Malware Analysis Report

2024-10-18 21:32

Sample ID 240520-2qqqraag7z
Target reverse.exe
SHA256 9695fb5db4b7703d0dbdc2d09de622f256a2320b33bf4ad585e93a88da1b0353
Tags
metasploit backdoor trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

9695fb5db4b7703d0dbdc2d09de622f256a2320b33bf4ad585e93a88da1b0353

Threat Level: Known bad

The file reverse.exe was found to be: Known bad.

Malicious Activity Summary

metasploit backdoor trojan

Metasploit family

MetaSploit

Legitimate hosting services abused for malware hosting/C2

Unsigned PE

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: EnumeratesProcesses

Suspicious use of WriteProcessMemory

Modifies data under HKEY_USERS

Enumerates system info in registry

Modifies registry class

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-20 22:47

Signatures

Metasploit family

metasploit

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-05-20 22:47

Reported

2024-05-20 22:58

Platform

win10v2004-20240508-en

Max time kernel

629s

Max time network

611s

Command Line

"C:\Users\Admin\AppData\Local\Temp\reverse.exe"

Signatures

MetaSploit

trojan backdoor metasploit

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A
N/A discord.com N/A N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133607188603894749" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2804150937-2146708401-419095071-1000\{571BA546-CC55-4351-AE80-09FD363F8876} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3108 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 2416 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3108 wrote to memory of 4884 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\reverse.exe

"C:\Users\Admin\AppData\Local\Temp\reverse.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff4a71ab58,0x7fff4a71ab68,0x7fff4a71ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1712 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2212 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3040 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3076 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3572 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4400 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4552 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4588 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4752 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4896 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4824 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3140 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3432 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4292 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4284 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=1664 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4920 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=1904 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4752 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4028 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4300 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x508 0x504

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3024 --field-trial-handle=1916,i,18110560535039713888,4598608151507432042,131072 /prefetch:8

Network

Country Destination Domain Proto
CA 51.222.245.69:8083 tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
BE 2.17.107.105:443 www.bing.com tcp
US 8.8.8.8:53 133.211.185.52.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 68.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 105.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 203.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.187.238:443 consent.google.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 discord.com udp
US 162.159.128.233:443 discord.com tcp
US 162.159.128.233:443 discord.com tcp
US 162.159.128.233:443 discord.com udp
US 8.8.8.8:53 assets-global.website-files.com udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 global.localizecdn.com udp
GB 216.58.213.10:443 ajax.googleapis.com tcp
GB 216.58.213.10:443 ajax.googleapis.com tcp
GB 18.245.162.113:443 assets-global.website-files.com tcp
US 104.18.4.175:443 global.localizecdn.com tcp
US 8.8.8.8:53 233.128.159.162.in-addr.arpa udp
US 8.8.8.8:53 d3e54v103j8qbb.cloudfront.net udp
GB 18.245.246.114:443 d3e54v103j8qbb.cloudfront.net tcp
US 8.8.8.8:53 uploads-ssl.webflow.com udp
GB 18.245.218.96:443 uploads-ssl.webflow.com tcp
GB 18.245.218.96:443 uploads-ssl.webflow.com tcp
GB 18.245.218.96:443 uploads-ssl.webflow.com tcp
GB 18.245.218.96:443 uploads-ssl.webflow.com tcp
GB 18.245.218.96:443 uploads-ssl.webflow.com tcp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 113.162.245.18.in-addr.arpa udp
US 8.8.8.8:53 175.4.18.104.in-addr.arpa udp
US 8.8.8.8:53 114.246.245.18.in-addr.arpa udp
US 8.8.8.8:53 96.218.245.18.in-addr.arpa udp
US 8.8.8.8:53 geolocation.onetrust.com udp
US 104.18.32.137:443 geolocation.onetrust.com tcp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 137.32.18.104.in-addr.arpa udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
US 8.8.8.8:53 remote-auth-gateway.discord.gg udp
US 162.159.135.234:443 remote-auth-gateway.discord.gg tcp
US 8.8.8.8:53 234.135.159.162.in-addr.arpa udp
US 8.8.8.8:53 50.23.12.20.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 js.hcaptcha.com udp
US 104.19.230.21:443 js.hcaptcha.com tcp
US 8.8.8.8:53 newassets.hcaptcha.com udp
US 104.19.229.21:443 newassets.hcaptcha.com udp
US 8.8.8.8:53 api.hcaptcha.com udp
US 8.8.8.8:53 21.230.19.104.in-addr.arpa udp
US 8.8.8.8:53 21.229.19.104.in-addr.arpa udp
US 8.8.8.8:53 imgs3.hcaptcha.com udp
US 104.19.229.21:443 imgs3.hcaptcha.com tcp
US 104.19.229.21:443 imgs3.hcaptcha.com udp
US 8.8.8.8:53 77.190.18.2.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 api2.hcaptcha.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
US 104.19.229.21:443 api2.hcaptcha.com udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 beacons.gvt2.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 192.178.49.163:443 beacons.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 163.49.178.192.in-addr.arpa udp
US 192.178.49.163:443 beacons.gvt2.com udp
US 104.19.229.21:443 api2.hcaptcha.com udp
US 162.159.128.233:443 discord.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 116.32.239.216.in-addr.arpa udp
US 162.159.135.234:443 remote-auth-gateway.discord.gg tcp
US 162.159.128.233:443 discord.com udp
US 104.19.229.21:443 api2.hcaptcha.com udp
US 104.19.229.21:443 api2.hcaptcha.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 93.65.42.20.in-addr.arpa udp
US 8.8.8.8:53 gateway.discord.gg udp
US 162.159.130.234:443 gateway.discord.gg tcp
US 8.8.8.8:53 status.discord.com udp
US 162.159.137.232:443 status.discord.com tcp
US 8.8.8.8:53 cdn.discordapp.com udp
US 162.159.129.233:443 cdn.discordapp.com tcp
US 8.8.8.8:53 234.130.159.162.in-addr.arpa udp
US 8.8.8.8:53 232.137.159.162.in-addr.arpa udp
US 8.8.8.8:53 233.129.159.162.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.212.202:443 content-autofill.googleapis.com udp
US 162.159.129.233:443 cdn.discordapp.com udp
GB 216.58.212.202:443 content-autofill.googleapis.com udp
US 162.159.129.233:443 cdn.discordapp.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 discord.com udp
US 162.159.135.232:443 discord.com udp
US 8.8.8.8:53 232.135.159.162.in-addr.arpa udp
US 162.159.129.233:443 cdn.discordapp.com udp
US 162.159.129.233:443 cdn.discordapp.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 media.discordapp.net udp
US 162.159.130.232:443 media.discordapp.net tcp
US 162.159.130.232:443 media.discordapp.net tcp
US 162.159.130.232:443 media.discordapp.net tcp
US 162.159.130.232:443 media.discordapp.net tcp
US 8.8.8.8:53 232.130.159.162.in-addr.arpa udp
US 162.159.135.232:443 discord.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp

Files

memory/880-0-0x00000000004A0000-0x00000000004A1000-memory.dmp

\??\pipe\crashpad_3108_KFIZRLGGBGGOWUDL

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b389112eb39566c3f1aec50d9c4aa195
SHA1 3553f669f455e4ef2f37cc8d2813ad8b453a674d
SHA256 19991f78698c01f462c42dd3765a23d5e104dc9a76f5a7a4f57886734f3584f4
SHA512 df7f21e5567dd150fe3485a1cbe392379a99518d01aa545cb05725e9d18bb5619ecda36ec8b6f87bfe1cf1fc7d32d2154033d149ef5e52b86aacb1cc103c709c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 acf03b569c561cbd2ae3b9beb262ce0f
SHA1 686ecac1d9aefb92eadd5bb66d1fa0ae747bc257
SHA256 d8c832cfe8fba2a57d71937f6b65a6097889391d52ca824aca687a52692d9aae
SHA512 8dc24335d3b5c0a182b04760a36a155d20681b45b90de36534570f2d352e2cac8d41d7177b498cc5555388514bfed76a622a2066dd677cc541482286b1a6d770

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b7084d5d7ea6a0bd027a18739c617e38
SHA1 92d6e991fc0d74c7425b64c26bd8e2612e525251
SHA256 3e278056bb9d7cac9f7ebe76534841c2dd3f3785a832cc8eae79c69a157ad1a3
SHA512 980142e840481e65dcdbf6d2443ce151e7c37bf033cd68f762cb34a91fdb8f9c36581ef29c7cdbde7713685c5311f9d2f0d341244c9b2a595c2b05c8ef5a78b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 40139ab2a4991643dee857db1ec2fd0e
SHA1 7d13b2c612355957badbbb20b2c73518287950c7
SHA256 b717013dced3ae000f471619725e376cd05876b70ecd00eea9a4946702aa67e7
SHA512 5cd0c8e4660b226d01387348be2aec8ec2a3d2eb4ca0913d877d1132d6381738a11d0ec01d53b5f9078547f41de0e76810514b4d01acd3a8b658c98a6b82490e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 48e7ace4881edc7b11709002a7c0fd3e
SHA1 e2ec29e8b9ce0122d240c39688aa4a0cc17c74fc
SHA256 a71f0f89d6b117a4ad029b3a5e2986ae8c5a586a77db0f35b47adf7a34279fe9
SHA512 445822c37900b06692b92aa0a68de2fb39fed6e935b306d9a3c9888b23f816bd8e41588286affcc5a04902e7da5219f8d80c2a1cd77cc0407b3e906817bb7d71

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 676544f751291503738b834d1eef761e
SHA1 afd9cb449fbe1286a755bc3a6497333718e2ea05
SHA256 a3cb3a30a7121e38b4d3df73e81d497b7c64c865cdf4ad22931b90cb37e7abbd
SHA512 aa9d1f9ffec76ac0a1282932a2c8d19b4378e71c7d014b529c4d2b83282908e018cc3328737ec6ba68480780d701993b286eb8090ee6203e30f08ab55db07788

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 b09368571722ed3e912c4f4904523caf
SHA1 3ba1c27f4d958920a0fb014434814135db2ca11c
SHA256 1d7ccc60a0f056fc77c00b192926b3fbaff33db5d4bbf01c844aa5c356ba33a6
SHA512 84a826de720c9238f9ac3d20b0cb301cc031c83d16eb48d6ab2b95159c6a0516f3c70a861275ec0fd69b4fcd55bf3249b314c86ec05726de3d1d91eaa3dcfe84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57ba67.TMP

MD5 7b1b6a139329fabfa290382d3c38914b
SHA1 2e1c5ce508a5c9e54c0d75a841aa84020f9c1e5a
SHA256 a5455128c822e189139736ad0decb2bc6283c4759d7fa47d2da83b515326a88e
SHA512 8187335755f81174ffeab90c9316387294734bd070f82df87a504d3df86537baf32d08721200034e7c9ba8bb90ed30268390b00a04f62c66cf92ac4d2a3b223b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a4d508de0ac0d86fab5e6ced16d71cff
SHA1 ab615d5ce59f5d2a2d2d72d507eb820e93161ed3
SHA256 aeeceb48d02c5a662833c50ad7a24dc82f0c5a52d659288d34666bcf4775bede
SHA512 19e0f4303a4a7589eff1055bf88e458fba1b6f4936df49d21ce976e1222e050056041bd5fc10f7fbed6ff63eb6b0b62252b4c0bd78bd1a13d2fe1fb81473ab99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 59d9fa1963a268a901a21fc93985c62a
SHA1 8c688db288390373a69a0fe3a17d2570564af3ad
SHA256 200f607cad449ddca4a535df8c81c7065e3cff2231cb137cb5f6596a53b5a93a
SHA512 be1f551eaf711cba84e9bf4d66907d15ac00e3819dc5aa21195af47c88f0839a0504bd79a6139b8f9f5e6b24844ea9c682358c344bf26f3bf8c6839c6d989f1b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 90d547fba71206f5604acf28f2a172f0
SHA1 c30fec4cc7f7b2d79e511f2691166b6d63492d78
SHA256 b52b738c5a5d4271501eed1df8b7844cde88265daa154c7b7e5d54323682475e
SHA512 5a42d79707976fa16a50fb22fb982b2e0e26fbf85bd035c173fade0f123cc80a3008879bb0b4aedfefc8b94022a777f9349285b7a13b8aa6f47c251fd421d447

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 074a4f4d2f4b71c50ecbbf9e8f2a32e4
SHA1 fcb4a27aa81fad64656b5091bb307a28822a1227
SHA256 786d2cf52a587597c035b055da78ea67345fba9b319d489f8bb9d3f96e2f041a
SHA512 3e4384ca447f8507c102c3069d9d4e7ec8682e269b598d19f4c92a0419b14234edab06366b925750ccdd8f3a591ba0715d70d600f9b34c9c56633993c49667b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000034

MD5 01058818c64fc3884e94090fa4e8ae93
SHA1 6a2dc2673f27453bac46b5a53ec3bab8436e799e
SHA256 b06c6393e8487cd92759158de72fe59034b15c0aaffe4ccc7fbd5b86d5daea70
SHA512 891bac612ce21ea56ba573bcbc1c52d060d0217cfc4daec89cc273881702fd09bed1570fc541caf23094235f73a907bba22125f791977badf3785614b3953550

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b40e878d59f856a33641cd3fe36af35b
SHA1 cabad2518a4d1defc56594c5ab4afb2d1a06a4ac
SHA256 50f9daa2d07c755a4322b047d73f66509185ff67861d327b68b18090e3ec3edc
SHA512 f5f52b11e2845f2fdc53d3c2ed6989a9aa58a99f1616f0470c3b130a7dcb5e65d9a309d85fa6f8483cc1c755811fa4cfa93dabe99b2205ff9f44bf8559243786

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7611829590257d3392c49332f7259935
SHA1 cafa95190364099bc2271a64eddda2d9a3cbd20e
SHA256 3cbb104a996cb68a90bd7937d73b9cc694a9e4dde99395841a532249d19bb19a
SHA512 876595a5ddee22d3725ead762bff6aafc9d09992ecacae0b96b23531b4ac5eebec2f4b267e02949d02dab723d9ed9642c77352efcc479762937ffdae4f339560

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6bccda67546570944d58086c18609cb0
SHA1 fe586c48c9bda9ac2aab23b4dee8223a8bc9cb61
SHA256 1b2e87e29cb831be7f97bec15c586de2359c43165970f5e58f5083a5e8488ba2
SHA512 e18c3511a7df1b086c0848c8a281ea232fb9926b4388b0661a84cd6d47352f4cfc76a178ce3553a8320f3f81cc6ecbae1e1f3091508cd0150bceb86fe6a4b053

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1d3ce0b80b7a7a6a5a999ae2492fd2b0
SHA1 336725a56fd4a15097e5d72ae8772dede92f8fb7
SHA256 0c4387623ecc077859dacc0e411eed07225cacf5d18201c7f34f48da66da07f6
SHA512 dca33f19b470ef46a46334de2f3dde66a356324dca2e72992421e2a5c96f8e0440c03504a85a373c70bfc11e600c8f7349b55ddd5bfab95571b9a0f13bde3bc8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035

MD5 3f934b380357b651105f2d99279e00ac
SHA1 3691ab97e025d816cfc57b5fdfcdec1d2271fe15
SHA256 ee22dd801b8ec5e271caca4b2cd5bdcfd400bb7d427611bbe7c9be022d140b94
SHA512 496297c588bed42b05acc3a94bd470a8202be437d1ed4eb9e9f97144093466dc8e42c60fc7ced650b9d2280d068f9f2808ec7ce05a2c225cf4dbc10eb90c0021

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2cd74c85e41614b46bdec02fca66944c
SHA1 5c8fc038cff9359c38fccdb343f29e37ed832010
SHA256 319814071e58633248ad271dd1564077d21ea5f4844c8938cafee65979e753ed
SHA512 6422d0f6501b3933b2b9f8dc041ac7c169f22d56eac5d454eb7b5bdec4eff480abc522c0c9cffc78888d2ebfd273a11d7643ab773af9776741f10403e5787250

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\64e81314f2434de4_0

MD5 0fc500bd059d510e0991c2152c0d9233
SHA1 acb2fddcbc9a7c02b09dfd1538c2a35f4a0e05d0
SHA256 794349a9fc87a5740ec7518b7d05494983263c78fe54d471707ed90eddfa3861
SHA512 0d0467b6154f4af91edd40c3a817d5537d212d7b654e3e1dbd763a95f84667fa5b71184d67359913427e8cfcf0a8737214a98276945b356a6ac1fd97d2fa8b7d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f40a384836825283_0

MD5 b0fcdb270a6c5f6625328bd30b78cfa0
SHA1 9e28f3f031107f07d93309cef097513abd7bac1c
SHA256 c3c12f4af09fec29aa263ff32f557df5979877ba53fe2ee5705e3f6e6ef63fc9
SHA512 5ee78fafc0404ad273dfe4b9b17147c1ce11587ecc95d8ef1326386f71f7e1af30069b3f27085c59822e3bf21801d0da365a696f9baec9003d96bc2f4c2cd4e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fea19af8f924e1bd75d0d4f18907aeda
SHA1 14d7e3fe8cd31d954cb3c18fa14617e49c4eb1b7
SHA256 6d5844dc18b020e76da320a871d71a7e1235ebb1fa61a467da3dec3da429d264
SHA512 79105a07e06936a40b4bd1cec7b2ed6984dad3513a2ea4c7faef7c0eec26916c5e0de64c37187b7139e37539d2d8277dd49b6feb29a8306e1b13c90493fea0a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 4001a024b0f1900e536040525df5a762
SHA1 1a1b8fe0fc2a825db0067667258bed27e6a92ad8
SHA256 9b450077519fc9cbe850a7a34019cc331ffc10fa29ff4cc3c5331f6770a76854
SHA512 642f0b181b6ccb575af511292dfc164937541f0b6126d7ce5f3c9e021f6952838f3f7a9eef8c0db7bd8d85704bc384eae250239cbef05d3c966b58ce114a270a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9170df9e5f3a398abd923bb954f713b8
SHA1 f30ae3bf18dc1b5da92838634c0b1a139683dbbd
SHA256 f1471bb582cf3ddef3ea5860236e130b497dadeef0d1012a3e24dbc0c41e1e08
SHA512 41355238412d8ddb0fd238344789b6987a1e334a236b60a4a9d7d03eb7acfacb3ce631c637112b7e8105aca1bfe01db7d2dfb409624c176ee95591e1c953c481

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0a1aae1bc1f236299c20c72894b31559
SHA1 97e1a96aab3fa5dfa3f6014518e4a31c56fec520
SHA256 d1095031797ee3a9b7b6f8d94dc9da0ff63a3a641cbf7899678331a75d8d5976
SHA512 f2c4f1ca8f1c576332dde4575758da89a0460ecce9c6e19d6d46a1b3b9703225244f1d7d92896674a0ddbff35e70a70b167ff0c49840dc49b176e4cc3e544a8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 34cbbf7f241a2a481d2affa2f4164911
SHA1 fb9b2d18c0d9826d5b567016af863e6f60f3e9cd
SHA256 89ec2d82dd4a307a25403313b0fe785fd0693a155f8693f7be8c0d6616f3f23f
SHA512 6c13f9d120ab0b3c8d3d378a98f7b51b9a3e0912e8d5027161a55284ba9f251520fdeabaaf40b4d3f09c238d8ce886c4ec43f17e1069690dfa03e36c8dd8af4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e99cf2834cb50b339e59d9bbbb0fbeb1
SHA1 d8ee4d4d1a2d053e603e9b84f7d1bb70d1605afe
SHA256 3e0c93486fb5d89a67e2bb840d8539e67cfcd5575db6e26a8231e23e3a384eaa
SHA512 cdff1215b97cf22e5afa4661544a97097649a290cb68f7476aa8fad48a70172b4045cc03dbb1864be0e68c5cb990cc4e64a282d870fe6b7423cd7e065837edd3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6cd654013b5063ef52b423acea9fb7c9
SHA1 2e64f372dfbf78dfacb0986b733946b45e8abba4
SHA256 54e9850e494abef65bbbd2d27acc5ee264f9a4cd0b4ac3e545fb655bc7e46d81
SHA512 162da13dc612ac838a80726ad684aa2e32b31a45bec556b28b1a80d5743a9b7ceab1b6106aed0e7be90215916fd5ca24b0ab68535f2bbc8fdbc8810a6850cd3c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2fad4283bbc0062b9116f0d1ffd3e4c8
SHA1 c461fb62b57541623084c5c0d87f0001d2381f71
SHA256 1f4f5bb2c8223663812cb64aa2334f5a950afdc54599c59ae5b5927cbfb3906a
SHA512 5f65e64256a3ba957afdd4d784f317a97b9c4ed9c934afeb7b1f920c2e717d89c1a01df0f0239cb7a233297b81291c28654b459698f4a71d9fa207ef118f47a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 820b27ae1a43595b1f895c12666b7ebc
SHA1 53aa9bd7b70bc03f00cd0bad414f4122ffa086e6
SHA256 15398966575dc9e6dacf7da93d9457f38790cdb605960514ec4747fe68c713a0
SHA512 fbc80498ea8cb254fa6c4a37826273923bbe5a852a44e170bd15124218a91d8ba0c8911e6dc808eed9e4117c00705de8a3f787b05276e3a282f75bfc674467e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 873ecf06edcab078cde5ae177d169cd1
SHA1 3a9e0b8ddf807e141d5fb1ff7a8404fbb53f869d
SHA256 303bc604ff7d95c21d160b86c4b54ce53534835e21a457ce923c2ca2bb4340c6
SHA512 546f734a3bb400e4a85510174a82ea97deb1c3de909cb24c209f3a2cb3abe4e921081cf0c0f4ffe310e960715b8cfdc6c9733837dbdfd8ff3cd261d4f68539bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 0ab81e316ade7505db7e2d60f74e505e
SHA1 53d8b901eb6a68351f3d27d51b3d36fa30cb0e8a
SHA256 8d6f4abf021c93dd09c74a8816cdc516b3d6a7e55ae3478bedf46c3df66bcf5a
SHA512 576a5767dff8d7462e31f65120e7ee112943bfe20f14de037b0ed2497a6c9b33fc63b2935ae6112f60099b7c01ea3f6bb200b2f14078e690db1f5571e8b78eec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c0d59d2748f6057e694e23006c10cf78
SHA1 524ac8b4d6e27509c950bec76da8f1f831473bec
SHA256 8fdb058bb1df94d41f8415a502ef579a798d0d33cfd0dcc8cd9e5c28dea61af3
SHA512 b6f99f5d75c7fefd40e1c99dd4f4a047aa63ccc62180ce4eae2f88f79ddaeb61e314148ee99f7d3fe079be57e89fce2d857af39e1fe74fb703d5a11065f0cf2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cba023543d8b9ec76ce6d7e998d431c8
SHA1 1aced653fef90ac54311b0fcc0e101241e362288
SHA256 382443dea4b58dcfa6de468433deacfb992add52e1a1c6a1a4d04bfe7021d8f6
SHA512 53ee021c5caa9d549480b730311f472b1898fe6ddf827ab6ff24f4a8708c63bb5191025c2db4fcc05dfa7af5e40d183ac1c5042316650f52b19f2c9eb4b5f5ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eb697c940e3a3113e3322637b1a6188a
SHA1 2fa7735a2643cf6ae44db1e6d0292f0aa3d60b09
SHA256 f18ba8cd90760451f39a7492c18ab8c96c2ddcda8ae08dc7006dc1e2e33ed2ad
SHA512 9322fc1668b72937150a53cb073ca822b061fc7256f9b30eab2419767980b7896b5755d57e9f7918d694d019438b0012eee83ea270ad880b5e1922455d54b978

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8f3cd2327715321972c0e153a9fdda5d
SHA1 aa2843c72109c7b0be46044b43ee4c361d0a1700
SHA256 bfbe4554fb0e1da76a5abbf3e9d97caac9a041c5c368e09b4bd231491f31fd48
SHA512 260380f116a8506a0f2f8f197f99535ae534e079e2ecece8a07964400e75064cc6838b71524e10a347b09d0160e97c18e3a4237bb8129ba21718f2498ad162aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ad7ee69e945a7cace772787392cb5ff0
SHA1 5589e2376d8343e42271bba2d23807714a5058e2
SHA256 21e6a9607b42524d9c4652d50050e21f889240c75e573d63b30ebdecb5603aa3
SHA512 dd3c138e6272b5ed09c40503d466a503d735c6fb25ddd11077f9a183e71ce07d020610ab95877ffa064d1e9f211091436195a0521319c51baba454521f3c9bbe

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8cd06b3c720ea62c922dea3f2e8a71fe
SHA1 47100932fdc05070fc738ca910bb3e803d9d904a
SHA256 0275c2e7f3a1420f6496a11a70cb8ccd1d7ac92af8aecc5cd70c6a275fa33529
SHA512 5423f309c199a4b3beaf5f0eac2ba9fbc2928a89e046e18197237ac6e4779db0219cc9eed4914c98bf836469bff132f78ea93abdc82a051700b079613bb23a6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 9d0269c07ddf91f10b8739f1ca9831ac
SHA1 f85d2ffac72641352b29eb6ff685b50bd5656461
SHA256 e687a5dbaa50e708782e11dbafe809cb1ee6fdfb8134d282b1a211ecbce9a177
SHA512 f3c0abd78c8924b64cf05b7befcf397296c45365bdf9b96a5a491960e39079db2d2f81a3bfde718b3374653afd051f5c857d063e5a51419877f86c4e4603a565

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 863a6a8becab35511239afb9076619bb
SHA1 2523cb5077508132d5bcdef39b1bdcc0344b7690
SHA256 2bb3a15f03a9d11376ae8508ea470ffdff69aad7fd80a59c19398ab32ee71985
SHA512 01fe7d90915bc7583767e38cdf4902799daf9063228e7c4f81b88512800c60ee776bf49d975eef5db96b77c9b8edfad4608128a6326494fff32a06c243b34cff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5c79e4c11f3e139113596a42cc9311ba
SHA1 e37b80441fee48712f91539964712621ef07f156
SHA256 847b05189c683010a7be0be1f4e72ff9d78ff8ecb7f09989252d64316e26518b
SHA512 d2220c1c1b609b1f860ca2fb7dc160a49f6fd4dd0ddb030966cfebc0eda2a3faf615b64a00660b5ab79f00c57c8e2336617a010e50b0cf4e8ba8195e1adf1137

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 a79b89783300b5b42d7e1bdf219cdb83
SHA1 beb18c48ee481b27be6f6a1fa5a6b1b08c8e1a64
SHA256 400bde904e5639bfc21f9b78e4c755be889416cf5bc8ec98a4456355c39cee47
SHA512 79c1b3a2feb22dff868f7582756211ba8aeb8aa20efd0ddf85b062b74de3dde3ca54cbf0565d39d80fcbdb139604019c0ae7ddca0047a9bfbf0b6760f87d653a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 77fc29db8603ff9d50f3bf3179199fd3
SHA1 77e1ade48427988875060390696c0787d31ee784
SHA256 9251fa62370a1254d639f15702a376c4e7e07687f44094a8c362eda1dbadf280
SHA512 dc406139b66d7780ee92cd8f518394920f9194db03bfeffd65fb39b924b827f5039447cac41ada47af330efb02da386f70e0c48ddae1a1aae0286928ecc3f6d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e30b9312da71327c93c3755699732875
SHA1 a4bf516ed871c3daf2184d01178f6a71f7207870
SHA256 38eb04f572a7d666fa38a7567eec51cc14fd600614991e7a532f1d179edd245d
SHA512 8ea9f75a5a0519307b25d91411bb187f456f0628ca82bc628a4e493b28fe9ddd9c08b5e05a533e0d470db62b91bfb564f1b74e0d96cc8324a27a8f0f324fc91b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 3b2dee28d28fcc1c496a5d7ed57d970a
SHA1 2cf07ca5166494b74a854eb37a505fd7ba824e2c
SHA256 e4e99ed9067badcb38efb2208adb15a207a8f7b900c57c360622ef9351434ed0
SHA512 0d89ac927c15a896272ad4d6d3ced31e947f82c2f8da1fa3ea6748fcceb7d3613ffabc0a4f0883fd7256056aee8167d847ad13abfc0363ad54d9ff111dd910db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 085359706e65f29ae4dec9a38ab99a3c
SHA1 d5c8fa0db6337ebf210edf4efe30d4c2f74fa5c6
SHA256 4cbace98a44a82f08d00e45a206342c1c0fe7f436f963617749afb63bf1ac7af
SHA512 3abf2e2858f36a995d67720ceec5d5b033f669da916b0d7c872f4b06faa1e912aac97acfcc819080c23e98026db30894503a02d99d8a0b79e67e760539dc91eb

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-20 22:47

Reported

2024-05-20 22:50

Platform

win7-20240221-en

Max time kernel

120s

Max time network

120s

Command Line

"C:\Users\Admin\AppData\Local\Temp\reverse.exe"

Signatures

MetaSploit

trojan backdoor metasploit

Processes

C:\Users\Admin\AppData\Local\Temp\reverse.exe

"C:\Users\Admin\AppData\Local\Temp\reverse.exe"

Network

Country Destination Domain Proto
CA 51.222.245.69:8083 tcp

Files

memory/2400-0-0x0000000000020000-0x0000000000021000-memory.dmp