cebdd84dfac487cd207ad992f0f17aa527f11dff6e5b803ead7d4e9030866c725bc5e6136e39fdbf23537939d1fd68fdf355fde2320b81b6411bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.76.2_0\_metadata\verified_contents.json

MD5 0137979a8831befdfc56f73d7abb86b2
SHA1 88db1ff6ec4ef5fc6fc4896035737b3273b4db35
SHA256 986713dd6bcdc277b3a53dfc1f0632b047f027544bbf32eed908df49b6c82547
SHA512 c4c3736e907d487b51df77c0fce6ad4ac9d7100c5a96bd6cbe652a53969531ebf8a2a3a106baa74b70fe27faae4a3eee9806950c42cefb8121c772a0b5407a83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.76.2_0\_metadata\computed_hashes.json

MD5 e6599ff108cb789ad12b1793e8869b01
SHA1 5a8fa1310ba04600d82ae67cd52650c48ecbc4ac
SHA256 3f7f0c4511a6e40d488c89eea368b27d3e9bd12722554808f7d303b1a37b6650
SHA512 5aed3cf53b9977d5a0604dfb9e491ce0bff6d9417897881f4ad7c6c8f0a477f68acb30849fafd6591a1daf105a0a6edc1817119db8a18622351b3f3bc05a852a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.76.2_0\eventpage_bin_prod.js

MD5 59076aab2186365e9892e4f465855149
SHA1 7928e5f1b3f9d34b00865d91e36786c978f44ef2
SHA256 ac51eaa606c3dbb06839e86d67003cd072d251305e2c67e3c92fde080896653a
SHA512 15085f01758b0ec636a69455b57946b1867700fcbd256ec52ec0ceed9f68f569ed0b92942998d4c88e4b1ca25a58a934d2ef88c23f3415a697575ca4b515e63b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile\Preferences

MD5 9826ea87bea8d443ea18bd2678901617
SHA1 25fd12ad7b0c6a4b011e67815d6dabcf80f95641
SHA256 6cd65eed098ac99fe2bf81026542aba6e720d00b1ac39504ba8fd25c6b9c9bb1
SHA512 2b369ed306549e862906c4444ee9c8ca408640d9ac4213ff08da225cc1e2bbfc3ac72e0dea46f4e70ed66933333decee94d2eb29e110e61dd83f5c3e62722cab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Code Cache\js\index-dir\the-real-index

MD5 04bcc3c723bca9587016d8deb3a99646
SHA1 ab8a2b88f6d6cd060ac49c8c4d1f4cf4a44286b0
SHA256 26a26a236de638aef97cae3b5c1c67e0be03767e124b949b7ee128d74dbdccb0
SHA512 8e29412945e1d0e3e237c4bbc7096e5e83d216702400a5eea7f9e5e1dd7e10eb0330474ab88b7b3f4b473837ec5f53bdfc49305fa1dba0785d29f72217a4fd8e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 2\Code Cache\js\index-dir\the-real-index~RFe58f623.TMP

MD5 a71afd7e97bf736bba0fe4dd0676d408
SHA1 c7daf2608e79da61a2c80549979a14b830f1d09a
SHA256 4967b0441a966a755c7072122fdcb49c23f8467a40e4e1b1cf8e4b60faf2a337
SHA512 e8b465a456a5f0317a4f4e7b26f6e9d58acb44c90c7daa2e8e0cd9fe515e6a2fcb89d82929143af027a3bd7247fa3ed24d225545c5e2d87fa98d2cc483f33a94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\7bf251a0-38d5-4521-be48-6069e93c107d.tmp

MD5 2855e7fcb3be8a844670e17787aac9f2
SHA1 d4e94b3dde82e00f73745d2e2c3760d501721d51
SHA256 34b08aaf70d9c0a089444bf12757117df88012321b8bc73254988f1bc45eef2a
SHA512 e1bd1a5b7ceb077573f8b52130600659faca3d3de9a485fbc0375a0942ad735973ac2134a096df324f02b361dc129cdd8815c6e7df5ce7e8ae5906e81656a859

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Network\Network Persistent State

MD5 a67f35e3320fb88163cdbe473ec7a83c
SHA1 fd8855974489539a0b5403c184d0bb18f5fd1fc8
SHA256 57fdfd79af35899391b6b7bc54a7a5387369935cccd80bec4b960fbb1ffb67ee
SHA512 51d67d8a0302ac431e9c32ca961c231304214e104f6c2262bd79b843cc71137229e26bf1c4b180dfd60b1a8dbf5d118060453249d660830daa4411cc7aba439e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Network\Network Persistent State~RFe58f671.TMP

MD5 2800881c775077e1c4b6e06bf4676de4
SHA1 2873631068c8b3b9495638c865915be822442c8b
SHA256 226eec4486509917aa336afebd6ff65777b75b65f1fb06891d2a857a9421a974
SHA512 e342407ab65cc68f1b3fd706cd0a37680a0864ffd30a6539730180ede2cdcd732cc97ae0b9ef7db12da5c0f83e429df0840dbf7596aca859a0301665e517377b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 3efda2c3d4a3dfae72912dd9e78c8a31
SHA1 53b12fff8cc99dd8ea7dee92032a7aeb3fe04edf
SHA256 665737cdee86a0d9c47f1a0dc462f33c182a777e23b60085beb588b189cd4415
SHA512 9597f0213802098931117409ae2cc4ec93af94160ed20ac5edb63ad448cdb9adaa1f74d113febf3acd9f934452a248255544667f471baa3dd99e964225cbe0c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Code Cache\js\index-dir\the-real-index

MD5 57ceabcba43b32a28ade0c1df0867dca
SHA1 e11556bf9dd225739868ee6aad86219d2a36d305
SHA256 bbdd3d8a331a2f91485e9dc728b9139dc7cd28d548d95a06356eecb622695e33
SHA512 cc318960a54e5d0146b029a7341637654ba16b93909c259b872b7472172888ce887f590b64aaaa8aa403188d88b892819136d570994b5152461b1b5c22e4d04f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\Code Cache\js\index-dir\the-real-index~RFe58f632.TMP

MD5 7e88831c4ba0591af04a0fd1d5290128
SHA1 c4038648f2d750be0bf5b43d457048a666350852
SHA256 f5dd7d9956ec056bfa2fa95350a1b1fe89659a7b83934d7ba43d98b22fe4ab37
SHA512 ff7762a2757e03a86dbfe860b26380368c95ee10766b8560da45042bf8a620bf58eb73bd4aff2d8913662d5ec30b4a71f903c2f5a7b9d5ce0e0aea370f433618

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Profile 1\bd945341-e4fb-4c71-89f6-f7b111884e8c.tmp

MD5 5d4a305736c8c9f1e549b812fd55be06
SHA1 33069aa5e1b5b33f9421e9eef966c8879d685ebb
SHA256 627006659307c7b8a08627d1995fb9d626b8ea30c94f8d78701fc2180e8a36b5
SHA512 d9f79bcf1f97bd55ee0db6ed57352dd10d3b02f80612480c47637ea3df47b8b6e547eeecf05f731fbca0b14f964eeeab98d19610fcda0ff95e39f081973f2cc5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\System Profile\Preferences~RFe58f623.TMP

MD5 96c55dd2f0cb8b515213d502681ba570
SHA1 e2b350601064495e68e62d30889db0a0fe526b7f
SHA256 bdc44a1f67d4d352ba3ba2ca70e29e1b55c172414113c26d082a89be994fb0ca
SHA512 3bbca50eb2ba23165c3b288ff47afa6bebb0dc8ed0677422cc66f43843f423347d232842b417b51f7e01b3f02486223660a351a2823a0e3e4e579000e61125fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 77fbbc87a9e8a90f0496713719d73c4f
SHA1 206096b15dfd5558f53a09f33916a42880ce8cb7
SHA256 da12a4541a9d473263d640254e4a571fee9617abee01ea13e786998a4c7d631c
SHA512 819e65beade4f071671d88b53fbab1f891c7776429f5b09f8e3a59594ea799e1627b57cc62f30db9794369359ccbc09f74beaaa2bdb35cfa92817ccaa895cd3b