Malware Analysis Report

2025-01-22 09:08

Sample ID 240521-wzqt8aeb2s
Target https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbFY1N2ZWTDlkOXhQYmU1bl91eTBxTVQ0aVRqZ3xBQ3Jtc0tsY0F1eEd4QkFFLWpBZ1RwU3VUdG1MS19qRmxPeXZ6cjZLdlhvYnFhQzBfSnQyR3pIY1h1alZWSURxbWkybzhEQnlULW0yclI2aTNzaDVUcmtDbzZpdUpuNW5EUEZHYVNaMUJiZWFpVmRRaXZNcmJ3bw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2Fikh6skoi11jf8%2FROBLOXCHEAT&v=RBWNRTMZduA
Tags
redline discovery infostealer spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbFY1N2ZWTDlkOXhQYmU1bl91eTBxTVQ0aVRqZ3xBQ3Jtc0tsY0F1eEd4QkFFLWpBZ1RwU3VUdG1MS19qRmxPeXZ6cjZLdlhvYnFhQzBfSnQyR3pIY1h1alZWSURxbWkybzhEQnlULW0yclI2aTNzaDVUcmtDbzZpdUpuNW5EUEZHYVNaMUJiZWFpVmRRaXZNcmJ3bw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2Fikh6skoi11jf8%2FROBLOXCHEAT&v=RBWNRTMZduA was found to be: Known bad.

Malicious Activity Summary

redline discovery infostealer spyware stealer

RedLine payload

RedLine

Reads user/profile data of web browsers

Loads dropped DLL

Executes dropped EXE

Accesses cryptocurrency files/wallets, possible credential harvesting

Checks installed software on the system

Suspicious use of SetThreadContext

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies registry class

Suspicious use of SetWindowsHookEx

Suspicious use of AdjustPrivilegeToken

NTFS ADS

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Modifies data under HKEY_USERS

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-21 18:21

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-21 18:21

Reported

2024-05-21 18:28

Platform

win11-20240508-en

Max time kernel

400s

Max time network

405s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbFY1N2ZWTDlkOXhQYmU1bl91eTBxTVQ0aVRqZ3xBQ3Jtc0tsY0F1eEd4QkFFLWpBZ1RwU3VUdG1MS19qRmxPeXZ6cjZLdlhvYnFhQzBfSnQyR3pIY1h1alZWSURxbWkybzhEQnlULW0yclI2aTNzaDVUcmtDbzZpdUpuNW5EUEZHYVNaMUJiZWFpVmRRaXZNcmJ3bw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2Fikh6skoi11jf8%2FROBLOXCHEAT&v=RBWNRTMZduA

Signatures

RedLine

infostealer redline

RedLine payload

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxCheat\SoftWare(1).exe N/A
N/A N/A C:\Users\Admin\Downloads\RobloxCheat\SoftWare(2).exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\RobloxCheat\SoftWare(2).exe N/A

Reads user/profile data of web browsers

spyware stealer

Accesses cryptocurrency files/wallets, possible credential harvesting

spyware

Checks installed software on the system

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133607893252849475" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "2" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 010000000200000000000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Generic" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2\0\NodeSlot = "7" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\MRUListEx = ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "4" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 = 3a002e803accbfb42cdb4c42b0297fe99a87c641260001002600efbe11000000e7760a3858a1da0146815e3a58a1da01169be45e58a1da0114000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "48" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\Shell\SniffedFolderType = "Generic" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell\SniffedFolderType = "Downloads" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "4294967295" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 020000000100000000000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2\NodeSlot = "6" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\RobloxCheat.zip:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe N/A
N/A N/A C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2744 wrote to memory of 1428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1428 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1364 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 1600 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2744 wrote to memory of 2272 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbFY1N2ZWTDlkOXhQYmU1bl91eTBxTVQ0aVRqZ3xBQ3Jtc0tsY0F1eEd4QkFFLWpBZ1RwU3VUdG1MS19qRmxPeXZ6cjZLdlhvYnFhQzBfSnQyR3pIY1h1alZWSURxbWkybzhEQnlULW0yclI2aTNzaDVUcmtDbzZpdUpuNW5EUEZHYVNaMUJiZWFpVmRRaXZNcmJ3bw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2Fikh6skoi11jf8%2FROBLOXCHEAT&v=RBWNRTMZduA

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x104,0x108,0x10c,0x100,0xdc,0x7ffc2d75ab58,0x7ffc2d75ab68,0x7ffc2d75ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1512 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2168 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3000 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3008 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4296 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4156 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3748 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4900 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3780 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4016 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4664 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4444 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4924 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4688 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5204 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1476 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\7-Zip\7zG.exe

"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\RobloxCheat\" -spe -an -ai#7zMap12775:84:7zEvent198

C:\Users\Admin\Downloads\RobloxCheat\SoftWare(1).exe

"C:\Users\Admin\Downloads\RobloxCheat\SoftWare(1).exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"

C:\Users\Admin\Downloads\RobloxCheat\SoftWare(2).exe

"C:\Users\Admin\Downloads\RobloxCheat\SoftWare(2).exe"

C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe

"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc1b96ab58,0x7ffc1b96ab68,0x7ffc1b96ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2244 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3084 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3120 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4268 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4312 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4564 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4272 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4536 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4416 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4768 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3424 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3208 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4752 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3940 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4140 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2732 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2824 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.212.206:443 www.youtube.com tcp
GB 216.58.212.206:443 www.youtube.com tcp
GB 142.250.179.234:443 content-autofill.googleapis.com tcp
GB 216.58.212.206:443 www.youtube.com udp
US 8.8.8.8:53 206.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 104.16.113.74:443 static.mediafire.com tcp
US 104.16.113.74:443 static.mediafire.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.234:443 content-autofill.googleapis.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 104.16.113.74:443 static.mediafire.com udp
AT 13.32.110.51:443 cdn.amplitude.com tcp
GB 163.70.151.21:443 connect.facebook.net tcp
GB 142.250.187.238:443 translate.google.com tcp
GB 142.250.179.234:443 content-autofill.googleapis.com udp
US 54.184.119.250:443 api.amplitude.com tcp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
GB 163.70.151.21:443 connect.facebook.net udp
GB 142.250.187.202:443 translate-pa.googleapis.com tcp
GB 142.250.200.3:443 www.google.co.uk tcp
BE 74.125.133.155:443 stats.g.doubleclick.net tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
US 216.239.32.36:443 region1.analytics.google.com tcp
BE 74.125.133.155:443 stats.g.doubleclick.net tcp
GB 142.250.200.3:443 www.google.co.uk tcp
GB 163.70.151.35:443 www.facebook.com tcp
BE 74.125.133.155:443 stats.g.doubleclick.net udp
GB 142.250.200.3:443 www.google.co.uk udp
US 216.239.32.36:443 region1.analytics.google.com udp
GB 142.250.179.234:443 translate-pa.googleapis.com udp
GB 142.250.187.202:443 translate-pa.googleapis.com udp
US 172.67.199.186:443 privacy.gatekeeperconsent.com tcp
GB 142.250.187.238:443 translate.google.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 172.67.199.186:443 privacy.gatekeeperconsent.com tcp
US 104.16.52.110:443 cdn.otnolatrnup.com tcp
US 172.67.199.186:443 privacy.gatekeeperconsent.com udp
US 172.67.199.186:443 privacy.gatekeeperconsent.com udp
US 104.26.3.173:443 www.mediafiredls.com tcp
US 172.67.199.186:443 privacy.gatekeeperconsent.com udp
IE 63.33.74.9:443 bcp.crwdcntrl.net tcp
IE 18.203.86.130:443 ad.crwdcntrl.net tcp
AT 13.32.110.126:443 tags.crwdcntrl.net tcp
US 104.21.63.106:443 www.ezojs.com tcp
FR 15.188.219.54:443 g.ezoic.net tcp
US 104.21.87.79:443 bshr.ezodn.com tcp
US 104.21.87.79:443 bshr.ezodn.com tcp
US 104.21.87.79:443 bshr.ezodn.com tcp
US 104.16.52.110:443 cdn.otnolatrnup.com udp
US 104.21.87.79:443 bshr.ezodn.com udp
US 199.91.155.79:443 download2338.mediafire.com tcp
US 199.91.155.79:443 download2338.mediafire.com tcp
US 199.91.155.79:443 download2338.mediafire.com tcp
US 104.16.52.110:80 cdn.otnolatrnup.com tcp
US 104.16.52.110:80 cdn.otnolatrnup.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net tcp
US 104.16.52.110:80 cdn.otnolatrnup.com tcp
AT 3.161.119.38:443 woreppercomming.com tcp
US 104.21.87.79:443 bshr.ezodn.com tcp
GB 142.250.200.34:443 securepubads.g.doubleclick.net udp
US 104.21.87.79:443 bshr.ezodn.com udp
GB 172.217.169.34:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 38.119.161.3.in-addr.arpa udp
US 172.67.174.4:443 www.ovardu.com tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
RU 147.45.47.64:11837 tcp
NL 194.26.232.43:20746 tcp
US 8.8.8.8:53 cxcs.microsoft.net udp
NL 23.62.61.97:443 www.bing.com tcp
BE 104.68.66.114:443 cxcs.microsoft.net tcp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com tcp
US 8.8.8.8:53 virustotal.com udp
US 216.239.36.21:443 virustotal.com tcp
US 216.239.36.21:443 virustotal.com tcp
US 74.125.34.46:443 www.virustotal.com tcp
US 8.8.8.8:53 www.recaptcha.net udp
GB 142.250.187.227:443 recaptcha.net tcp
US 216.239.32.36:443 region1.google-analytics.com tcp
GB 142.250.187.227:443 recaptcha.net udp
US 74.125.34.46:443 www.virustotal.com tcp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 216.239.32.36:443 region1.google-analytics.com udp
GB 142.250.187.227:443 recaptcha.net udp
GB 142.250.187.196:443 www.google.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.3:443 beacons.gvt2.com tcp
GB 172.217.169.3:443 beacons.gvt2.com udp
US 216.239.32.36:443 region1.google-analytics.com udp
GB 2.18.66.57:443 tcp
US 20.189.173.2:443 browser.pipe.aria.microsoft.com tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 r.bing.com udp
NL 23.62.61.194:443 r.bing.com tcp
NL 23.62.61.194:443 r.bing.com tcp
NL 23.62.61.194:443 r.bing.com tcp
NL 23.62.61.194:443 r.bing.com tcp
NL 23.62.61.194:443 r.bing.com tcp
NL 23.62.61.194:443 r.bing.com tcp
US 52.108.8.254:443 wac-ring.msedge.net tcp
US 13.107.246.64:443 fp-afd-nocache.azureedge.net tcp
GB 20.108.172.194:443 7481ff9e37b5e0f782f45899c57a98a7.azr.footprintdns.com tcp
US 8.8.8.8:53 194.172.108.20.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 85351763b25d3b1ea43a699d08fc6b32
SHA1 04812e76c76f4a34d67741c40b02b164876da59f
SHA256 fbd3418f157f1506c799bc10e625865bab1009f2bdc220425a06556cf89635a4
SHA512 45fe267414e11e1c137426654940991e354fabfd55106f981ae9048a6e970a63ac34b46af1681e41966c502481188a5d4a1a0215ceaac95a736d7f3d0bdb832d

\??\pipe\crashpad_2744_SGSZOHTDPFQGZOKE

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d2f5f983f5004a9511258ee12a5eeac6
SHA1 c944c1e44c8071d57d87191b81176ab2282ac784
SHA256 55c458ba55ee0fe7c9ab7884f60ad633534a23c9847d68c057ea20e10caff0e8
SHA512 a89b5186a9083058b6e8bbaa17873d976ea2a4a1c86274c6530132075787b04445e67d000f6eb18bcdd024fdbdf751215c60c518df2c4be6df78a5b7825f02d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 42eda51fd8467a4ebe1b0a7faf3a97e8
SHA1 073a3b1075ad8d10fe4681e86643bddb41323ce4
SHA256 b4d44f4eefb850785f85fb87cf16408596babd9e9fe540debd034edd88e9c666
SHA512 63653b412a8cf69726591367258006e6a6554dbd08e7eb61440932a575955774f907d3b532706ff5bc3df6f8fa62d7a982601a9c1712647b2cd1a13cbe8b110f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 20e42c0016b29223b9be87f417d253fd
SHA1 6e63bc1aa92643e278c9ad0a5a7c7dac8b414f3e
SHA256 494fd60b37f89f516bcafee5395d5bc936648fd995b6f2bf0cfc2fb3f167990e
SHA512 cd3dcb9bb0a307311c3c89afb5e22fb492bafa248c1e67e4b6c281a147bbd70671fc9d2c7a33652936febc964c4eb4b6a83abb151b613ee8abcc2d0d8850dd3c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 00f5c4a9a141cc379bc9a130bebdc3a8
SHA1 0effb629afca971619e6dd31c10e6c33f4fc39cb
SHA256 9bb958b97dafec04a3d58740e47a6cb7749791128234a3cb758d08ed3a557572
SHA512 c8c4e44a5db48076f1bc51dd9aa4b7ab0cb26b9f58d26c8b9aa91afccd7ca76f4863f7416a9b85eb2ca6508ec5240f38a9a2f940907a359ed8b0957632568135

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 cffcf4ecd97c48f0854280a1fda445dc
SHA1 659368f8569183bf1d568320f45e4347172e1cd6
SHA256 dc41ce73e74ae1dbffca428d9e6396e6da03cefcde4f95f96a1b722f36dfa9d2
SHA512 2212ed0582d753402da9c937da190af91edf4c412eecbde913658d0388baf346686381516ef24985d825709d03aaf55815c951e0e15a2e455e328359446f102e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f251090c4c9d4b084257e2fc161b1dc5
SHA1 f7a7ff2fdf889ade392667da16ca429389e8b93e
SHA256 3d772e26d4b4d3a6705a542ed371605133a3e9063704e2d96ffa081afd693d2e
SHA512 4037fb98516bdabf7b4b0a2d99774f3f656fea16f1f0cf85b958e31d1a5c65febbc17c2fbb981418a17eea024a6a397e0b73451bd9b2868e400a9e1a0d505584

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d13fb4cb3266c3815c31e588f0973e06
SHA1 ac389f6822af27edf85af3785b372d07601e4ab9
SHA256 27c9a05256a3234d56c974d5ce8ad62a8797c82fde02bb8e403369c773d51267
SHA512 040b3ae0873b4fdeeeb4d054e2154f2a17b96d55764c4a0ab26a6381c99b3be6d903a988d27b3a4d2e9a1c8c8dd16e7330e126d5d32772091eca237b5384fd94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 2dad18a2850486b8a9e0300ea3c8146d
SHA1 f1f5011d224317b2472724a34484d087154076ad
SHA256 6c1f5d45b5eef80891d2fa8ca5d2ee5aba365f8248463808ce3d67db8ceaa1da
SHA512 82ece41627450df1663cdc7239871c27f981160a6b7150e17fe6ac56732bf3df7d875c8ee4c274aa151ccbf9ff2861a892d6dc1a94041e347fbaec4a6ac2ab2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57e9d3.TMP

MD5 d8d193dfae9d86a62bf4e2a8bf9a2426
SHA1 941b4e22960c1b7a60a6513b5cbd80eb46ff0c54
SHA256 9d4a5556cb8e64a237d13bd628b54f540b0a2315ce9c9f5220c51dc6f926f5a1
SHA512 6582ad38a94e1c32ac82516686813e34e91ecfcab99c3d409459d91e716a378ad99bd70098c896ee1419459d0f932bd623ca6d7d0fafda8b4305d048e4657c42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 515a80f04a3e1d8c949d8a6b9cb7b79d
SHA1 63af5d92b9713323362bd6529a94fe2095e59734
SHA256 9b0cabb77c7ed8107facfc53bad7873ea8ab56278d4fad037f410f2375a96ca2
SHA512 60cea1ba3b96520f4adac9081a3ea1fedd785155df4953099c517f25428a256dcfcb50611c5f774fa9851237c0a50a980d7416214968b5653a8dbc87d2991000

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0320b2030fb8aa9e87c877e4e7d29ae4
SHA1 b5530ad9185adbaa5080bbcf2fcf4bbf724c97fa
SHA256 c45127966d56587cfb03b030a84f1f06e63d14a795f74adb501f1c81c4387942
SHA512 ec1a0ae9b7fc78fa743f39eb99f80fdf6580ab2aeeb8cecbf5347a9827c132bd64bc53ebf165a4e884dd37bfe44ce630c1630afb78be4c70bcf899e1e4cfba1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c2387d413e71ee6c8d958de80d0e42be
SHA1 724c7158d2f01051c87a27d2de4fab9f13e11f5d
SHA256 2fe5b5fa99da242551e1952546601e4c4475bf6025db784429010da03756a1c5
SHA512 5edb4241220bcfd4380911522b56544f0d83191df60bbac804c46dcaa2404c635b95b89bc9820323be3ebf21805ba9bb4d03759ccef34e7985e0f3a6e755ad32

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 84d059b7eb7aabc30aa0d85b0ccdfebc
SHA1 4be5e7eaadb321685f9f878c586a644294e0e23a
SHA256 e84cee55dd11d44ddffb46ea0e0fc54ef66162040443e1339573b795842afa52
SHA512 811d563d37bc44f2984bbe78ea3ba4bf9a033e1fec8e98d539712d1b14c4a37d4b9512dc5a34bb80d0b90fac9876401c51084b14aa1b63390510ad12fa12cd3d

C:\Users\Admin\Downloads\RobloxCheat.zip:Zone.Identifier

MD5 fbccf14d504b7b2dbcb5a5bda75bd93b
SHA1 d59fc84cdd5217c6cf74785703655f78da6b582b
SHA256 eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913
SHA512 aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 717fe68b3c1706cf4f8de586a54f6950
SHA1 27daab2702060b383893104ac4e9446e7ce0f963
SHA256 47c8c5fb051f08e375630a9108c747df1d55e5eec347e69967c298c8261a7a34
SHA512 abdf4f94564ca68fc2c5093ad2185564ef72bae2a0d6a6ae51b79544e1f8a5d6b863228a6c3a4cfe71d6c3882c7872e3b1ac5adadb1c0c08eb85ec24b2f99abe

C:\Users\Admin\Downloads\RobloxCheat.zip

MD5 5cfa8cca3c97d387dff9a34a00cf6940
SHA1 9836498f7f964ac87b9d3e6139bcd6bc95f77073
SHA256 a5e02eb08c927b425b25b0936f97ca18cfb6f45bd13d6642d1f7912017d11feb
SHA512 837502230ccdf2762c59e127a4ec0ef5c84aafc3538e130b77852e00b539d22623def4b825763da4192ef6e361aa07f2a66423253e69ab1eb348afdb94824060

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 ef54da8e3067ab29f51e260779eb769e
SHA1 7f71604b2b31a28ecd6fe3bb637af287feda4c72
SHA256 a155f32c8ca54928c8f532338b5ac78690a2ac6e9c70481cc016ba1470b3fe1e
SHA512 bc4958ab0e1a0593dfc7abdb50fd35b0f63750a9a3a55d0d6ce4b3dd4603f9df2ea49885988ea51f45e1e08d6054cbae052c488f87bb9fc2af8edd3a753cb59d

C:\Users\Admin\Downloads\RobloxCheat\SoftWare(1).exe

MD5 45a0b3b9f7c4b8ef9fb59e85d9d097aa
SHA1 0b09d3fa3019d85ea92abec3a13bf0ecf29c77a7
SHA256 5ac73044db6c161cac76ae4aa475ae38cf2bf0615f3dbb0447063950ad8ff8b5
SHA512 d9ab53a34c30b292896918390b84753f029ad12cfe3801b6125ebfb3f330a60ed2309241393d07a978340ff18a0ff6036a32c5f86363fcbacb439155378b5f6c

memory/688-456-0x0000000000820000-0x0000000000821000-memory.dmp

memory/688-457-0x0000000000820000-0x0000000000821000-memory.dmp

memory/2816-458-0x0000000000400000-0x000000000044A000-memory.dmp

memory/688-459-0x0000000000820000-0x0000000000821000-memory.dmp

memory/2816-460-0x0000000074F4E000-0x0000000074F4F000-memory.dmp

memory/2816-461-0x0000000005CA0000-0x0000000006246000-memory.dmp

memory/2816-462-0x00000000055B0000-0x0000000005642000-memory.dmp

memory/2816-463-0x00000000055A0000-0x00000000055AA000-memory.dmp

memory/2816-464-0x0000000006BF0000-0x0000000007208000-memory.dmp

memory/2816-465-0x0000000006720000-0x000000000682A000-memory.dmp

memory/2816-466-0x0000000006650000-0x0000000006662000-memory.dmp

memory/2816-467-0x00000000066B0000-0x00000000066EC000-memory.dmp

memory/2816-468-0x0000000006830000-0x000000000687C000-memory.dmp

memory/2816-469-0x00000000069B0000-0x0000000006A16000-memory.dmp

memory/2816-470-0x0000000007310000-0x0000000007386000-memory.dmp

memory/2816-471-0x0000000006B40000-0x0000000006B5E000-memory.dmp

memory/2816-473-0x0000000008850000-0x0000000008A12000-memory.dmp

memory/2816-474-0x0000000008F50000-0x000000000947C000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

MD5 9df3444b117bc43dd6e3647359b86ae2
SHA1 69967b44c5f48d5cf168d07bd712acfdefec8770
SHA256 cfa1c0ce65889ddb4a7f0940a2a700711d3c5fd4ef04bbf6f742d09f43de76b7
SHA512 c233b0bbd8949398090d3c84f6f14715b41251583c75ec448dae5f1130db1d382f927756536025d0f0f04dc89b5fa1e72f08205da4107dba32c7f63ea65911b3

C:\Users\Admin\Downloads\RobloxCheat\SoftWare(2).exe

MD5 1c2f46da48f603d559070181e02950cc
SHA1 e76947a7e2c73e6f4a00662076b1878db8330669
SHA256 361e74dedd65309149b8bc6e2e97773b6561ca368ac4c4ff0a6b762e58f4c3e5
SHA512 d3871a649909ae296bfa4d79b349d318cd57ad335b0e51e4fd5c76806d8768d21d8cc67ef8a875fd6c3119e320d02424ab32773a27e711132e2d1522c43ffd8d

memory/2484-482-0x0000000000AF0000-0x0000000000B64000-memory.dmp

C:\Users\Admin\AppData\Roaming\d3d9.dll

MD5 752dcd2a546ec0913dd6a3729d5f7fc8
SHA1 22fe595858776dc9a84e53525440bebd5f8b038c
SHA256 b8b26014f02d06e737a5d02f98d22b54c4f3301534bdbb861cf4dd992bf5b1d5
SHA512 cab53b4349962e44d51782cbcec80dfcb8124aaa05d421818b182f3fce824ec26a097a79cbcbd627b4cddfd3cb158624fd9ae5757683ce6a3bb382c791f9f06b

memory/72-489-0x0000000000400000-0x0000000000452000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\Tmp7725.tmp

MD5 1420d30f964eac2c85b2ccfe968eebce
SHA1 bdf9a6876578a3e38079c4f8cf5d6c79687ad750
SHA256 f3327793e3fd1f3f9a93f58d033ed89ce832443e2695beca9f2b04adba049ed9
SHA512 6fcb6ce148e1e246d6805502d4914595957061946751656567a5013d96033dd1769a22a87c45821e7542cde533450e41182cee898cd2ccf911c91bc4822371a8

memory/72-507-0x0000000006900000-0x000000000694C000-memory.dmp

memory/72-510-0x0000000007540000-0x0000000007590000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics-active.pma

MD5 c806c4473f82ec409d0d01281513adc3
SHA1 a2a0d2dea8fb5429c8eb339d7504936db8b7ed95
SHA256 92cd61a571d3eb9dbff4319c293faf68a9a0960bd7efac19cd413df10d0b325a
SHA512 febbaad04eaa215c13f624905fa79c93f04057432895a67e93a41343fcbd02da3424713c62b068429d75a6833981c54f1dfa2df81d9d5ec891ab40fdd5bb2895

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a221ba85a099cd1c9cd8faf691848990
SHA1 6fd753d830a866466e1e67a84d36b071cb213714
SHA256 f105c56ad14ccd2eab3d7df620fb07a4a6537e028d28ba4e5a6c7e657ce358eb
SHA512 32c313a1831207b095565410a9654d15c27450a727cda58ebf1940e27aa9baf8f7437286915635ecc8f6b0e404d9a902debd7411a97d5d0d5c3bfeb2e09f1604

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 009b9a2ee7afbf6dd0b9617fc8f8ecba
SHA1 c97ed0652e731fc412e3b7bdfca2994b7cc206a7
SHA256 de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915
SHA512 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 bd8399e5deabd4848a5855c97c8659b0
SHA1 eff2a1279da31980f79d14d1f915dee0e0e94bca
SHA256 3c4a1be964d7a48d510d26f5139e856f2c350de7227b933a6e9472f2e4d027b3
SHA512 4bf345c17cf2826686130cf0b7ba7c6ba384ad7f39c4b2a2b843620993b83960e8451120c3a3d525ecf2f98fc4eb9d0e0de510b0f6bdf18526c00121a059aba7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 ffc76066cf13ee42ad105e0a5055ddff
SHA1 da7fbeef596f0a4794144fbb53cf04445d2cef9d
SHA256 6c854003bb394f14b8018ab8ed65112cc05d9e4c0a604b973ac2656a32e45c16
SHA512 710285129f30f3a4dcab8b09327bb9c78839e9ef1ee14a66b555edd24190b7b5aba10dc9b92e0e744764804385992cf880ecec923cc488bb1380ad06cc64f5c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 616c1973b45ab0caa0d73f9b607056e3
SHA1 c04f0e9092d42d6daf7705674708dc27ec1c2daf
SHA256 5fabae6da87e6e43179198700e41fdf9a4b15fcc23de7741c75462d5d96140b1
SHA512 59728e7eb97e250c6f7a4b5e0440d3e53943b8928f75933843fa8dc7d49bbfd3deb8c87271c56023aacf10af765e77866f7d5c064948391af69c5aea3901ae0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 e37ff0d4416a8481f3aeb89420492e16
SHA1 06f80ba46de90e82bcf70554085c4a0fd3ae7e3f
SHA256 b1557195bd8756b03e934fd9c844925fab35abc621688ca41cdd9040d5cf1d1d
SHA512 bb5cb5261d2aebed208b70e192cfdd792159d483344e2cb6291d06888c6aee9a69e85ee89f1e77751df771fc5c02106e1cd4649252082d3c0def5fb55850c1dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 0bed0ce2e43ffc999880634c5c029115
SHA1 00fc8d181fd50f1d16ea275d3db7e784a7f879fa
SHA256 6f7ef2c1e63593b6356b042954ba14113e45c3c24d9804fe4a201b1a9edd8bf9
SHA512 99a3b57c8875f1a79a14ae29b31a5394a58d1e1cbf6bc3029d57badebea45a83612f97351001e0545384d2d74672da3f422876fc3ec648d68b9692de88e2b429

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 6d7ab6ba440b21cdb7cdce9fb799cc9d
SHA1 0736a6401f434fe263267cade65f674e07f6b4fb
SHA256 87e6ef2c93a1b4d36d3677e09e481eb63d1e506ee39cd290d32284b55d7021be
SHA512 87308d6422a3785872f275ec36ffb5afc2370e38655d3f36ea4eaf1a9e2946c5f9095fd9842d7eacda090c198100cf278a3b64bb5f6cb34b312ae8689ba22a4c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 4947987831bf03f78a44e7b3328eec66
SHA1 6894b118c693744cb326673c7a9f3aee6fd5430a
SHA256 feaa8eca71ae4230e3d7d0e87b9852285cdfe0c78cee5cfee04406b3c6e7ae3c
SHA512 5d6804104992248a237bd6d062b2be83a510a793b817802880cb6161084a4fc34c0fa0a6a8e8ab3ec3d5b0ec98fde012cd71ee5e39075167246aa72bd362c3b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 06700125f8b3da787df060e4f81c2095
SHA1 8c6b18e808368d51cdcd91344829c9f491736a1e
SHA256 2f8b7804c3bd4100ccbe650a2b2421880836c85c2ccb3dcc92bb0b375c24bd76
SHA512 628cd5f70ba1a1feecace21f9371b05039615e41ba13426651d609c28ed10b48be5059415d05fbc39058e3c2f3a57c236ce07fffeb4dc097458ec5b567c96062

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 a0fe23f5cf1b858b4ae95ddfdb03cf93
SHA1 6e47b52bb0d8f21521fc120c9ba074bde2ad8ccf
SHA256 1533aced32926c29d1ec3c3eb6f71a8d42243f55a4ada190431182cfb43733e0
SHA512 b64bfe47f84aeada4af38501358ccbf1f45fea71883cbaeec0fcde2e1a3ed7a9b8260ae8fa4b9a5501fb86f055d81c275c212d4446a09247dee967c36cb11475

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 6b864f27fb9b007ada4f575edd525ab4
SHA1 4861d60b79a7569a02335232a4a721ac3bd7c54b
SHA256 02f8bd29ae254b5122e920c53f13175844a186e0ced3e8cd417d09f5837f27f8
SHA512 69c0a05d473593fe80db1281b41aaf87aa8c09c23e835c3788e0d153434e8c60dcf1d39bad65380c28b416462e46c3c4e514d40f2cbc2ff92a46a6f5fc4d3920

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 d32e36e9b1024ec2467edd585638da0e
SHA1 8defcc5e5a34a37b5c60ea9fa0c79d81361e038b
SHA256 e5867fbba21bc439860430837f2297cc6b91fbfb2df73023e8fafd538ee6ae13
SHA512 4c5a9cde0673126158af5ce7ca98fe69734584d64bb81028d9e225e8c65023b7698d40ac31cd27561bd528f60d8acf59e48d5038fcae3dad475b954ce8257b6b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 be4576d86b310308718b014834f5831a
SHA1 bfd90a0ee5feb66d0e50c906f2f955a4a24eb4ef
SHA256 e3ab38217a28f40bfe948a218d9e5e77baaf44a19b0bfdb87c787162fef31dee
SHA512 80f27a36a560dccdd4aa4fa7101a2051a35c378de15b22e957937b8e1a55fb56595bca786598ddcc126fc7f3f13019c76475c5ed0f081f303c208139820c4f41

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 156f2c895a9e8e2b58c99c65b3cde515
SHA1 d2178ab957070c4bda9c8fc0b136860f1db4d796
SHA256 666adeec98193f889cd602c1475d0c82896fe9b6c0a59b24da6fde8da92e036e
SHA512 440fd7e19023727d67a2dd0543c28606bc3f547ff4abf60193026433be15b616f7cbfe3876fc1fc0bfa4340b5dd0d7647668c2960963e46cfad5dda420becb1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 de0f0d7974c5803c90dc4afbe8223ef5
SHA1 ee1af9ea76d48fc1f55ca61b0bf8ada2c2a837f8
SHA256 fea971bc7aa825cc665e84826ae470cd89517404e346adec5fbc0f6ef84d1e2b
SHA512 b50c2a111018a471a8b8920087e6b2c4608deced3f9381f8608204562b23499365bbfe724ba2fcc859e000b1a243e2689dd4e49f5ea4dfdd872ad665b926fab7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 87e8230a9ca3f0c5ccfa56f70276e2f2
SHA1 eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7
SHA256 e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9
SHA512 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 840b59a1cbb6c0b6f6292574d120017b
SHA1 4bac6bd601e40529a1bc586d5e3b5881acd3807e
SHA256 f228b83665b7bf728b44d5ff0e78f8e873eceb6a7b0f20d33484414c2e483d46
SHA512 d0922e9cd0cbfdc3613366afcd09279bb005a504caf30bf10747c27114d050bf0bccf09a16f4cf9b22b32ebe477e7b05588378e45071b76e548d62cf0356b298

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 660c3b546f2a131de50b69b91f26c636
SHA1 70f80e7f10e1dd9180efe191ce92d28296ec9035
SHA256 fd91362b7111a0dcc85ef6bd9bc776881c7428f8631d5a32725711dce678bff9
SHA512 6be1e881fbb4a112440883aecb232c1afc28d0f247276ef3285b17b925ea0a5d3bac8eac6db906fc6ac64a4192dd740f5743ba62ba36d8204ff3e8669b123db2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 cda10c5dec516032951f718d0974d9bb
SHA1 300ce860ba7aa1f31a5283178007f8256cb29f3e
SHA256 fa455ac4a0f6fe33d6e0bd176eb9f9c814763b0957b5f18129caaa0809e0360e
SHA512 ca986c383b8532a8f5cb4d2a6cf5e55100b4caebe2c286a50188a14cd6c9a1658afedc0d9fc2b4a3e247127746ac320d608cd408babd1bd9c133985b567bb3ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 98dad24ab1644390bb32966a677a2511
SHA1 83f71e99c69bf02736d80adcd052fee10ca7b5ff
SHA256 323fbd72c9aa0155278ad1cf46dbead90a29dd48b74b38ee764f08f3c261ad48
SHA512 968b6b111458898d3f44e3209d5430c4c381bbdbb5b35c23e544f9b1c65c044f41d7d7f294e4d36a3f7710fd4f108a0792a2af0cbf52bfbf80633485cf025420

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 f998b8f6765b4c57936ada0bb2eb4a5a
SHA1 13fb29dc0968838653b8414a125c124023c001df
SHA256 374db366966d7b48782f352c78a0b3670ffec33ed046d931415034d6f93dcfef
SHA512 d340ae61467332f99e4606ef022ff71c9495b9d138a40cc7c58b3206be0d080b25f4e877a811a55f4320db9a7f52e39f88f1aa426ba79fc5e78fc73dacf8c716

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 015c126a3520c9a8f6a27979d0266e96
SHA1 2acf956561d44434a6d84204670cf849d3215d5f
SHA256 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa
SHA512 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 f785f43e3293564019ebb6507960fb45
SHA1 100e4100693e84097f1e441e0aeac030af0d6e6d
SHA256 e3321c1359990e75f29b8676c449719fae1b545d89506cca3c280de1ed5b2736
SHA512 d4d30c850657f9e5fea15d3f81cdf816ae5908f7678a91eb571cf9d95443f18517bfb2c4bb78cbc19196e65a5a01df52b35ada444f5450d5222d05e8aa3f7021

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 947b7b96c830b83cc2f06bb27f4be73f
SHA1 a221e5919af446393acc428b9a781b413f7776ea
SHA256 82cbfb11944684c9199402b1eacc05984d105c872517082ba25b2c74ec0e4944
SHA512 b2e3eed0274b1a7689b6a7a94778e7534f121c94d50a43e8bada832be5785e3ad1dcf8f150750485dd323a1d64a609880d2d19bd0867312a25bdbfd1e9347d91

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 79cbf5b6645638246cb94c0fe4b59bc7
SHA1 7edc0b05ee0d9e945f74742e46c20cc83de2b3ee
SHA256 2dc8cb2fe5802944f5a378daa649ccaee14ce3025b76447824c75eb26fa78936
SHA512 9e7a5efa1a0d6ceebae3db6c90b2c0bf59162fbe6dce5b7695dc46636fb7bc631dacea71c5e4cd8c1192a610a23ce4d8e154eb26c9423917bf69a056ec640dd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 d989f35706c62ce4a5c561586c55566e
SHA1 d32e7958e5765609bf08dcdefd0b2c2a8714ce34
SHA256 375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716
SHA512 84b9347471279e53ec5f151caf47fd125b9c137d4bf550a873c8f46e269098ea5e2882b1dc1fe3b44095308df78f56d53674928f44a1e76d3bd7dc9d888d91dd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 6e2df673cf4661a6709df74b340a712e
SHA1 78951ef50dd7d443f8480af8c8cbe8f2a00aba5e
SHA256 5adbc8850a787767d3726dc34e3cc71f4d91382f2392a34ca9c97f7aa411f182
SHA512 8ac2e49e092f03ede6cedb19418c4654b12449bfc4b34d4ef1009f74b171f4ff244f0fa0b4999e99b257eef2c8337e8e87b1a803030c986da3f3a3b198f51fdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 6a745483628de9f879c5e04eba285b7d
SHA1 d149541264fb316d88b939de39436eea0f78cab1
SHA256 569f981bb2e1382943be8dcb3330ee418c64934d32ecf0780536c49ee6119ad3
SHA512 1dd0b6684b733248be825d5ab6a682786317568bbb25438a21aa4236111245c118120dac1be0c7aa1bf9c3a112ee9f04403d21f4fb772683390ca0302649c8ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 98531979a7b2db436e70536c654b6767
SHA1 8471a6bef1095c8e5f4328e2a0bb6a9e8b0c82c9
SHA256 dd9d02f271cae3c50360e9fcf82d244b16df7b164d3e313284580e6e14d9ca80
SHA512 b39dfed7ac19fba167d599fa452e3958028371450ccbde90cb4a14017003ed3675c978ab0ee5b7da0fd013c4c08d45e7c5a1d7d6e0a349cb0e59a32beffd1fe3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 5fe006329fea3bc9a579c255e647e849
SHA1 833a93bb46cbe782fc6e8268d9bf9954e7e91b36
SHA256 b4f29b93ac0a1a4cdc3f733bcb4102c2447f20298fddc094d4c96764206b8678
SHA512 cc9cfc60a8b66e1517a637c12f610199cdcd85829be86524f0f87834f1fabdf179fa101d20cf9309cf52702fee00a913662384d10f5c26096ae27933415fedf6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 18dcbd63eb28e25395fc659981b4a199
SHA1 86de017e4d488ff17e5dc690c9eda83a2abcd8ce
SHA256 99ed6f915575ba7fc803f67c77b7400a554e2b8378693652cc90c9cffa08c853
SHA512 4057d37598a9ae8acf47deb7d519793ef7931572d55c291cddad5a2b7c8340cb27528866d98f1140108785db31899a64a03c91488413295627bc861eff1e191d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

MD5 4a9e7ba806daf3276f0e056e2584a5a1
SHA1 2251317cd64d3c426de6ba0770c05dd5223ebe33
SHA256 dee36273e34b798edc7ffa038c4c3edd4cd64cd601cc77fd42628a09dba9c3e6
SHA512 72f8027a54a7f594dc0548358e442b8a5cc03ab2623af8d4183e7822c4abe6a0baed62a64721a3010503aee87b3cc472f1482442eb8356d3387fccbec24b4a44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

MD5 a22a7fe39fa95aa889f2b6fd55af09be
SHA1 46c0f2fcd146cbe773a8bcdf4827692166de5639
SHA256 abfeb3882ffd1b50530cc033509b6920c6ff5129181a1b80126cf155349a89a0
SHA512 f1c8a1265d4290bac25e96a4f50f7490d1a526ddfc3af03a9b25e05eb5dd8b74adf4f4d94aac20d463e9eb29d877667723dd7c31f4235eeef54f66ab2414376a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 0890adf407517eb158091efe3d60c927
SHA1 eb8fd61b6eb7b1e34868b50c6b13a0521fe8ddff
SHA256 537eafc470f948968851ef5e3929703188aaee13357d4df4f49f95b23ea8b53d
SHA512 6a4456c1cf88a8fefd8577161083e856827af3e7413da986458751716cd920325d3b14112f48a7213c3731b09f3c5b128487456fc5ff1e5cae2d269a286222e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2e52659f14ba4ed44679155cf3063292
SHA1 0713bd3699851751168b71a64253aebc0abdc742
SHA256 a31aa795f457d498b8c856c09c70fbc2107e77b98642a84096938ca8a065a579
SHA512 a77bf1bbf5c2c78085b6ed4e292c6627745a29af29936774aabf26eea2913a1ad096450d58a66e5ab67eb8d8d4d44af8d1bb254d57b6b8e47c9800b7dc3d1db2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a45f421a76a93eb00d89ee4675a27d24
SHA1 ed57101ec77453e47f53b77f54fb1c19d556f116
SHA256 3b2a75398fc9331c7c7bf5cb82f6fd2350a00e94bc0a3b0ffd3635aeb60b4e7c
SHA512 250008d65f41244c02244611ca6c4505338e8978f56c5a07d3b2f635ee15aef59a936cac360236a115183846c96a679fd909bdd19ebb0caa61e966c7b5f9b6ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 af0e757a50df14ef12e92e8d136a4cd1
SHA1 df386b4f39a020e875d498ab78c9eff8cc970d03
SHA256 14a3fe27494c5d44b8b1926b102a639c3612475ff94fe1dc71e182fe20097b89
SHA512 4004e6db74dd7303e7844bd4aa8202fb273337910f238f02713251ac06f4f033a06a6fdd39bb10eb72b034bebaa11e5572a2dccdbeef89c0adc43e4ffc8cea24

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 3644fa185f96d38ae927ecd42f629444
SHA1 dcae9aa025a3ad5999aa86a41eb6699a95472d13
SHA256 588aed95d5697719d30aea7060935cfb46c850d619d1957f320c3e89461bf0a9
SHA512 db6498616ac118be173362d5db3c6edc1f303e48ea3f89f76727ce736f6b7cdd27370f06fae0e1631e0c2c9e643a52cf7729b189989d2f3d83043d6f22dc0320

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 993afde012824678362c96f4fc1f1e9c
SHA1 246a12a63a751ce625503fcc725f71aa72045eb3
SHA256 4ecaf5723ddca6dc0462a0c6450cf752644b984923af86943faf3498771c79e5
SHA512 f81155781df1dd09133fc5ed5bec8ef8278e994870f6972bc83ad28724836af04032519d04fec47818503f220ac9c4f2ad73fbd85fd103295b6de2fee7166676

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1e5d1f8dd3936b472e96ecd1dd7e7a82
SHA1 3017e6852e69e3f9b43cef2d2d2ffff135808b3d
SHA256 6e671420126afae6e88e4c82f4d25851e53c79a156042c9ac2ab7007e5837513
SHA512 48e35f794d09a767052910832d3bf28643835592bb4965d14e8a642d72376fa5be62b3ed90bdf9bbc17ab2bff2face55c149d8f7a06003fe213f2640e98cdc2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 77eda32b9bed41d49fae68891ebbde84
SHA1 a79465db66fad5a50b72eff025d31db24711ec79
SHA256 319780d30f37de70c94e75802b2cf7d59144cc9b34b6cec78eea1827ba5ddf2a
SHA512 ff5cf88f25ea0e383ededbdc209d411cf06c72027fb3787bb9a1a088c44b132e186b6b9c7cb60c7efb090e127fa41424cebc58a7838bda700d325e986091e494

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5b6bf5.TMP

MD5 2dabe83e6558a6d0699667dd3a1ea34d
SHA1 e62fe4fa4a131062b0a721380674119a8fdca040
SHA256 88b10619fd1be46cfe6ce1c7a41e8c4ae2e2014aca3e5cd264392444d55c26f6
SHA512 71b1a3e2407b812ac9061520d4f11494759b2cbb893d2d592e43cf2863d9678f901b91a74b8f9723ea04c32c4386a49f450a75f0c3438aa71a44f8339d6f82f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 bbd768af28f7eec9d4728964d79d7144
SHA1 304b7c899276b53cf967f0660c20ab204e8f864c
SHA256 edb5700e0c92d8589ddb4c90fcbeaaa47127c4dfe74b75d13d1c8affae56a56e
SHA512 5751974292d6678c25157b1c1a8bab7eb789c9c2d8b5ff60a0e55e1d3b80a4506a067a0a8d7f3686f9b9c20dff14598d0f2edf0fed7a6f4a393243fb7dfe917e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

MD5 1fc15b901524b92722f9ff863f892a2b
SHA1 cfd0a92d2c92614684524739630a35750c0103ec
SHA256 da9a1e371b04099955c3a322baee3aeee1962c8b8dabe559703a7c2699968ef4
SHA512 5cdc691e1be0d28c30819c0245b292d914f0a5beaed3f4fc42ac67ba22834808d66a0bfc663d625274631957c9b7760ada4088309b5941786c794edad1329c75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 087fe108f276dc2250bb968aba369077
SHA1 e3847359bd0af543fde280c096fb6f22c860fdec
SHA256 4f53dd2f5567cee0e97810ea63f55959afbd6285be29c1602a6e1af25637a057
SHA512 c2a15af9f1119053a9faa8cd231b43989108b78932c8cae8a312fc4368d898c9ef81b66fbf377a85a56a6b88253064e672414e90451d27f0ae8061cc27d3f3f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 557de6c0418080ede9fe51705cd2ae6e
SHA1 ef734608489b01282f6eb6392cc71b8b8a56f85a
SHA256 28fc27ac9c15d7e52064b8c43509280bb4b13667c1e2a28325ee87ed9da894e3
SHA512 26446c69501009b30e4a3e922f8e82fb4fa22fda54ce3e8cd2a5b4f2bd0ea27d0fcc8c2a594fdd77d7df68dc158b508760b9deff3beba7f5f714719d6fc74ca4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 25d00144ba3087e1acd5349d441fbd40
SHA1 64debc339e72295a1a484fe448175397e357fc93
SHA256 81192f504184fe66aed79b85ad51dbb240644d8e2d53b7da1eea95a9b49dc6f5
SHA512 e112c1129b6428725495d1b45c549da5c22423dc019ba76d063147951c2d7617124e39ba57044a297cc0a1ced567c4e0d15e13e430043ba26b063855dd890dc9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7d0c2857f8dcf0f4c28b0690d1c28d15
SHA1 dd61ba2bb4ca42b07ab30963e10fd0ea6e4c6c29
SHA256 21f53743a0ba2b9978aaa14a91e06f5790ef82650bf44bd91ca4f6231c9c9ae9
SHA512 e54b30fdeecc78327b001f203ed3107da7dd80e4bbfe516e111896810d34cb4891f2207867cee9c90c27772b8ede8a8659d4c0dd310e096008567795cb0ab9eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 99c3967b520af2dce74bacf068a0d234
SHA1 e930f674b49cd78a4b02d9e3a99e66ab8505bf2d
SHA256 7612e58bb394131c344e91504c4794c3119544b583979170555ebe9196d555c1
SHA512 47beb52792b3c3b78961e4375ed4b1bc760dd72f3ceae984228427d423c0d9396771f4fc733c1e5f1cf00d4a921aa0b062ed605135b8fd7424d63a008876c174