Malware Analysis Report

2024-09-23 15:36

Sample ID 240510-snsynafd65
Target QRcode.png
SHA256 2ec0182c0cafb89a21d8223d2778087261b52999399136ed2f3f17a9a7b102a1
Tags
qr link
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

2ec0182c0cafb89a21d8223d2778087261b52999399136ed2f3f17a9a7b102a1

Threat Level: Likely malicious

The file QRcode.png was found to be: Likely malicious.

Malicious Activity Summary

qr link

Downloads MZ/PE file

Executes dropped EXE

Legitimate hosting services abused for malware hosting/C2

One or more HTTP URLs in qr code identified

Enumerates physical storage devices

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Enumerates system info in registry

NTFS ADS

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Modifies data under HKEY_USERS

Suspicious use of SendNotifyMessage

MITRE ATT&CK Matrix V13

Analysis: static1

Detonation Overview

Reported

2024-05-10 15:16

Signatures

One or more HTTP URLs in qr code identified

qr link

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-10 15:16

Reported

2024-05-10 16:02

Platform

win11-20240508-en

Max time kernel

2699s

Max time network

2660s

Command Line

cmd /c C:\Users\Admin\AppData\Local\Temp\QRcode.png

Signatures

Downloads MZ/PE file

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Melting.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133598278654379580" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Melting.exe:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4060 wrote to memory of 3820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 3820 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1188 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1188 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4060 wrote to memory of 1676 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\cmd.exe

cmd /c C:\Users\Admin\AppData\Local\Temp\QRcode.png

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x10c,0x110,0x114,0xe8,0x118,0x7ffb843aab58,0x7ffb843aab68,0x7ffb843aab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2160 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3064 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3088 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4108 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4360 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4528 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4768 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4784 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4892 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4564 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3980 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2724 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=3460 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5020 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3456 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1680 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4164 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4356 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5068 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:8

C:\Users\Admin\Downloads\Melting.exe

"C:\Users\Admin\Downloads\Melting.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5492 --field-trial-handle=1812,i,2302519483565704598,10060243509213240616,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
GB 142.250.178.4:443 www.google.com tcp
GB 142.250.178.4:443 www.google.com udp
US 8.8.8.8:53 4.178.250.142.in-addr.arpa udp
GB 142.250.187.206:443 play.google.com udp
GB 142.250.187.206:443 play.google.com tcp
GB 172.217.16.238:443 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
GB 172.217.16.238:443 clients2.google.com tcp
GB 142.250.179.227:443 ssl.gstatic.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
US 140.82.114.21:443 collector.github.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
GB 20.26.156.210:443 api.github.com tcp
GB 172.217.169.35:443 beacons.gcp.gvt2.com tcp
GB 20.26.156.215:443 github.com tcp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
GB 142.250.200.14:443 google.com tcp
US 185.199.111.133:443 raw.githubusercontent.com tcp
GB 172.217.169.35:443 beacons.gcp.gvt2.com udp
GB 142.250.200.14:443 google.com udp
FI 216.58.211.227:443 beacons2.gvt2.com tcp
FI 216.58.211.227:443 beacons2.gvt2.com udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp

Files

\??\pipe\crashpad_4060_JOUPNNJLNWPYGDFF

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 47afc064093aca5b76b68bea3cb44b81
SHA1 a8794c8cbbaf7ff28391acd0e169273d62c2d39d
SHA256 6ad8877a4750eb871c89ddf78f57cb69ed96f88992625351a1325b91100d10c2
SHA512 da2e37cc551a37831d43b47e5c2262ff32901fd68e0b1198251a7190b886fe9ce1e1238e0bf053ed714fd694f6634fdad6352a916fcf40353eae93f50043c2cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1863b6477c09a54cdc4476845a1df7f9
SHA1 3ddac65c73a6db76defe7c219df024f2fd1e050e
SHA256 43351996bfdfda0cc8feb4bd87e069598c18e8509a12197d0deb3daf21d3b5f9
SHA512 1126650037317bd5d0f66153e6eece7bd87bba07afa658260d7653a79582efe6fc24a07ac88b9a6bfb9260695ecd7461091b96a0f265f33486a5c564fd988fd8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 09c3a6a40e0297239991a09440c25484
SHA1 1dbfd66851eb6b49f584b64a1fb59c5d9adc2cb1
SHA256 fafc3a9ac5a04ddba678456efaea0a3d35a468a4ff3aefed6a3d413f8571d0ee
SHA512 510192cbc408efe1735cc43c13356d27fa164bacc227cc042ad702990ae8bc64ed91a0e786e00998269be8d5aef815b0535a2a5d732ab6a38d7832c01bc789e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 4f6f8df2dacaa5edf45b52ef0fadd99e
SHA1 276db3ef440309a7f29e6b2755c489d50e7da1f1
SHA256 8694cfb68ee6170648996f8c6f003b68ff3e4c92cdd08836a11ab1ce2695df5b
SHA512 6410841fae5dcfc98484a17c5197ce904b8aeb036604b13f99573e2bd62b2fde3d841a3989790f0cd942967ef4c485ab4ee404e11511632ec9544ad9f180ae9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8650fe7285348ceb47c43c85f321eda3
SHA1 fd546edb5e8129f0c256e854159746091e5be208
SHA256 922aca36e84bba65a83caa1550b681828fb1773ce9f18b6ad5d52ca5874101b0
SHA512 a546b4f253433bd791452c874f48307c6c9b3017428c2069608718aeecda7ca2ed02656de4af5d8de914046f46ca1d5d5a5edcf998921ae53da1ed888a03e32a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 77691159c48481712c7d29f52491a0dd
SHA1 81ec49a69dc9e5e043ae6bc62372b14f3b7a17c7
SHA256 a6d72eeb23c67e4ab915533a0db78517d1190e058c9a5a5939ce4990af85989d
SHA512 27986b9514689075c76b9f42cebfe8ae2d9ac7242fe233db9c700cd394f5dcaa1bb51c05ef797fc09d3f0dd80bc268be374626e9870e8a271272e4738d00deba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f6208b2a9b6a025f21772fd81dd76476
SHA1 b8e68039533a5f7608f1466e3d0c136dd40054c0
SHA256 9ebdb991b659d2ef2561c08a010b041553e30c5e4a04c110a321119051bcc135
SHA512 aef0f6bb486265ccb70c623aa9557fc67116b80a6fabd68438fc7ec5cf69d62e9b2bc882a124f51db2e4d0fda856fe401cdcf62db6223544461a10195756e28a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 90a3c0d2f8e48d4f02cde36445f5b0ab
SHA1 20bf9dfd3102a330df577b10aaf442ea0d6bfafb
SHA256 a4ea51c65fb3dfc701b0873eaf982cb9fbef4469074cbc5187d47f9a09a055d2
SHA512 830841c700e4ae20403a856d785335c76b5e506a131adb1642683cfe3a0d7a79c51e274923c3895ea2941e235603b842c2ff708717893aac76ad7222a77ea8ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fdd8a59acece709434168b4ae97d54dc
SHA1 3cf6060bbf7cf93068b02e13020105b639ce0f55
SHA256 cdb67917f7aaa1f8872506d4ca2b1354e8c506f0d7607840f93460589d1fb37c
SHA512 814f961424d647ba9238761240557f33e5fb348c0eedf5c714cce107436c8f516b5007e41f83727c492124f3c0622653af0f82231cfe5e23b6b175ab650a923e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 01f70bec72775773d28064f670471ce1
SHA1 9960006623bf12a7b0ccf32d931439694b9df863
SHA256 eedaabe6cc13b6f1d557a1ec6895620b2ef537320b3ec4a489a945304a51180a
SHA512 68d6bd259f69ead75842cb8ebea7c5e1ebe65f027b001365a78ca28181648edc65657d8f5531a7d68c45e95ed58c2ebb9a69338fe74cbc280036ce6d9ba44b1c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 737d236a24357d2a326e37b5aeecd020
SHA1 b78a421e452b707cfd201a9a3f37a51806759c26
SHA256 87f6596884650238e723015305a78ee011958b061d74310fb9b344cf0bbd24a1
SHA512 422ce6faa6d6f9158d97a6318f4fb37a43791a385f038067f594b94c3f6cb588a428315cb8813ef8eb23603c9295579f0effae8961d938322eb71750f05d2357

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 18ba03df919c7735708fba7f7ce2b1ca
SHA1 ac3597eab080b02bcaa45eaa4e148249c521a571
SHA256 c17e81d7d1ec1d192ce6a1134f799cbaa86807c03bb5225671de62af1520ccef
SHA512 6319401fb8c6998adcc949b8d460e538ac707fb2843dd819e956e33638d618ecd6977bd08019eb6a1b440c7b9d5f5655b52e052977a15dad1b791fc670ed2035

C:\Users\Admin\Downloads\Melting.exe:Zone.Identifier

MD5 8bbf19ce2a2edd6f64cf1eac6727d091
SHA1 a555c6bef2a5dff8315a5326ecdaaff98af9f38d
SHA256 6e776446a1c55ad3cb5b65f428d2de21e401890c8e5dd185dd78c15d8eb5ca42
SHA512 b37ed86c3a25eb0ff77fe7aad80deb0f2ede1291b1eab54af7a3de6c1b19afc7915422b0ac997e32fe799921b3d9fe1133bc95f2100c4ea082fbaa2127efa188

C:\Users\Admin\Downloads\Melting.exe

MD5 833619a4c9e8c808f092bf477af62618
SHA1 b4a0efa26f790e991cb17542c8e6aeb5030d1ebf
SHA256 92a284981c7ca33f1af45ce61738479fbcbb5a4111f5498e2cb54931c8a36c76
SHA512 4f231fc16339d568b5cf9353133aeae835eb262dab68bc80d92f37b43df64dce4fae0e913cbaa3bb61351a759aeecf9d280bc5779b0853c980559a654d6cca11

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\4f15ce19-855b-4f34-9fa4-8efdbb0a9e2f.tmp

MD5 f1cda02047d23b24610df7b187905c4f
SHA1 3b14d955dc5e8c66d65b5b9d7b7b593165a513a3
SHA256 baff0100c074240ff05b1a0b7720a218f914f079de94c40a86b13c34204d3a7d
SHA512 7860df0b5ff7ed7aa590def7009afb8ce9707914084cd07957f91e3dc002404b31307e771b6ac2299b421a8d02013ab5d44e2581497c9d1e09543a11440156b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1cf472bf3a835ce6509f17b47c699d25
SHA1 249f8f2497e92b1d2de88abdac206fa9f5c6fa33
SHA256 5cb04e4a359353cc2ffae6b9a379ed4cd2941cf916fae5429c5ae4595cb5d937
SHA512 85c58a5b61040db5b73edee8b3a57f7ef70035aa05c4dcae6a9e72337386bdc1a45ce0c9b79c3b867e641a5937dba4ebe66f4817d327bede7c3e41a8dbb1219b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 b77fc79ab7f5bf2c11c6a8e8d941014d
SHA1 7b22671a94fd3dab8d12e9d72861a1c5989cd1c0
SHA256 bba097f96338c76d695278c88aa613adcf47ae59c4034d2c2c5ef80b1d5d9352
SHA512 adaf1902e516a67e0a7d66a871f3c7400fa652d7067bbd5aa517928cc67a61b41ed26df5d32bc2819755ce39a669e75c24d5b920dbc3dee468cd7d7158c9be2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5959de.TMP

MD5 096c8d509d445b18599c4b19d02b6780
SHA1 e2aac1aabada701cc4e1c83b25e812f586fe3c43
SHA256 8d7267e1dd3bf2839b4195c4c2f9ca46af8cee890cb12a181844473c1f7be76e
SHA512 97d4625067372ae121291fe921f996c2039e11d2f6b1dc2a98e024110047ec91450bc0b2b3d0cb85aa18d006c88d32d685f35330055352a4b8c49f20b4660816

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 5084ab27423e46fa7c01f73aaa04db24
SHA1 1dcf15d55de54e299c888bc4cd10f7c76e3e6377
SHA256 7f9d895522e6370ec25f711223053ed780c01ab56c2ef7505fb129bf32e1f5b2
SHA512 4e611b623da7a130ff52b3fa25863422555e03938768e1924c617066b2107958958ce1e4cd1b1d753640ac9aecdf384c47eb3859fe81b4e49db9429e45b56abf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c126e9d15dce2c5c1fe5ae2bf16b84fd
SHA1 f20b84d45709e5b39509b9e1666858b388b60290
SHA256 6976c4ff2d131c31521f577f716500b7828af0e9dc6544139772e7b917c74969
SHA512 f60b05e0c4332674cc5ff4c6171e3a6faa56a60898301a709106693504af9e9e46b5bbed75329f6f5bd971a6389404ebe99f0e971f7b8acc2e486b5c0fbc8145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 24bd7c782cb408d53955956aef3736a7
SHA1 bf45d4f4f9f4a9693ea5a23b844f515e3890ecd0
SHA256 925678c322ea0915ac5116ea4e2e02a7fa3906d19356c11eb18acb81e8a01718
SHA512 55af59903d8be09bd3c2ce0922cb8645d1f3b24b5566c5c5f615501a1244894fc5e362d5274869abdd73ec5939e84fa8a6a835050be350dc15123e36d0e2a761

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7c4dcdb0e9e9812d130d4fe3ca7d7a42
SHA1 67a2b6e9e4f49ebf0dfa1038f20cdc6f6b2fdb2f
SHA256 8f168f9593f14e32549c502dfebc6a35c5645b55d882e57034569bca9b1b4ea3
SHA512 7837ea67cf84451b6c1306616269c3266b67eb12137cf613766eb60b21eef40327db71b7ea97249b10007c13d75d0274fca59e5c6fbe20a3ef97b339594efb72