Analysis Overview
Threat Level: Known bad
The file https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbFY1N2ZWTDlkOXhQYmU1bl91eTBxTVQ0aVRqZ3xBQ3Jtc0tsY0F1eEd4QkFFLWpBZ1RwU3VUdG1MS19qRmxPeXZ6cjZLdlhvYnFhQzBfSnQyR3pIY1h1alZWSURxbWkybzhEQnlULW0yclI2aTNzaDVUcmtDbzZpdUpuNW5EUEZHYVNaMUJiZWFpVmRRaXZNcmJ3bw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2Fikh6skoi11jf8%2FROBLOXCHEAT&v=RBWNRTMZduA was found to be: Known bad.
Malicious Activity Summary
RedLine payload
RedLine
Reads user/profile data of web browsers
Loads dropped DLL
Executes dropped EXE
Accesses cryptocurrency files/wallets, possible credential harvesting
Checks installed software on the system
Suspicious use of SetThreadContext
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Modifies registry class
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
NTFS ADS
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Modifies data under HKEY_USERS
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-21 18:21
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-21 18:21
Reported
2024-05-21 18:28
Platform
win11-20240508-en
Max time kernel
400s
Max time network
405s
Command Line
Signatures
RedLine
RedLine payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\RobloxCheat\SoftWare(1).exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\RobloxCheat\SoftWare(2).exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\RobloxCheat\SoftWare(2).exe | N/A |
Reads user/profile data of web browsers
Accesses cryptocurrency files/wallets, possible credential harvesting
Checks installed software on the system
Suspicious use of SetThreadContext
| Description | Indicator | Process | Target |
| PID 688 set thread context of 2816 | N/A | C:\Users\Admin\Downloads\RobloxCheat\SoftWare(1).exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe |
| PID 2484 set thread context of 72 | N/A | C:\Users\Admin\Downloads\RobloxCheat\SoftWare(2).exe | C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133607893252849475" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1092616257" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "2" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 010000000200000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\LogicalViewMode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\Shell\SniffedFolderType = "Generic" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2\0\NodeSlot = "7" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1\MRUListEx = ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\1 = 3a002e803accbfb42cdb4c42b0297fe99a87c641260001002600efbe11000000e7760a3858a1da0146815e3a58a1da01169be45e58a1da0114000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "48" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{B725F130-47EF-101A-A5F1-02608C9EEBAC}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\Shell\SniffedFolderType = "Generic" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\Shell\SniffedFolderType = "Downloads" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\5\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "4294967295" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\GroupByDirection = "4294967295" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 020000000100000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0000000001000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{885A186E-A440-4ADA-812B-DB871B942259}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\3\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\4\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-1672260578-815027929-964132517-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\2\NodeSlot = "6" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
NTFS ADS
| Description | Indicator | Process | Target |
| File opened for modification | C:\Users\Admin\Downloads\RobloxCheat.zip:Zone.Identifier | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbFY1N2ZWTDlkOXhQYmU1bl91eTBxTVQ0aVRqZ3xBQ3Jtc0tsY0F1eEd4QkFFLWpBZ1RwU3VUdG1MS19qRmxPeXZ6cjZLdlhvYnFhQzBfSnQyR3pIY1h1alZWSURxbWkybzhEQnlULW0yclI2aTNzaDVUcmtDbzZpdUpuNW5EUEZHYVNaMUJiZWFpVmRRaXZNcmJ3bw&q=https%3A%2F%2Fwww.mediafire.com%2Ffolder%2Fikh6skoi11jf8%2FROBLOXCHEAT&v=RBWNRTMZduA
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x104,0x108,0x10c,0x100,0xdc,0x7ffc2d75ab58,0x7ffc2d75ab68,0x7ffc2d75ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1512 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2168 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3000 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3008 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4296 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4156 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3748 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4900 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=3780 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4016 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4664 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4444 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4924 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4688 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5204 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1476 --field-trial-handle=1800,i,16694731094160137555,15665201752246983324,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\Downloads\RobloxCheat\" -spe -an -ai#7zMap12775:84:7zEvent198
C:\Users\Admin\Downloads\RobloxCheat\SoftWare(1).exe
"C:\Users\Admin\Downloads\RobloxCheat\SoftWare(1).exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\RegAsm.exe"
C:\Users\Admin\Downloads\RobloxCheat\SoftWare(2).exe
"C:\Users\Admin\Downloads\RobloxCheat\SoftWare(2).exe"
C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe
"C:\Windows\Microsoft.NET\Framework\v4.0.30319\MSBuild.exe"
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc1b96ab58,0x7ffc1b96ab68,0x7ffc1b96ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2244 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3084 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3120 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4268 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4312 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4564 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4272 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4536 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4416 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4768 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3424 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3208 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4752 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3940 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4140 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2732 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2824 --field-trial-handle=1800,i,6574020222044112304,17676444381311197105,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.212.206:443 | www.youtube.com | tcp |
| GB | 216.58.212.206:443 | www.youtube.com | tcp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | tcp |
| GB | 216.58.212.206:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 206.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 104.16.113.74:443 | static.mediafire.com | tcp |
| US | 104.16.113.74:443 | static.mediafire.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 104.16.113.74:443 | static.mediafire.com | udp |
| AT | 13.32.110.51:443 | cdn.amplitude.com | tcp |
| GB | 163.70.151.21:443 | connect.facebook.net | tcp |
| GB | 142.250.187.238:443 | translate.google.com | tcp |
| GB | 142.250.179.234:443 | content-autofill.googleapis.com | udp |
| US | 54.184.119.250:443 | api.amplitude.com | tcp |
| US | 8.8.8.8:53 | 21.151.70.163.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| GB | 163.70.151.21:443 | connect.facebook.net | udp |
| GB | 142.250.187.202:443 | translate-pa.googleapis.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| BE | 74.125.133.155:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 74.125.133.155:443 | stats.g.doubleclick.net | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| GB | 163.70.151.35:443 | www.facebook.com | tcp |
| BE | 74.125.133.155:443 | stats.g.doubleclick.net | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.179.234:443 | translate-pa.googleapis.com | udp |
| GB | 142.250.187.202:443 | translate-pa.googleapis.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| GB | 142.250.187.238:443 | translate.google.com | udp |
| US | 104.16.80.73:443 | static.cloudflareinsights.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | tcp |
| US | 104.16.52.110:443 | cdn.otnolatrnup.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| US | 104.26.3.173:443 | www.mediafiredls.com | tcp |
| US | 172.67.199.186:443 | privacy.gatekeeperconsent.com | udp |
| IE | 63.33.74.9:443 | bcp.crwdcntrl.net | tcp |
| IE | 18.203.86.130:443 | ad.crwdcntrl.net | tcp |
| AT | 13.32.110.126:443 | tags.crwdcntrl.net | tcp |
| US | 104.21.63.106:443 | www.ezojs.com | tcp |
| FR | 15.188.219.54:443 | g.ezoic.net | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| US | 104.16.52.110:443 | cdn.otnolatrnup.com | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| US | 199.91.155.79:443 | download2338.mediafire.com | tcp |
| US | 199.91.155.79:443 | download2338.mediafire.com | tcp |
| US | 199.91.155.79:443 | download2338.mediafire.com | tcp |
| US | 104.16.52.110:80 | cdn.otnolatrnup.com | tcp |
| US | 104.16.52.110:80 | cdn.otnolatrnup.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| US | 104.16.52.110:80 | cdn.otnolatrnup.com | tcp |
| AT | 3.161.119.38:443 | woreppercomming.com | tcp |
| US | 104.21.87.79:443 | bshr.ezodn.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 104.21.87.79:443 | bshr.ezodn.com | udp |
| GB | 172.217.169.34:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 38.119.161.3.in-addr.arpa | udp |
| US | 172.67.174.4:443 | www.ovardu.com | tcp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| RU | 147.45.47.64:11837 | tcp | |
| NL | 194.26.232.43:20746 | tcp | |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| NL | 23.62.61.97:443 | www.bing.com | tcp |
| BE | 104.68.66.114:443 | cxcs.microsoft.net | tcp |
| US | 8.8.8.8:53 | 97.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | virustotal.com | udp |
| US | 216.239.36.21:443 | virustotal.com | tcp |
| US | 216.239.36.21:443 | virustotal.com | tcp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| GB | 142.250.187.227:443 | recaptcha.net | tcp |
| US | 216.239.32.36:443 | region1.google-analytics.com | tcp |
| GB | 142.250.187.227:443 | recaptcha.net | udp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | udp |
| GB | 142.250.200.42:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 42.200.250.142.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| GB | 142.250.187.227:443 | recaptcha.net | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | tcp |
| GB | 172.217.169.3:443 | beacons.gvt2.com | tcp |
| GB | 172.217.169.3:443 | beacons.gvt2.com | udp |
| US | 216.239.32.36:443 | region1.google-analytics.com | udp |
| GB | 2.18.66.57:443 | tcp | |
| US | 20.189.173.2:443 | browser.pipe.aria.microsoft.com | tcp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| NL | 23.62.61.194:443 | r.bing.com | tcp |
| US | 52.108.8.254:443 | wac-ring.msedge.net | tcp |
| US | 13.107.246.64:443 | fp-afd-nocache.azureedge.net | tcp |
| GB | 20.108.172.194:443 | 7481ff9e37b5e0f782f45899c57a98a7.azr.footprintdns.com | tcp |
| US | 8.8.8.8:53 | 194.172.108.20.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 85351763b25d3b1ea43a699d08fc6b32 |
| SHA1 | 04812e76c76f4a34d67741c40b02b164876da59f |
| SHA256 | fbd3418f157f1506c799bc10e625865bab1009f2bdc220425a06556cf89635a4 |
| SHA512 | 45fe267414e11e1c137426654940991e354fabfd55106f981ae9048a6e970a63ac34b46af1681e41966c502481188a5d4a1a0215ceaac95a736d7f3d0bdb832d |
\??\pipe\crashpad_2744_SGSZOHTDPFQGZOKE
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | d2f5f983f5004a9511258ee12a5eeac6 |
| SHA1 | c944c1e44c8071d57d87191b81176ab2282ac784 |
| SHA256 | 55c458ba55ee0fe7c9ab7884f60ad633534a23c9847d68c057ea20e10caff0e8 |
| SHA512 | a89b5186a9083058b6e8bbaa17873d976ea2a4a1c86274c6530132075787b04445e67d000f6eb18bcdd024fdbdf751215c60c518df2c4be6df78a5b7825f02d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 42eda51fd8467a4ebe1b0a7faf3a97e8 |
| SHA1 | 073a3b1075ad8d10fe4681e86643bddb41323ce4 |
| SHA256 | b4d44f4eefb850785f85fb87cf16408596babd9e9fe540debd034edd88e9c666 |
| SHA512 | 63653b412a8cf69726591367258006e6a6554dbd08e7eb61440932a575955774f907d3b532706ff5bc3df6f8fa62d7a982601a9c1712647b2cd1a13cbe8b110f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 20e42c0016b29223b9be87f417d253fd |
| SHA1 | 6e63bc1aa92643e278c9ad0a5a7c7dac8b414f3e |
| SHA256 | 494fd60b37f89f516bcafee5395d5bc936648fd995b6f2bf0cfc2fb3f167990e |
| SHA512 | cd3dcb9bb0a307311c3c89afb5e22fb492bafa248c1e67e4b6c281a147bbd70671fc9d2c7a33652936febc964c4eb4b6a83abb151b613ee8abcc2d0d8850dd3c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 00f5c4a9a141cc379bc9a130bebdc3a8 |
| SHA1 | 0effb629afca971619e6dd31c10e6c33f4fc39cb |
| SHA256 | 9bb958b97dafec04a3d58740e47a6cb7749791128234a3cb758d08ed3a557572 |
| SHA512 | c8c4e44a5db48076f1bc51dd9aa4b7ab0cb26b9f58d26c8b9aa91afccd7ca76f4863f7416a9b85eb2ca6508ec5240f38a9a2f940907a359ed8b0957632568135 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | cffcf4ecd97c48f0854280a1fda445dc |
| SHA1 | 659368f8569183bf1d568320f45e4347172e1cd6 |
| SHA256 | dc41ce73e74ae1dbffca428d9e6396e6da03cefcde4f95f96a1b722f36dfa9d2 |
| SHA512 | 2212ed0582d753402da9c937da190af91edf4c412eecbde913658d0388baf346686381516ef24985d825709d03aaf55815c951e0e15a2e455e328359446f102e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f251090c4c9d4b084257e2fc161b1dc5 |
| SHA1 | f7a7ff2fdf889ade392667da16ca429389e8b93e |
| SHA256 | 3d772e26d4b4d3a6705a542ed371605133a3e9063704e2d96ffa081afd693d2e |
| SHA512 | 4037fb98516bdabf7b4b0a2d99774f3f656fea16f1f0cf85b958e31d1a5c65febbc17c2fbb981418a17eea024a6a397e0b73451bd9b2868e400a9e1a0d505584 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d13fb4cb3266c3815c31e588f0973e06 |
| SHA1 | ac389f6822af27edf85af3785b372d07601e4ab9 |
| SHA256 | 27c9a05256a3234d56c974d5ce8ad62a8797c82fde02bb8e403369c773d51267 |
| SHA512 | 040b3ae0873b4fdeeeb4d054e2154f2a17b96d55764c4a0ab26a6381c99b3be6d903a988d27b3a4d2e9a1c8c8dd16e7330e126d5d32772091eca237b5384fd94 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 2dad18a2850486b8a9e0300ea3c8146d |
| SHA1 | f1f5011d224317b2472724a34484d087154076ad |
| SHA256 | 6c1f5d45b5eef80891d2fa8ca5d2ee5aba365f8248463808ce3d67db8ceaa1da |
| SHA512 | 82ece41627450df1663cdc7239871c27f981160a6b7150e17fe6ac56732bf3df7d875c8ee4c274aa151ccbf9ff2861a892d6dc1a94041e347fbaec4a6ac2ab2b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57e9d3.TMP
| MD5 | d8d193dfae9d86a62bf4e2a8bf9a2426 |
| SHA1 | 941b4e22960c1b7a60a6513b5cbd80eb46ff0c54 |
| SHA256 | 9d4a5556cb8e64a237d13bd628b54f540b0a2315ce9c9f5220c51dc6f926f5a1 |
| SHA512 | 6582ad38a94e1c32ac82516686813e34e91ecfcab99c3d409459d91e716a378ad99bd70098c896ee1419459d0f932bd623ca6d7d0fafda8b4305d048e4657c42 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 515a80f04a3e1d8c949d8a6b9cb7b79d |
| SHA1 | 63af5d92b9713323362bd6529a94fe2095e59734 |
| SHA256 | 9b0cabb77c7ed8107facfc53bad7873ea8ab56278d4fad037f410f2375a96ca2 |
| SHA512 | 60cea1ba3b96520f4adac9081a3ea1fedd785155df4953099c517f25428a256dcfcb50611c5f774fa9851237c0a50a980d7416214968b5653a8dbc87d2991000 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0320b2030fb8aa9e87c877e4e7d29ae4 |
| SHA1 | b5530ad9185adbaa5080bbcf2fcf4bbf724c97fa |
| SHA256 | c45127966d56587cfb03b030a84f1f06e63d14a795f74adb501f1c81c4387942 |
| SHA512 | ec1a0ae9b7fc78fa743f39eb99f80fdf6580ab2aeeb8cecbf5347a9827c132bd64bc53ebf165a4e884dd37bfe44ce630c1630afb78be4c70bcf899e1e4cfba1d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | c2387d413e71ee6c8d958de80d0e42be |
| SHA1 | 724c7158d2f01051c87a27d2de4fab9f13e11f5d |
| SHA256 | 2fe5b5fa99da242551e1952546601e4c4475bf6025db784429010da03756a1c5 |
| SHA512 | 5edb4241220bcfd4380911522b56544f0d83191df60bbac804c46dcaa2404c635b95b89bc9820323be3ebf21805ba9bb4d03759ccef34e7985e0f3a6e755ad32 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 84d059b7eb7aabc30aa0d85b0ccdfebc |
| SHA1 | 4be5e7eaadb321685f9f878c586a644294e0e23a |
| SHA256 | e84cee55dd11d44ddffb46ea0e0fc54ef66162040443e1339573b795842afa52 |
| SHA512 | 811d563d37bc44f2984bbe78ea3ba4bf9a033e1fec8e98d539712d1b14c4a37d4b9512dc5a34bb80d0b90fac9876401c51084b14aa1b63390510ad12fa12cd3d |
C:\Users\Admin\Downloads\RobloxCheat.zip:Zone.Identifier
| MD5 | fbccf14d504b7b2dbcb5a5bda75bd93b |
| SHA1 | d59fc84cdd5217c6cf74785703655f78da6b582b |
| SHA256 | eacd09517ce90d34ba562171d15ac40d302f0e691b439f91be1b6406e25f5913 |
| SHA512 | aa1d2b1ea3c9de3ccadb319d4e3e3276a2f27dd1a5244fe72de2b6f94083dddc762480482c5c2e53f803cd9e3973ddefc68966f974e124307b5043e654443b98 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 717fe68b3c1706cf4f8de586a54f6950 |
| SHA1 | 27daab2702060b383893104ac4e9446e7ce0f963 |
| SHA256 | 47c8c5fb051f08e375630a9108c747df1d55e5eec347e69967c298c8261a7a34 |
| SHA512 | abdf4f94564ca68fc2c5093ad2185564ef72bae2a0d6a6ae51b79544e1f8a5d6b863228a6c3a4cfe71d6c3882c7872e3b1ac5adadb1c0c08eb85ec24b2f99abe |
C:\Users\Admin\Downloads\RobloxCheat.zip
| MD5 | 5cfa8cca3c97d387dff9a34a00cf6940 |
| SHA1 | 9836498f7f964ac87b9d3e6139bcd6bc95f77073 |
| SHA256 | a5e02eb08c927b425b25b0936f97ca18cfb6f45bd13d6642d1f7912017d11feb |
| SHA512 | 837502230ccdf2762c59e127a4ec0ef5c84aafc3538e130b77852e00b539d22623def4b825763da4192ef6e361aa07f2a66423253e69ab1eb348afdb94824060 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | ef54da8e3067ab29f51e260779eb769e |
| SHA1 | 7f71604b2b31a28ecd6fe3bb637af287feda4c72 |
| SHA256 | a155f32c8ca54928c8f532338b5ac78690a2ac6e9c70481cc016ba1470b3fe1e |
| SHA512 | bc4958ab0e1a0593dfc7abdb50fd35b0f63750a9a3a55d0d6ce4b3dd4603f9df2ea49885988ea51f45e1e08d6054cbae052c488f87bb9fc2af8edd3a753cb59d |
C:\Users\Admin\Downloads\RobloxCheat\SoftWare(1).exe
| MD5 | 45a0b3b9f7c4b8ef9fb59e85d9d097aa |
| SHA1 | 0b09d3fa3019d85ea92abec3a13bf0ecf29c77a7 |
| SHA256 | 5ac73044db6c161cac76ae4aa475ae38cf2bf0615f3dbb0447063950ad8ff8b5 |
| SHA512 | d9ab53a34c30b292896918390b84753f029ad12cfe3801b6125ebfb3f330a60ed2309241393d07a978340ff18a0ff6036a32c5f86363fcbacb439155378b5f6c |
memory/688-456-0x0000000000820000-0x0000000000821000-memory.dmp
memory/688-457-0x0000000000820000-0x0000000000821000-memory.dmp
memory/2816-458-0x0000000000400000-0x000000000044A000-memory.dmp
memory/688-459-0x0000000000820000-0x0000000000821000-memory.dmp
memory/2816-460-0x0000000074F4E000-0x0000000074F4F000-memory.dmp
memory/2816-461-0x0000000005CA0000-0x0000000006246000-memory.dmp
memory/2816-462-0x00000000055B0000-0x0000000005642000-memory.dmp
memory/2816-463-0x00000000055A0000-0x00000000055AA000-memory.dmp
memory/2816-464-0x0000000006BF0000-0x0000000007208000-memory.dmp
memory/2816-465-0x0000000006720000-0x000000000682A000-memory.dmp
memory/2816-466-0x0000000006650000-0x0000000006662000-memory.dmp
memory/2816-467-0x00000000066B0000-0x00000000066EC000-memory.dmp
memory/2816-468-0x0000000006830000-0x000000000687C000-memory.dmp
memory/2816-469-0x00000000069B0000-0x0000000006A16000-memory.dmp
memory/2816-470-0x0000000007310000-0x0000000007386000-memory.dmp
memory/2816-471-0x0000000006B40000-0x0000000006B5E000-memory.dmp
memory/2816-473-0x0000000008850000-0x0000000008A12000-memory.dmp
memory/2816-474-0x0000000008F50000-0x000000000947C000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
| MD5 | 9df3444b117bc43dd6e3647359b86ae2 |
| SHA1 | 69967b44c5f48d5cf168d07bd712acfdefec8770 |
| SHA256 | cfa1c0ce65889ddb4a7f0940a2a700711d3c5fd4ef04bbf6f742d09f43de76b7 |
| SHA512 | c233b0bbd8949398090d3c84f6f14715b41251583c75ec448dae5f1130db1d382f927756536025d0f0f04dc89b5fa1e72f08205da4107dba32c7f63ea65911b3 |
C:\Users\Admin\Downloads\RobloxCheat\SoftWare(2).exe
| MD5 | 1c2f46da48f603d559070181e02950cc |
| SHA1 | e76947a7e2c73e6f4a00662076b1878db8330669 |
| SHA256 | 361e74dedd65309149b8bc6e2e97773b6561ca368ac4c4ff0a6b762e58f4c3e5 |
| SHA512 | d3871a649909ae296bfa4d79b349d318cd57ad335b0e51e4fd5c76806d8768d21d8cc67ef8a875fd6c3119e320d02424ab32773a27e711132e2d1522c43ffd8d |
memory/2484-482-0x0000000000AF0000-0x0000000000B64000-memory.dmp
C:\Users\Admin\AppData\Roaming\d3d9.dll
| MD5 | 752dcd2a546ec0913dd6a3729d5f7fc8 |
| SHA1 | 22fe595858776dc9a84e53525440bebd5f8b038c |
| SHA256 | b8b26014f02d06e737a5d02f98d22b54c4f3301534bdbb861cf4dd992bf5b1d5 |
| SHA512 | cab53b4349962e44d51782cbcec80dfcb8124aaa05d421818b182f3fce824ec26a097a79cbcbd627b4cddfd3cb158624fd9ae5757683ce6a3bb382c791f9f06b |
memory/72-489-0x0000000000400000-0x0000000000452000-memory.dmp
C:\Users\Admin\AppData\Local\Temp\Tmp7725.tmp
| MD5 | 1420d30f964eac2c85b2ccfe968eebce |
| SHA1 | bdf9a6876578a3e38079c4f8cf5d6c79687ad750 |
| SHA256 | f3327793e3fd1f3f9a93f58d033ed89ce832443e2695beca9f2b04adba049ed9 |
| SHA512 | 6fcb6ce148e1e246d6805502d4914595957061946751656567a5013d96033dd1769a22a87c45821e7542cde533450e41182cee898cd2ccf911c91bc4822371a8 |
memory/72-507-0x0000000006900000-0x000000000694C000-memory.dmp
memory/72-510-0x0000000007540000-0x0000000007590000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics-active.pma
| MD5 | c806c4473f82ec409d0d01281513adc3 |
| SHA1 | a2a0d2dea8fb5429c8eb339d7504936db8b7ed95 |
| SHA256 | 92cd61a571d3eb9dbff4319c293faf68a9a0960bd7efac19cd413df10d0b325a |
| SHA512 | febbaad04eaa215c13f624905fa79c93f04057432895a67e93a41343fcbd02da3424713c62b068429d75a6833981c54f1dfa2df81d9d5ec891ab40fdd5bb2895 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a221ba85a099cd1c9cd8faf691848990 |
| SHA1 | 6fd753d830a866466e1e67a84d36b071cb213714 |
| SHA256 | f105c56ad14ccd2eab3d7df620fb07a4a6537e028d28ba4e5a6c7e657ce358eb |
| SHA512 | 32c313a1831207b095565410a9654d15c27450a727cda58ebf1940e27aa9baf8f7437286915635ecc8f6b0e404d9a902debd7411a97d5d0d5c3bfeb2e09f1604 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | 009b9a2ee7afbf6dd0b9617fc8f8ecba |
| SHA1 | c97ed0652e731fc412e3b7bdfca2994b7cc206a7 |
| SHA256 | de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915 |
| SHA512 | 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e
| MD5 | bd8399e5deabd4848a5855c97c8659b0 |
| SHA1 | eff2a1279da31980f79d14d1f915dee0e0e94bca |
| SHA256 | 3c4a1be964d7a48d510d26f5139e856f2c350de7227b933a6e9472f2e4d027b3 |
| SHA512 | 4bf345c17cf2826686130cf0b7ba7c6ba384ad7f39c4b2a2b843620993b83960e8451120c3a3d525ecf2f98fc4eb9d0e0de510b0f6bdf18526c00121a059aba7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d
| MD5 | ffc76066cf13ee42ad105e0a5055ddff |
| SHA1 | da7fbeef596f0a4794144fbb53cf04445d2cef9d |
| SHA256 | 6c854003bb394f14b8018ab8ed65112cc05d9e4c0a604b973ac2656a32e45c16 |
| SHA512 | 710285129f30f3a4dcab8b09327bb9c78839e9ef1ee14a66b555edd24190b7b5aba10dc9b92e0e744764804385992cf880ecec923cc488bb1380ad06cc64f5c7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c
| MD5 | 616c1973b45ab0caa0d73f9b607056e3 |
| SHA1 | c04f0e9092d42d6daf7705674708dc27ec1c2daf |
| SHA256 | 5fabae6da87e6e43179198700e41fdf9a4b15fcc23de7741c75462d5d96140b1 |
| SHA512 | 59728e7eb97e250c6f7a4b5e0440d3e53943b8928f75933843fa8dc7d49bbfd3deb8c87271c56023aacf10af765e77866f7d5c064948391af69c5aea3901ae0b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b
| MD5 | e37ff0d4416a8481f3aeb89420492e16 |
| SHA1 | 06f80ba46de90e82bcf70554085c4a0fd3ae7e3f |
| SHA256 | b1557195bd8756b03e934fd9c844925fab35abc621688ca41cdd9040d5cf1d1d |
| SHA512 | bb5cb5261d2aebed208b70e192cfdd792159d483344e2cb6291d06888c6aee9a69e85ee89f1e77751df771fc5c02106e1cd4649252082d3c0def5fb55850c1dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a
| MD5 | 0bed0ce2e43ffc999880634c5c029115 |
| SHA1 | 00fc8d181fd50f1d16ea275d3db7e784a7f879fa |
| SHA256 | 6f7ef2c1e63593b6356b042954ba14113e45c3c24d9804fe4a201b1a9edd8bf9 |
| SHA512 | 99a3b57c8875f1a79a14ae29b31a5394a58d1e1cbf6bc3029d57badebea45a83612f97351001e0545384d2d74672da3f422876fc3ec648d68b9692de88e2b429 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019
| MD5 | 6d7ab6ba440b21cdb7cdce9fb799cc9d |
| SHA1 | 0736a6401f434fe263267cade65f674e07f6b4fb |
| SHA256 | 87e6ef2c93a1b4d36d3677e09e481eb63d1e506ee39cd290d32284b55d7021be |
| SHA512 | 87308d6422a3785872f275ec36ffb5afc2370e38655d3f36ea4eaf1a9e2946c5f9095fd9842d7eacda090c198100cf278a3b64bb5f6cb34b312ae8689ba22a4c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018
| MD5 | 4947987831bf03f78a44e7b3328eec66 |
| SHA1 | 6894b118c693744cb326673c7a9f3aee6fd5430a |
| SHA256 | feaa8eca71ae4230e3d7d0e87b9852285cdfe0c78cee5cfee04406b3c6e7ae3c |
| SHA512 | 5d6804104992248a237bd6d062b2be83a510a793b817802880cb6161084a4fc34c0fa0a6a8e8ab3ec3d5b0ec98fde012cd71ee5e39075167246aa72bd362c3b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017
| MD5 | 06700125f8b3da787df060e4f81c2095 |
| SHA1 | 8c6b18e808368d51cdcd91344829c9f491736a1e |
| SHA256 | 2f8b7804c3bd4100ccbe650a2b2421880836c85c2ccb3dcc92bb0b375c24bd76 |
| SHA512 | 628cd5f70ba1a1feecace21f9371b05039615e41ba13426651d609c28ed10b48be5059415d05fbc39058e3c2f3a57c236ce07fffeb4dc097458ec5b567c96062 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016
| MD5 | a0fe23f5cf1b858b4ae95ddfdb03cf93 |
| SHA1 | 6e47b52bb0d8f21521fc120c9ba074bde2ad8ccf |
| SHA256 | 1533aced32926c29d1ec3c3eb6f71a8d42243f55a4ada190431182cfb43733e0 |
| SHA512 | b64bfe47f84aeada4af38501358ccbf1f45fea71883cbaeec0fcde2e1a3ed7a9b8260ae8fa4b9a5501fb86f055d81c275c212d4446a09247dee967c36cb11475 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015
| MD5 | 6b864f27fb9b007ada4f575edd525ab4 |
| SHA1 | 4861d60b79a7569a02335232a4a721ac3bd7c54b |
| SHA256 | 02f8bd29ae254b5122e920c53f13175844a186e0ced3e8cd417d09f5837f27f8 |
| SHA512 | 69c0a05d473593fe80db1281b41aaf87aa8c09c23e835c3788e0d153434e8c60dcf1d39bad65380c28b416462e46c3c4e514d40f2cbc2ff92a46a6f5fc4d3920 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014
| MD5 | d32e36e9b1024ec2467edd585638da0e |
| SHA1 | 8defcc5e5a34a37b5c60ea9fa0c79d81361e038b |
| SHA256 | e5867fbba21bc439860430837f2297cc6b91fbfb2df73023e8fafd538ee6ae13 |
| SHA512 | 4c5a9cde0673126158af5ce7ca98fe69734584d64bb81028d9e225e8c65023b7698d40ac31cd27561bd528f60d8acf59e48d5038fcae3dad475b954ce8257b6b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013
| MD5 | be4576d86b310308718b014834f5831a |
| SHA1 | bfd90a0ee5feb66d0e50c906f2f955a4a24eb4ef |
| SHA256 | e3ab38217a28f40bfe948a218d9e5e77baaf44a19b0bfdb87c787162fef31dee |
| SHA512 | 80f27a36a560dccdd4aa4fa7101a2051a35c378de15b22e957937b8e1a55fb56595bca786598ddcc126fc7f3f13019c76475c5ed0f081f303c208139820c4f41 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012
| MD5 | 156f2c895a9e8e2b58c99c65b3cde515 |
| SHA1 | d2178ab957070c4bda9c8fc0b136860f1db4d796 |
| SHA256 | 666adeec98193f889cd602c1475d0c82896fe9b6c0a59b24da6fde8da92e036e |
| SHA512 | 440fd7e19023727d67a2dd0543c28606bc3f547ff4abf60193026433be15b616f7cbfe3876fc1fc0bfa4340b5dd0d7647668c2960963e46cfad5dda420becb1d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011
| MD5 | de0f0d7974c5803c90dc4afbe8223ef5 |
| SHA1 | ee1af9ea76d48fc1f55ca61b0bf8ada2c2a837f8 |
| SHA256 | fea971bc7aa825cc665e84826ae470cd89517404e346adec5fbc0f6ef84d1e2b |
| SHA512 | b50c2a111018a471a8b8920087e6b2c4608deced3f9381f8608204562b23499365bbfe724ba2fcc859e000b1a243e2689dd4e49f5ea4dfdd872ad665b926fab7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010
| MD5 | 87e8230a9ca3f0c5ccfa56f70276e2f2 |
| SHA1 | eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7 |
| SHA256 | e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9 |
| SHA512 | 37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f
| MD5 | 840b59a1cbb6c0b6f6292574d120017b |
| SHA1 | 4bac6bd601e40529a1bc586d5e3b5881acd3807e |
| SHA256 | f228b83665b7bf728b44d5ff0e78f8e873eceb6a7b0f20d33484414c2e483d46 |
| SHA512 | d0922e9cd0cbfdc3613366afcd09279bb005a504caf30bf10747c27114d050bf0bccf09a16f4cf9b22b32ebe477e7b05588378e45071b76e548d62cf0356b298 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e
| MD5 | 660c3b546f2a131de50b69b91f26c636 |
| SHA1 | 70f80e7f10e1dd9180efe191ce92d28296ec9035 |
| SHA256 | fd91362b7111a0dcc85ef6bd9bc776881c7428f8631d5a32725711dce678bff9 |
| SHA512 | 6be1e881fbb4a112440883aecb232c1afc28d0f247276ef3285b17b925ea0a5d3bac8eac6db906fc6ac64a4192dd740f5743ba62ba36d8204ff3e8669b123db2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d
| MD5 | cda10c5dec516032951f718d0974d9bb |
| SHA1 | 300ce860ba7aa1f31a5283178007f8256cb29f3e |
| SHA256 | fa455ac4a0f6fe33d6e0bd176eb9f9c814763b0957b5f18129caaa0809e0360e |
| SHA512 | ca986c383b8532a8f5cb4d2a6cf5e55100b4caebe2c286a50188a14cd6c9a1658afedc0d9fc2b4a3e247127746ac320d608cd408babd1bd9c133985b567bb3ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | 98dad24ab1644390bb32966a677a2511 |
| SHA1 | 83f71e99c69bf02736d80adcd052fee10ca7b5ff |
| SHA256 | 323fbd72c9aa0155278ad1cf46dbead90a29dd48b74b38ee764f08f3c261ad48 |
| SHA512 | 968b6b111458898d3f44e3209d5430c4c381bbdbb5b35c23e544f9b1c65c044f41d7d7f294e4d36a3f7710fd4f108a0792a2af0cbf52bfbf80633485cf025420 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | f998b8f6765b4c57936ada0bb2eb4a5a |
| SHA1 | 13fb29dc0968838653b8414a125c124023c001df |
| SHA256 | 374db366966d7b48782f352c78a0b3670ffec33ed046d931415034d6f93dcfef |
| SHA512 | d340ae61467332f99e4606ef022ff71c9495b9d138a40cc7c58b3206be0d080b25f4e877a811a55f4320db9a7f52e39f88f1aa426ba79fc5e78fc73dacf8c716 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | 015c126a3520c9a8f6a27979d0266e96 |
| SHA1 | 2acf956561d44434a6d84204670cf849d3215d5f |
| SHA256 | 3c4d6a1421c7ddb7e404521fe8c4cd5be5af446d7689cd880be26612eaad3cfa |
| SHA512 | 02a20f2788bb1c3b2c7d3142c664cdec306b6ba5366e57e33c008edb3eb78638b98dc03cdf932a9dc440ded7827956f99117e7a3a4d55acadd29b006032d9c5c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | f785f43e3293564019ebb6507960fb45 |
| SHA1 | 100e4100693e84097f1e441e0aeac030af0d6e6d |
| SHA256 | e3321c1359990e75f29b8676c449719fae1b545d89506cca3c280de1ed5b2736 |
| SHA512 | d4d30c850657f9e5fea15d3f81cdf816ae5908f7678a91eb571cf9d95443f18517bfb2c4bb78cbc19196e65a5a01df52b35ada444f5450d5222d05e8aa3f7021 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
| MD5 | 947b7b96c830b83cc2f06bb27f4be73f |
| SHA1 | a221e5919af446393acc428b9a781b413f7776ea |
| SHA256 | 82cbfb11944684c9199402b1eacc05984d105c872517082ba25b2c74ec0e4944 |
| SHA512 | b2e3eed0274b1a7689b6a7a94778e7534f121c94d50a43e8bada832be5785e3ad1dcf8f150750485dd323a1d64a609880d2d19bd0867312a25bdbfd1e9347d91 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | 79cbf5b6645638246cb94c0fe4b59bc7 |
| SHA1 | 7edc0b05ee0d9e945f74742e46c20cc83de2b3ee |
| SHA256 | 2dc8cb2fe5802944f5a378daa649ccaee14ce3025b76447824c75eb26fa78936 |
| SHA512 | 9e7a5efa1a0d6ceebae3db6c90b2c0bf59162fbe6dce5b7695dc46636fb7bc631dacea71c5e4cd8c1192a610a23ce4d8e154eb26c9423917bf69a056ec640dd7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | d989f35706c62ce4a5c561586c55566e |
| SHA1 | d32e7958e5765609bf08dcdefd0b2c2a8714ce34 |
| SHA256 | 375dfe942a03ee024b5cc827b3efda5550d13df7530281f50862ce3b33fcb716 |
| SHA512 | 84b9347471279e53ec5f151caf47fd125b9c137d4bf550a873c8f46e269098ea5e2882b1dc1fe3b44095308df78f56d53674928f44a1e76d3bd7dc9d888d91dd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | 6e2df673cf4661a6709df74b340a712e |
| SHA1 | 78951ef50dd7d443f8480af8c8cbe8f2a00aba5e |
| SHA256 | 5adbc8850a787767d3726dc34e3cc71f4d91382f2392a34ca9c97f7aa411f182 |
| SHA512 | 8ac2e49e092f03ede6cedb19418c4654b12449bfc4b34d4ef1009f74b171f4ff244f0fa0b4999e99b257eef2c8337e8e87b1a803030c986da3f3a3b198f51fdf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3
| MD5 | 6a745483628de9f879c5e04eba285b7d |
| SHA1 | d149541264fb316d88b939de39436eea0f78cab1 |
| SHA256 | 569f981bb2e1382943be8dcb3330ee418c64934d32ecf0780536c49ee6119ad3 |
| SHA512 | 1dd0b6684b733248be825d5ab6a682786317568bbb25438a21aa4236111245c118120dac1be0c7aa1bf9c3a112ee9f04403d21f4fb772683390ca0302649c8ae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2
| MD5 | 98531979a7b2db436e70536c654b6767 |
| SHA1 | 8471a6bef1095c8e5f4328e2a0bb6a9e8b0c82c9 |
| SHA256 | dd9d02f271cae3c50360e9fcf82d244b16df7b164d3e313284580e6e14d9ca80 |
| SHA512 | b39dfed7ac19fba167d599fa452e3958028371450ccbde90cb4a14017003ed3675c978ab0ee5b7da0fd013c4c08d45e7c5a1d7d6e0a349cb0e59a32beffd1fe3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
| MD5 | 5fe006329fea3bc9a579c255e647e849 |
| SHA1 | 833a93bb46cbe782fc6e8268d9bf9954e7e91b36 |
| SHA256 | b4f29b93ac0a1a4cdc3f733bcb4102c2447f20298fddc094d4c96764206b8678 |
| SHA512 | cc9cfc60a8b66e1517a637c12f610199cdcd85829be86524f0f87834f1fabdf179fa101d20cf9309cf52702fee00a913662384d10f5c26096ae27933415fedf6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
| MD5 | 18dcbd63eb28e25395fc659981b4a199 |
| SHA1 | 86de017e4d488ff17e5dc690c9eda83a2abcd8ce |
| SHA256 | 99ed6f915575ba7fc803f67c77b7400a554e2b8378693652cc90c9cffa08c853 |
| SHA512 | 4057d37598a9ae8acf47deb7d519793ef7931572d55c291cddad5a2b7c8340cb27528866d98f1140108785db31899a64a03c91488413295627bc861eff1e191d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links
| MD5 | 4a9e7ba806daf3276f0e056e2584a5a1 |
| SHA1 | 2251317cd64d3c426de6ba0770c05dd5223ebe33 |
| SHA256 | dee36273e34b798edc7ffa038c4c3edd4cd64cd601cc77fd42628a09dba9c3e6 |
| SHA512 | 72f8027a54a7f594dc0548358e442b8a5cc03ab2623af8d4183e7822c4abe6a0baed62a64721a3010503aee87b3cc472f1482442eb8356d3387fccbec24b4a44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons
| MD5 | a22a7fe39fa95aa889f2b6fd55af09be |
| SHA1 | 46c0f2fcd146cbe773a8bcdf4827692166de5639 |
| SHA256 | abfeb3882ffd1b50530cc033509b6920c6ff5129181a1b80126cf155349a89a0 |
| SHA512 | f1c8a1265d4290bac25e96a4f50f7490d1a526ddfc3af03a9b25e05eb5dd8b74adf4f4d94aac20d463e9eb29d877667723dd7c31f4235eeef54f66ab2414376a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | 0890adf407517eb158091efe3d60c927 |
| SHA1 | eb8fd61b6eb7b1e34868b50c6b13a0521fe8ddff |
| SHA256 | 537eafc470f948968851ef5e3929703188aaee13357d4df4f49f95b23ea8b53d |
| SHA512 | 6a4456c1cf88a8fefd8577161083e856827af3e7413da986458751716cd920325d3b14112f48a7213c3731b09f3c5b128487456fc5ff1e5cae2d269a286222e8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2e52659f14ba4ed44679155cf3063292 |
| SHA1 | 0713bd3699851751168b71a64253aebc0abdc742 |
| SHA256 | a31aa795f457d498b8c856c09c70fbc2107e77b98642a84096938ca8a065a579 |
| SHA512 | a77bf1bbf5c2c78085b6ed4e292c6627745a29af29936774aabf26eea2913a1ad096450d58a66e5ab67eb8d8d4d44af8d1bb254d57b6b8e47c9800b7dc3d1db2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a45f421a76a93eb00d89ee4675a27d24 |
| SHA1 | ed57101ec77453e47f53b77f54fb1c19d556f116 |
| SHA256 | 3b2a75398fc9331c7c7bf5cb82f6fd2350a00e94bc0a3b0ffd3635aeb60b4e7c |
| SHA512 | 250008d65f41244c02244611ca6c4505338e8978f56c5a07d3b2f635ee15aef59a936cac360236a115183846c96a679fd909bdd19ebb0caa61e966c7b5f9b6ff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | af0e757a50df14ef12e92e8d136a4cd1 |
| SHA1 | df386b4f39a020e875d498ab78c9eff8cc970d03 |
| SHA256 | 14a3fe27494c5d44b8b1926b102a639c3612475ff94fe1dc71e182fe20097b89 |
| SHA512 | 4004e6db74dd7303e7844bd4aa8202fb273337910f238f02713251ac06f4f033a06a6fdd39bb10eb72b034bebaa11e5572a2dccdbeef89c0adc43e4ffc8cea24 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 3644fa185f96d38ae927ecd42f629444 |
| SHA1 | dcae9aa025a3ad5999aa86a41eb6699a95472d13 |
| SHA256 | 588aed95d5697719d30aea7060935cfb46c850d619d1957f320c3e89461bf0a9 |
| SHA512 | db6498616ac118be173362d5db3c6edc1f303e48ea3f89f76727ce736f6b7cdd27370f06fae0e1631e0c2c9e643a52cf7729b189989d2f3d83043d6f22dc0320 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 993afde012824678362c96f4fc1f1e9c |
| SHA1 | 246a12a63a751ce625503fcc725f71aa72045eb3 |
| SHA256 | 4ecaf5723ddca6dc0462a0c6450cf752644b984923af86943faf3498771c79e5 |
| SHA512 | f81155781df1dd09133fc5ed5bec8ef8278e994870f6972bc83ad28724836af04032519d04fec47818503f220ac9c4f2ad73fbd85fd103295b6de2fee7166676 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1e5d1f8dd3936b472e96ecd1dd7e7a82 |
| SHA1 | 3017e6852e69e3f9b43cef2d2d2ffff135808b3d |
| SHA256 | 6e671420126afae6e88e4c82f4d25851e53c79a156042c9ac2ab7007e5837513 |
| SHA512 | 48e35f794d09a767052910832d3bf28643835592bb4965d14e8a642d72376fa5be62b3ed90bdf9bbc17ab2bff2face55c149d8f7a06003fe213f2640e98cdc2a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 77eda32b9bed41d49fae68891ebbde84 |
| SHA1 | a79465db66fad5a50b72eff025d31db24711ec79 |
| SHA256 | 319780d30f37de70c94e75802b2cf7d59144cc9b34b6cec78eea1827ba5ddf2a |
| SHA512 | ff5cf88f25ea0e383ededbdc209d411cf06c72027fb3787bb9a1a088c44b132e186b6b9c7cb60c7efb090e127fa41424cebc58a7838bda700d325e986091e494 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5b6bf5.TMP
| MD5 | 2dabe83e6558a6d0699667dd3a1ea34d |
| SHA1 | e62fe4fa4a131062b0a721380674119a8fdca040 |
| SHA256 | 88b10619fd1be46cfe6ce1c7a41e8c4ae2e2014aca3e5cd264392444d55c26f6 |
| SHA512 | 71b1a3e2407b812ac9061520d4f11494759b2cbb893d2d592e43cf2863d9678f901b91a74b8f9723ea04c32c4386a49f450a75f0c3438aa71a44f8339d6f82f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | bbd768af28f7eec9d4728964d79d7144 |
| SHA1 | 304b7c899276b53cf967f0660c20ab204e8f864c |
| SHA256 | edb5700e0c92d8589ddb4c90fcbeaaa47127c4dfe74b75d13d1c8affae56a56e |
| SHA512 | 5751974292d6678c25157b1c1a8bab7eb789c9c2d8b5ff60a0e55e1d3b80a4506a067a0a8d7f3686f9b9c20dff14598d0f2edf0fed7a6f4a393243fb7dfe917e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028
| MD5 | 1fc15b901524b92722f9ff863f892a2b |
| SHA1 | cfd0a92d2c92614684524739630a35750c0103ec |
| SHA256 | da9a1e371b04099955c3a322baee3aeee1962c8b8dabe559703a7c2699968ef4 |
| SHA512 | 5cdc691e1be0d28c30819c0245b292d914f0a5beaed3f4fc42ac67ba22834808d66a0bfc663d625274631957c9b7760ada4088309b5941786c794edad1329c75 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 087fe108f276dc2250bb968aba369077 |
| SHA1 | e3847359bd0af543fde280c096fb6f22c860fdec |
| SHA256 | 4f53dd2f5567cee0e97810ea63f55959afbd6285be29c1602a6e1af25637a057 |
| SHA512 | c2a15af9f1119053a9faa8cd231b43989108b78932c8cae8a312fc4368d898c9ef81b66fbf377a85a56a6b88253064e672414e90451d27f0ae8061cc27d3f3f9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 557de6c0418080ede9fe51705cd2ae6e |
| SHA1 | ef734608489b01282f6eb6392cc71b8b8a56f85a |
| SHA256 | 28fc27ac9c15d7e52064b8c43509280bb4b13667c1e2a28325ee87ed9da894e3 |
| SHA512 | 26446c69501009b30e4a3e922f8e82fb4fa22fda54ce3e8cd2a5b4f2bd0ea27d0fcc8c2a594fdd77d7df68dc158b508760b9deff3beba7f5f714719d6fc74ca4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 25d00144ba3087e1acd5349d441fbd40 |
| SHA1 | 64debc339e72295a1a484fe448175397e357fc93 |
| SHA256 | 81192f504184fe66aed79b85ad51dbb240644d8e2d53b7da1eea95a9b49dc6f5 |
| SHA512 | e112c1129b6428725495d1b45c549da5c22423dc019ba76d063147951c2d7617124e39ba57044a297cc0a1ced567c4e0d15e13e430043ba26b063855dd890dc9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7d0c2857f8dcf0f4c28b0690d1c28d15 |
| SHA1 | dd61ba2bb4ca42b07ab30963e10fd0ea6e4c6c29 |
| SHA256 | 21f53743a0ba2b9978aaa14a91e06f5790ef82650bf44bd91ca4f6231c9c9ae9 |
| SHA512 | e54b30fdeecc78327b001f203ed3107da7dd80e4bbfe516e111896810d34cb4891f2207867cee9c90c27772b8ede8a8659d4c0dd310e096008567795cb0ab9eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 99c3967b520af2dce74bacf068a0d234 |
| SHA1 | e930f674b49cd78a4b02d9e3a99e66ab8505bf2d |
| SHA256 | 7612e58bb394131c344e91504c4794c3119544b583979170555ebe9196d555c1 |
| SHA512 | 47beb52792b3c3b78961e4375ed4b1bc760dd72f3ceae984228427d423c0d9396771f4fc733c1e5f1cf00d4a921aa0b062ed605135b8fd7424d63a008876c174 |