Analysis

  • max time kernel
    1413s
  • max time network
    1173s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240508-en
  • resource tags

    arch:x64arch:x86image:win11-20240508-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    22/05/2024, 19:12

General

  • Target

    (Audio) (1) Light Bulb Sound Effects All sounds - YouTube - Google Chrome 2024-03-24 00-01-01.m4a

  • Size

    512KB

  • MD5

    669c9f948f8af2ba0dcf8717a653f6b5

  • SHA1

    0497d2b1ca0a68ed1897051a945b40523aabf574

  • SHA256

    7dfa5d6c6162b61bb1307bdcf90389591405ebdbb28585aeb08c4ce820e23fb2

  • SHA512

    2fbfefc984e6a02c25be9863fd41cd7b8f64ac08b5ab3be9af0d15ddd7e440c10d3b5ca9669a494acfbafb9de3ec9643e0010e5e14a06a7b3d2eaf51a27b0c20

  • SSDEEP

    6144:jRDukJSHU9GIhfPYeR5Heo0wFc+7E7fg6u3Wh8jW5FjS:tJIHU9hXNRdeo0yc+7E0xmh

Score
6/10

Malware Config

Signatures

  • Enumerates connected drives 3 TTPs 23 IoCs

    Attempts to read the root path of hard drives other than the default C: drive.

  • Enumerates system info in registry 2 TTPs 3 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 4 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 14 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 12 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Windows Media Player\wmplayer.exe
    "C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "C:\Users\Admin\AppData\Local\Temp\(Audio) (1) Light Bulb Sound Effects All sounds - YouTube - Google Chrome 2024-03-24 00-01-01.m4a"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2552
    • C:\Program Files (x86)\Windows Media Player\setup_wm.exe
      "C:\Program Files (x86)\Windows Media Player\setup_wm.exe" /RunOnce:"C:\Program Files (x86)\Windows Media Player\wmplayer.exe" /prefetch:6 /Open "C:\Users\Admin\AppData\Local\Temp\(Audio) (1) Light Bulb Sound Effects All sounds - YouTube - Google Chrome 2024-03-24 00-01-01.m4a"
      2⤵
        PID:1016
      • C:\Windows\SysWOW64\unregmp2.exe
        "C:\Windows\System32\unregmp2.exe" /AsyncFirstLogon
        2⤵
        • Suspicious use of WriteProcessMemory
        PID:2256
        • C:\Windows\system32\unregmp2.exe
          "C:\Windows\SysNative\unregmp2.exe" /AsyncFirstLogon /REENTRANT
          3⤵
          • Enumerates connected drives
          • Suspicious use of AdjustPrivilegeToken
          PID:4428
    • C:\Program Files\Google\Chrome\Application\chrome.exe
      "C:\Program Files\Google\Chrome\Application\chrome.exe"
      1⤵
      • Enumerates system info in registry
      • Modifies data under HKEY_USERS
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SendNotifyMessage
      • Suspicious use of WriteProcessMemory
      PID:236
      • C:\Program Files\Google\Chrome\Application\chrome.exe
        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffe06bdab58,0x7ffe06bdab68,0x7ffe06bdab78
        2⤵
          PID:1540
        • C:\Program Files\Google\Chrome\Application\chrome.exe
          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1572 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:2
          2⤵
            PID:4276
          • C:\Program Files\Google\Chrome\Application\chrome.exe
            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1840 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:8
            2⤵
              PID:1724
            • C:\Program Files\Google\Chrome\Application\chrome.exe
              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2192 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:8
              2⤵
                PID:1676
              • C:\Program Files\Google\Chrome\Application\chrome.exe
                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3044 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:1
                2⤵
                  PID:4916
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3188 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:1
                  2⤵
                    PID:4484
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4148 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:1
                    2⤵
                      PID:2956
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3788 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:8
                      2⤵
                        PID:2116
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4468 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:8
                        2⤵
                          PID:2688
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4352 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:8
                          2⤵
                            PID:1560
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4708 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:8
                            2⤵
                              PID:2040
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4744 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:8
                              2⤵
                                PID:1804
                              • C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
                                "C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --reenable-autoupdates --system-level
                                2⤵
                                  PID:2224
                                  • C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe
                                    "C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x250,0x254,0x258,0x22c,0x25c,0x7ff723bfae48,0x7ff723bfae58,0x7ff723bfae68
                                    3⤵
                                      PID:4696
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4692 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:1
                                    2⤵
                                      PID:1816
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4772 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:1
                                      2⤵
                                        PID:2320
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3900 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:8
                                        2⤵
                                          PID:3756
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3204 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:8
                                          2⤵
                                            PID:1476
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=1760 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:1
                                            2⤵
                                              PID:3572
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2708 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:1
                                              2⤵
                                                PID:4152
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3436 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:1
                                                2⤵
                                                  PID:2192
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=2892 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:1
                                                  2⤵
                                                    PID:232
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5164 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:8
                                                    2⤵
                                                      PID:4596
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5336 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:1
                                                      2⤵
                                                        PID:5016
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3492 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:1
                                                        2⤵
                                                          PID:4604
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4208 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:8
                                                          2⤵
                                                            PID:3028
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5520 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:8
                                                            2⤵
                                                              PID:3120
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=4016 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:1
                                                              2⤵
                                                                PID:3956
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=4244 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:1
                                                                2⤵
                                                                  PID:1948
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=4280 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:1
                                                                  2⤵
                                                                    PID:2364
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5448 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:2
                                                                    2⤵
                                                                    • Suspicious behavior: EnumeratesProcesses
                                                                    PID:3520
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2884 --field-trial-handle=1868,i,6949930081058605883,10625764236801752182,131072 /prefetch:8
                                                                    2⤵
                                                                      PID:784
                                                                  • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
                                                                    "C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
                                                                    1⤵
                                                                      PID:4996

                                                                    Network

                                                                          MITRE ATT&CK Enterprise v15

                                                                          Replay Monitor

                                                                          Loading Replay Monitor...

                                                                          Downloads

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000028

                                                                            Filesize

                                                                            83KB

                                                                            MD5

                                                                            95ad70b0720495f26f4b7dc7aa152c13

                                                                            SHA1

                                                                            d325d177460b579980d6b36a4da2defbc709d6ce

                                                                            SHA256

                                                                            7d40765179bc45d7b2a36b9f0d49d12c2048abb154ed0ecfaa2433417fd0cdbc

                                                                            SHA512

                                                                            ca9f7e4fd11ce28a5eacee9cda062c8418b4d6cb440ed82328c03d7c1d1835d7aa175a2ac5e35ce2ec3ab6a37ed2fae0bf2eb61c7b08199299b6dae9e5194fc6

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            5095ad826460a3e7b0d684b7acdcf76d

                                                                            SHA1

                                                                            7108e89ea0daa23a419448ae0a29561c7d4cc558

                                                                            SHA256

                                                                            4e0c454a2eba3c2c231217eff967042f7233658239328403c9271b2ec2539206

                                                                            SHA512

                                                                            a83263a4c2300ac67c84e277f1d48518f0ad76f0047b977a6bc6397069e17172b1163450c29959e85a837884981f7d6b4835dd2d7580b475c87b0dc4a39f650b

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                            Filesize

                                                                            816B

                                                                            MD5

                                                                            0536e40c43128a6f0b368a55581f3fbe

                                                                            SHA1

                                                                            f4d6a1e08b45a7f8ff78a6455ef0815077740be3

                                                                            SHA256

                                                                            9512d3035b0fa830c4c2624b62b7f1909076175d886e979043c85e2827f003fe

                                                                            SHA512

                                                                            86df903b02ba5898ec73f1545f4e9f97791f0ba2254ec06ab5efbd505f2e5e05380fa048e57172dbe2ba3a5900072836dbacc28fb4e98b6f504a10aeecc6542b

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

                                                                            Filesize

                                                                            264KB

                                                                            MD5

                                                                            497c2ea8ae318076b1ab78f2e1547695

                                                                            SHA1

                                                                            d7de16b54edac082c40f0c546a5b805d223e660a

                                                                            SHA256

                                                                            217ca8e3d3ee01464768203fd43b710b3f9558c505ccc57d0c14b2c7bc73cd64

                                                                            SHA512

                                                                            757a1764706856fb67cc2d08c0d9da616e131a06d8bb48805dc532762ebb617ffc72499ea239c3d53bed0d595b9e351ed2ef954cce3ed378317857619403ee0e

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_tamqe.dwhitdoedsrag.org_0.indexeddb.leveldb\MANIFEST-000001

                                                                            Filesize

                                                                            23B

                                                                            MD5

                                                                            3fd11ff447c1ee23538dc4d9724427a3

                                                                            SHA1

                                                                            1335e6f71cc4e3cf7025233523b4760f8893e9c9

                                                                            SHA256

                                                                            720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

                                                                            SHA512

                                                                            10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                            Filesize

                                                                            5KB

                                                                            MD5

                                                                            53f497131663ff4818bfb11bdbb3a22e

                                                                            SHA1

                                                                            9b5557cbe2e6826f676e81d6ebe7e2c3a8727339

                                                                            SHA256

                                                                            7c554625f7eb164aceb6df0c5fce57e04c99dd77b227a7a856d9dba28c009aa0

                                                                            SHA512

                                                                            8055e9bd610c683924ebad13bf23e47f662ac112e8e599d810bc2c63e038f41116db001ddd621afe6a4659d1b46034b93f2fcee19ad094afebb591bba8819d78

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                            Filesize

                                                                            4KB

                                                                            MD5

                                                                            a5a4f408c4befcde4525aab44eb0f895

                                                                            SHA1

                                                                            5f0196a47a4b5c36ab6017a892ee38b94229256c

                                                                            SHA256

                                                                            1c77ea49d03de2ca69ad04615365e03165704f5f1e4bd7420cdef01a30709ba5

                                                                            SHA512

                                                                            48c0386ec163c455075600c00ac13cc9cf9744c3c46b97109d4ab1cd8d39f8c4ea8710a803bc2452a2b9644a79237dc38784c6addd75a0ffc0fd211866fc2375

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                            Filesize

                                                                            5KB

                                                                            MD5

                                                                            99762b713492399510c89f15a95d33a8

                                                                            SHA1

                                                                            b727f125055f237cb3b2173ba921fa44f1930ac1

                                                                            SHA256

                                                                            2caf9c61881654b6704cf435044c8fd67309d3b54d7ad76e3f1f5235b810041f

                                                                            SHA512

                                                                            bbce3a6d7688de4e0db890519e2722da4e368f1d95382459a7c661eaf14269e7691429685eeb33a50bf0ffac42a0496ca53b8db90fe7d785e81ee9e2eaadc9e4

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                            Filesize

                                                                            5KB

                                                                            MD5

                                                                            fa6b3b51d55b526da8ae03a02e7bc326

                                                                            SHA1

                                                                            71c01a2b15970cc2b148af57730b1e312c1e9a98

                                                                            SHA256

                                                                            0cc379603d432e449453ac04173f4e11476e0203aab537911a0afe2bad4540c9

                                                                            SHA512

                                                                            b07939983035c2d3d3f820429552cb9a982c4e92663ca0da7583bbdef42c24785fd91103f02c4ca80e8331c7e96701c323e55b6fb6cf5ab243d9db9d4424ee83

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                                                            Filesize

                                                                            2B

                                                                            MD5

                                                                            d751713988987e9331980363e24189ce

                                                                            SHA1

                                                                            97d170e1550eee4afc0af065b78cda302a97674c

                                                                            SHA256

                                                                            4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                            SHA512

                                                                            b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            691B

                                                                            MD5

                                                                            bf9a90f86a95a566266536307008d4d2

                                                                            SHA1

                                                                            3ed6f71f9d330dd1060550e217ef374dfaefa614

                                                                            SHA256

                                                                            8c8550d97e75e83f1e7fa42ac8a2ac347227f3f89b3b591d8ad9a9c8a7517c49

                                                                            SHA512

                                                                            efd1f1de358a2e3ab0965ac50a10336680f0e353ad51ce212a3424623e302808bded35e4e180169ac6482df5a8a069314483d23ad8f2b222f3c7d1e3caa2db8d

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            356B

                                                                            MD5

                                                                            327878c45b438c102fc161a39d0404c3

                                                                            SHA1

                                                                            195a3ec138c70e9eb3490cb36c6f7892ef6eda85

                                                                            SHA256

                                                                            8336f6ff680293710477c1a75a7473f0654525d84924e6eca85d398db5c8ec0d

                                                                            SHA512

                                                                            3458367d772cd77d1da0d2d59a010acf2dbc7eedff8e2d95334a7bd52e2a12ab9c16aacc4eda7c485bb5b1e9eac1c66052c1e2c6e256eb84531d1c81b0451ef8

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            1aa6358c6ef9dbf9400721826d8425b9

                                                                            SHA1

                                                                            123b6bbef03bd8f7ee6f7dea4f96a6f7a660ef9f

                                                                            SHA256

                                                                            222704670223218aa688b050a4fc1df78793b7379bc74ba949efda4a2694d522

                                                                            SHA512

                                                                            9051ad7ea1a5bb61945db1b2bab59ccee732242f382f45118e881495def8b3b4f2e8e192b5fd4f8b431997f6595e306570708fc180551e20412afeee397da9ab

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            bbec00b0a7fd0592d0452d648f066cdd

                                                                            SHA1

                                                                            4f0c1a823c20e356573773b4dfdbc2cdbc26b794

                                                                            SHA256

                                                                            551c2a738bbb9d827e282b307cce552d052dc58a5608e8860a2fb448d2a442f1

                                                                            SHA512

                                                                            a8632d51973e330865140603b486f4ce4da90f8f1ff6876c1a3bfd8ec1caee1f52a55816935ebb47c34390019f70b9a8b12b7bbd02eecc29ba7169b6f510f54e

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            70f54b7ca74112a2d783a9574f086b06

                                                                            SHA1

                                                                            4c2907699b6d823b23f2d78ec59e781dc869584c

                                                                            SHA256

                                                                            8d06c7a0f11da0d9d961dd99f2b7736a46ef0ab586e9f28bd8e4facd6145892d

                                                                            SHA512

                                                                            709a8d6530e646238eb9cc53fb5d1e17b764815c8f43a27bf109c39b0abd4580afbadc3841fca773e59198af24d08ae2d07d5ec0bcbf4a230a01bc2ad98cbfc3

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            8KB

                                                                            MD5

                                                                            25d690b1db7b33c44f61ce1e4051adb7

                                                                            SHA1

                                                                            f44fc93ea7beeca945b2f1447746f34373b968ac

                                                                            SHA256

                                                                            0d97dd71c7d878db2d204576c22116809fd2b38af89b5ccc5f08f625cf11f273

                                                                            SHA512

                                                                            717f01f087e587df613e0141cf05193c0ed20914b00f3b02a028933b8baeb2e5ba278657eee0c2fd220ec534b1b06406d5b52135bab7b744960e2e5299edbb64

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            9KB

                                                                            MD5

                                                                            f6ff2097baf18e74be2803e5a8025408

                                                                            SHA1

                                                                            e98e1e49be5ce220b65ae6ac7fe388a28f60fe8a

                                                                            SHA256

                                                                            ce634a6100b9dc5888410d9b83550f8be14396bf909c3b76a0a709e774f64ca1

                                                                            SHA512

                                                                            e3f8d196625297834b3aea8159c79af460f6f006ee05fb54d71a5d29f7ef8e23376fee114dfd95226b95138a63d430c99cf63d946d718f7ccd97dacb998a260e

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            7KB

                                                                            MD5

                                                                            8bab01c4f5432fc0536a131ee8769c8b

                                                                            SHA1

                                                                            25c2bc4bc9bb9d5a9ac51672641d7f0b456b8fc3

                                                                            SHA256

                                                                            471fe935ca2a10410205a8d848a655db88ffc7fd23589ecf20369969ff078e86

                                                                            SHA512

                                                                            4647955e44b1b7adf27476e01035212380dc94a17360a603a0cf2e6f34afde8eb155a716c2ea0cd913b45aa91b9b4ea6b2c05f8575b981f99571808de8a79e2e

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            6KB

                                                                            MD5

                                                                            28ebba314a3281391e287b647438954d

                                                                            SHA1

                                                                            a37fed2eaf063a190ccd5cd8c465190d84450913

                                                                            SHA256

                                                                            c17ca3202a8690e11552bdae3075914c7a0be3a89ac25055db5f3c521ef47897

                                                                            SHA512

                                                                            706c3e7f7a971c23543cc9f847ce93b7faec308ff747c19aaa851df8795e92c4458f53db1950473ac96e38d49d56c0feff3a9207af12de6de38c9574387bb269

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                            Filesize

                                                                            8KB

                                                                            MD5

                                                                            93585d7d4d9b5bf33df7e69074e8db4e

                                                                            SHA1

                                                                            eebac8101dade5bf8a036561db9e85caa5946b06

                                                                            SHA256

                                                                            574f7a441a185b80a520cb48946cfbc572d199cd9d50ead1c543fa4a7d70ea3c

                                                                            SHA512

                                                                            57e63e9382768f97b2a2f0f03a1e1ae72268602891873a2ccf5c53e55147e6736ac249a93d9aadd2cde535cccc956cfa97e7737a7332028afdce02d112390277

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                                                            Filesize

                                                                            16KB

                                                                            MD5

                                                                            fc2b83751e693aaeee47f46e5e4c24e9

                                                                            SHA1

                                                                            30f7eae5ad6b18aca3ee229d56d6a19b77fc59c3

                                                                            SHA256

                                                                            ed0d47a7695a4a20503aeefab99f20766d7de4f71e9bc88b63d8e99ec7e7c0ec

                                                                            SHA512

                                                                            2fef9f4fcb251cea58cb1c57de3bc078eaacecf43a97ef5345524d01c8e6aa5dfe96d4f26d4e6b4d81a158a166da0311fce41b4d52c492423507e43873b5a921

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

                                                                            Filesize

                                                                            16B

                                                                            MD5

                                                                            46295cac801e5d4857d09837238a6394

                                                                            SHA1

                                                                            44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                            SHA256

                                                                            0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                            SHA512

                                                                            8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\MANIFEST-000001

                                                                            Filesize

                                                                            41B

                                                                            MD5

                                                                            5af87dfd673ba2115e2fcf5cfdb727ab

                                                                            SHA1

                                                                            d5b5bbf396dc291274584ef71f444f420b6056f1

                                                                            SHA256

                                                                            f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4

                                                                            SHA512

                                                                            de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                            Filesize

                                                                            72B

                                                                            MD5

                                                                            fc89990b01f34fc793f7b4f3e2999445

                                                                            SHA1

                                                                            54438cee8ea9aa474fc706893b719699baba541d

                                                                            SHA256

                                                                            9f462277cbbb7e51bd19b45577cc361b1b2825f0efed19854933387d24739128

                                                                            SHA512

                                                                            c7897e7bff3b101daa2fb2eea74af3777cacbbaa90d87e588bdb8b5c0d551423e217b331c6a36d4e4549e9e3f9bf90a2e4cda9412f6c69421e91299042229e9f

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58b3ca.TMP

                                                                            Filesize

                                                                            48B

                                                                            MD5

                                                                            3ca7ba1556824f68496b4099b68395be

                                                                            SHA1

                                                                            7c71434e22d8754ab3a69e386cb2ae06ad6fbd3d

                                                                            SHA256

                                                                            de1b0149f52d23e7e91ea90b7535c39853bfca951eea818b9304f11a97fbd550

                                                                            SHA512

                                                                            9ff7a9bad936b6bafd22c7830109706c05203546dda200ace222fd60cebcaddc9755bb206c08e557e0b2f7f8a652a1e0657f4e641a284b372cfe415b6dc64d15

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                            Filesize

                                                                            260KB

                                                                            MD5

                                                                            48baba07ce4d0330e3475a4e8bceb601

                                                                            SHA1

                                                                            d5ecdf095f651a7c48354d64b2cacff2161475cd

                                                                            SHA256

                                                                            f15738ce502d282b260151f9c64154cb09171c8615ac8db51b22a2805f852d18

                                                                            SHA512

                                                                            74eccbd1a4915afba70d320ab690d208f1a3b243a40fddb903a2f994aeb6ceb7f0c567e2eb5b4fd8f2cf2b8a84840f175fcd9fdcc9b30d206f18836e95627489

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                            Filesize

                                                                            260KB

                                                                            MD5

                                                                            0e2479fdf72bba099ec8567747094134

                                                                            SHA1

                                                                            11a37cf75f7f620d55fa917738a369cb8639b0b7

                                                                            SHA256

                                                                            be485dd2f2d2a6bdfffa7d8969cbdbe5b3bd7d2a87accc1bb88e91df942e9a40

                                                                            SHA512

                                                                            972708aee8602141220d2db19d6d4e28e0d647df324ca58aead28e61af69e3f6b355b4b6e1b311860d72f627471bcd7295eadd7d360348dc3dd1554b1dce0c45

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                            Filesize

                                                                            260KB

                                                                            MD5

                                                                            d78bf932aa1147838c9223c4fb5703c9

                                                                            SHA1

                                                                            d019128f1e9c1807deab35412385813a4d507f3b

                                                                            SHA256

                                                                            03e9d56859cba8d32a1e544fe3d184d1a72b1f3f0ec46c5b54196d3fd5e7297d

                                                                            SHA512

                                                                            0754993c151ed4db7c0b35b62164a3bf0def874920269366e98f0105843eb9c51c5734511f83e260ef3e1ab45c1163ab576bb0ee266069f3bd2e521218324b50

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                            Filesize

                                                                            260KB

                                                                            MD5

                                                                            186f0893a8ada84ac1877992646ce43f

                                                                            SHA1

                                                                            784767aeb0d3a3d1cc0e2b58bbb52a8348a2a1cc

                                                                            SHA256

                                                                            14c6372cf0ecf01eca16e8b2c84d163404e4c844ab7d93eb99f666dc2b1ff49f

                                                                            SHA512

                                                                            900cd0f8fe0063078586546bc5284b9ef7097d920937e83c9072afa1832f1f0d5631ead4edf9f50e54b4fbe28845a5c676fed41700b1f9a21af4f9a0cc54004a

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                            Filesize

                                                                            260KB

                                                                            MD5

                                                                            9f1cc459592675a2d52186fd70360e43

                                                                            SHA1

                                                                            0fcdab2c7349e26b02dd784a1b9a43bf98ffb965

                                                                            SHA256

                                                                            f290c3e87f261377c5e8dbe6e51ebb64fb3661e2e0e5a52b4dc85b86e9551d00

                                                                            SHA512

                                                                            b0f66409ab1e4beca3f10db65d89f14e5a03d3a74cc70f86aea170047c3cbd51262e7f629a69176cda81b0b35fd95fc881d801fab91f4151c67f68cbfe10fdf9

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                            Filesize

                                                                            86KB

                                                                            MD5

                                                                            57684e546bf2593606bf95bc1bd9ff37

                                                                            SHA1

                                                                            a1997833fce7e55f4c939d5b70eefda6fc15dc41

                                                                            SHA256

                                                                            908f2bee19c008ab33f892e1ab5811d7b2ca6fdb1a0cc27584ed2c2d2bda97c4

                                                                            SHA512

                                                                            02a8db5aa20ea643dd0c8996ec0e9f03943e7dc49d59a84ef4e44ab44be0a570d97d98400b606231bab24a7a28ba385331e55f0885bee82860f4e62b86aeb9b0

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                            Filesize

                                                                            90KB

                                                                            MD5

                                                                            c6f5df91b13e66b2b4037860de8f5ba2

                                                                            SHA1

                                                                            870dd2a606a37358d99c62c3d7353d043b1fcbb4

                                                                            SHA256

                                                                            2f0f763d05ed3ef2e93caa3e5393b0de06d71a735418e0880ccc0eed1f2d08f0

                                                                            SHA512

                                                                            8c4d5ca8d4b2b4b29fc9ce30e3fc1b165c6ae79706b27502692214d59f7c54b8356ccc65698413abf3ff3a7b84a9c2912554d3514c0630c458695eb742f658f3

                                                                          • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58145e.TMP

                                                                            Filesize

                                                                            83KB

                                                                            MD5

                                                                            6111ad0cac7822f9062f1af718d6fa71

                                                                            SHA1

                                                                            a908e1383967c289216c68af04b86c4b12bdb978

                                                                            SHA256

                                                                            d3951505d135dc45c50572f4fde0b2cbdaec027bf6cd497328d4b33732e4ed04

                                                                            SHA512

                                                                            e290540973c6cea27813cbd1142184821041f44f2e9fff6f669442aeaed1a5137dc8d94b6ed6489cbc671f1f4d61b21d82ed1af02f2b610efd33114b012ad4a6

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb

                                                                            Filesize

                                                                            384KB

                                                                            MD5

                                                                            9094c783418a02287a50e36fa6c8a56d

                                                                            SHA1

                                                                            668133014fe33c9e8116f99e7398a9882f3742bb

                                                                            SHA256

                                                                            5fb3c0c9cce8a7576c7fb22424d9e702dab7d81d4aba2e8098264f4092a358c3

                                                                            SHA512

                                                                            00b947b28b1988897729dc6c37b094441a489d33a02ff961d6934e8d5755894cf094e66ce76400c46bd035bda867516a5d5404b3ce05b6120efec3f0c981d1a6

                                                                          • C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML

                                                                            Filesize

                                                                            9KB

                                                                            MD5

                                                                            7050d5ae8acfbe560fa11073fef8185d

                                                                            SHA1

                                                                            5bc38e77ff06785fe0aec5a345c4ccd15752560e

                                                                            SHA256

                                                                            cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b

                                                                            SHA512

                                                                            a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b

                                                                          • C:\Users\Admin\AppData\Local\Temp\wmsetup.log

                                                                            Filesize

                                                                            1KB

                                                                            MD5

                                                                            a3e16dfe13d2aaf86f198d346c3300bd

                                                                            SHA1

                                                                            953ff1de179644cb7f671775d5d11a99fedc0329

                                                                            SHA256

                                                                            e704c6094c89970e4e6e18c8705b138aa78a0c62fd3f5f4243c373e66a48312e

                                                                            SHA512

                                                                            17804733c9de2eb237e232c7295532282ca26bb3bad80a022d39a2fc644bdaaf7d3c22ae25fc2e27682b2220efc7ef79bae05e7f78dcff5ab656601ee1ef1222

                                                                          • C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

                                                                            Filesize

                                                                            2B

                                                                            MD5

                                                                            f3b25701fe362ec84616a93a45ce9998

                                                                            SHA1

                                                                            d62636d8caec13f04e28442a0a6fa1afeb024bbb

                                                                            SHA256

                                                                            b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209

                                                                            SHA512

                                                                            98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84