Malware Analysis Report

2024-11-16 13:36

Sample ID 240528-phebjada2y
Target Setup.exe
SHA256 989c54ab290e147aba6de1e542eb71cdbc50179dffc190ca46031ce8f18a6c8b
Tags
xworm rat trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

989c54ab290e147aba6de1e542eb71cdbc50179dffc190ca46031ce8f18a6c8b

Threat Level: Known bad

The file Setup.exe was found to be: Known bad.

Malicious Activity Summary

xworm rat trojan

Xworm family

Detect Xworm Payload

Xworm

Drops startup file

Legitimate hosting services abused for malware hosting/C2

Unsigned PE

Enumerates physical storage devices

Suspicious use of WriteProcessMemory

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-28 12:19

Signatures

Detect Xworm Payload

Description Indicator Process Target
N/A N/A N/A N/A

Xworm family

xworm

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-28 12:19

Reported

2024-05-28 12:50

Platform

win7-20240508-en

Max time kernel

106s

Max time network

448s

Command Line

"C:\Users\Admin\AppData\Local\Temp\Setup.exe"

Signatures

Detect Xworm Payload

Description Indicator Process Target
N/A N/A N/A N/A

Xworm

trojan rat xworm

Drops startup file

Description Indicator Process Target
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.lnk C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
File created C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\svchost.lnk C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A 0.tcp.eu.ngrok.io N/A N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\Setup.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2712 wrote to memory of 2740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2740 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 2920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2712 wrote to memory of 1748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\Setup.exe

"C:\Users\Admin\AppData\Local\Temp\Setup.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef1f99758,0x7fef1f99768,0x7fef1f99778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1132 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1440 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1612 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2296 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2304 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1504 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=3284 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2604 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3552 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1548 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3820 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2712 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3256 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=2308 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3972 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4260 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2408 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4208 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=2392 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=1060 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4140 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3856 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2040 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=3904 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=2608 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=796 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=4296 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=1500 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=2392 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=580 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=3176 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=4368 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=4472 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4720 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=4660 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Users\Admin\AppData\Local\Temp\tslbyo.EXE

"C:\Users\Admin\AppData\Local\Temp\tslbyo.EXE"

C:\Users\Admin\AppData\Local\Temp\xvruzg.exe

"C:\Users\Admin\AppData\Local\Temp\xvruzg.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=4808 --field-trial-handle=1384,i,4112504518793662098,15631134706697075354,131072 /prefetch:1

C:\Windows\explorer.exe

explorer.exe

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.google.com udp
FR 172.217.20.196:443 www.google.com udp
FR 172.217.20.196:443 www.google.com tcp
US 8.8.8.8:53 play.google.com udp
FR 172.217.20.174:443 play.google.com udp
FR 172.217.20.174:443 play.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 www.youtube.com udp
FR 142.250.178.142:443 www.youtube.com tcp
FR 142.250.178.142:443 www.youtube.com tcp
US 8.8.8.8:53 i.ytimg.com udp
FR 216.58.214.86:443 i.ytimg.com tcp
US 8.8.8.8:53 accounts.google.com udp
BE 74.125.206.84:443 accounts.google.com udp
BE 74.125.206.84:443 accounts.google.com tcp
US 8.8.8.8:53 rr4---sn-5hne6nzk.googlevideo.com udp
NL 172.217.132.137:443 rr4---sn-5hne6nzk.googlevideo.com tcp
NL 172.217.132.137:443 rr4---sn-5hne6nzk.googlevideo.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
FR 142.250.201.170:443 content-autofill.googleapis.com tcp
NL 172.217.132.137:443 rr4---sn-5hne6nzk.googlevideo.com tcp
NL 172.217.132.137:443 rr4---sn-5hne6nzk.googlevideo.com tcp
NL 172.217.132.137:443 rr4---sn-5hne6nzk.googlevideo.com tcp
NL 172.217.132.137:443 rr4---sn-5hne6nzk.googlevideo.com tcp
US 8.8.8.8:53 0.tcp.eu.ngrok.io udp
DE 3.125.223.134:65129 0.tcp.eu.ngrok.io tcp
FR 172.217.20.174:443 www.youtube.com udp
FR 172.217.20.174:443 www.youtube.com tcp
FR 142.250.201.170:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 youtube.com udp
FR 142.250.201.174:443 youtube.com tcp
N/A 127.0.0.1:65129 tcp
US 8.8.8.8:53 accounts.youtube.com udp
FR 142.250.179.78:443 accounts.youtube.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
FR 216.58.214.163:443 ssl.gstatic.com tcp
FR 142.250.179.78:443 accounts.youtube.com udp
US 8.8.8.8:53 kitchen-minds.gl.at.ply.gg udp
US 147.185.221.19:65129 kitchen-minds.gl.at.ply.gg tcp
N/A 127.0.0.1:65129 tcp
US 147.185.221.19:65129 kitchen-minds.gl.at.ply.gg tcp
US 8.8.8.8:53 support.google.com udp
FR 172.217.20.174:443 support.google.com tcp
FR 172.217.20.174:443 support.google.com tcp
FR 172.217.20.174:443 support.google.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 storage.googleapis.com udp
FR 142.250.179.91:443 storage.googleapis.com tcp
FR 172.217.20.174:443 support.google.com udp
FR 172.217.20.196:443 www.google.com udp
US 8.8.8.8:53 apis.google.com udp
FR 142.250.178.142:443 apis.google.com udp
BE 74.125.206.84:443 accounts.google.com udp
US 147.185.221.19:65129 kitchen-minds.gl.at.ply.gg tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 google.com udp
FR 142.250.179.110:443 google.com tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
BE 74.125.206.84:443 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
FR 172.217.20.196:443 www.google.com udp
US 8.8.8.8:53 accounts.google.com udp
BE 74.125.206.84:443 accounts.google.com udp
FR 142.250.179.110:443 google.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
FR 172.217.20.174:443 support.google.com udp
US 8.8.8.8:53 id.google.com udp
FR 142.250.179.67:443 id.google.com tcp
FR 142.250.179.67:443 id.google.com tcp
FR 216.58.214.86:443 i.ytimg.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
FR 142.250.178.130:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
FR 142.250.75.230:443 static.doubleclick.net tcp
FR 142.250.201.170:443 jnn-pa.googleapis.com udp
FR 142.250.201.170:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
FR 142.250.179.110:443 encrypted-tbn0.gstatic.com tcp
FR 142.250.179.110:443 encrypted-tbn0.gstatic.com tcp
FR 142.250.179.110:443 encrypted-tbn0.gstatic.com tcp
FR 142.250.179.110:443 encrypted-tbn0.gstatic.com tcp
FR 142.250.179.110:443 encrypted-tbn0.gstatic.com tcp
FR 142.250.179.110:443 encrypted-tbn0.gstatic.com tcp
FR 142.250.179.110:443 encrypted-tbn0.gstatic.com udp
FR 142.250.178.130:443 googleads.g.doubleclick.net udp
FR 172.217.20.174:443 support.google.com udp
FR 142.250.179.67:443 id.google.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
FR 142.250.179.110:443 encrypted-tbn1.gstatic.com tcp
US 8.8.8.8:53 poki.com udp
US 104.18.144.9:443 poki.com tcp
US 8.8.8.8:53 apps.identrust.com udp
IE 2.18.24.8:80 apps.identrust.com tcp
US 104.18.144.9:443 poki.com tcp
US 104.18.144.9:443 poki.com tcp
US 104.18.144.9:443 poki.com tcp
US 8.8.8.8:53 a.poki.com udp
US 8.8.8.8:53 img.poki.com udp
US 104.18.144.9:443 img.poki.com tcp
US 104.18.143.9:443 img.poki.com udp
US 104.18.144.9:443 img.poki.com udp
US 104.18.143.9:443 img.poki.com udp
US 8.8.8.8:53 t.poki.io udp
US 34.120.56.101:443 t.poki.io tcp
US 34.120.56.101:443 t.poki.io tcp
US 34.120.56.101:443 t.poki.io tcp
US 104.18.143.9:443 img.poki.com tcp
US 104.18.143.9:443 img.poki.com tcp
US 104.18.143.9:443 img.poki.com tcp
US 8.8.8.8:53 v.poki.com udp
US 104.18.143.9:443 v.poki.com tcp
US 34.120.56.101:443 t.poki.io udp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
IN 142.250.192.3:443 beacons2.gvt2.com tcp
FR 172.217.18.195:443 beacons3.gvt2.com tcp
US 8.8.8.8:53 beacons.gvt2.com udp
IN 142.250.192.3:443 beacons2.gvt2.com tcp
FR 172.217.18.195:443 beacons3.gvt2.com udp
US 8.8.8.8:53 api.poki.com udp
IN 142.250.192.3:443 beacons2.gvt2.com udp
US 104.18.143.9:443 api.poki.com tcp
US 104.18.143.9:443 api.poki.com tcp
US 8.8.8.8:53 games.poki.com udp
US 104.18.143.9:443 games.poki.com tcp
US 8.8.8.8:53 game-cdn.poki.com udp
US 104.18.144.9:443 game-cdn.poki.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 5dd28e51-015f-11ea-ad56-9cb6d0d995f7.poki-gdn.com udp
BE 74.125.206.84:443 accounts.google.com udp
US 172.64.145.186:443 5dd28e51-015f-11ea-ad56-9cb6d0d995f7.poki-gdn.com tcp
BE 74.125.206.84:443 accounts.google.com tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 172.64.145.186:443 5dd28e51-015f-11ea-ad56-9cb6d0d995f7.poki-gdn.com udp
US 8.8.8.8:53 devs-api.poki.com udp
US 104.18.144.9:443 devs-api.poki.com tcp
US 8.8.8.8:53 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 imasdk.googleapis.com udp
FR 142.250.201.162:443 securepubads.g.doubleclick.net tcp
FR 142.250.178.138:443 imasdk.googleapis.com tcp
FR 142.250.201.162:443 securepubads.g.doubleclick.net udp
FR 142.250.178.138:443 imasdk.googleapis.com udp
FR 142.250.201.162:443 securepubads.g.doubleclick.net udp
US 8.8.8.8:53 s0.2mdn.net udp
FR 142.250.75.230:443 s0.2mdn.net tcp
US 8.8.8.8:53 321b8a7b7a5d53da2bf9fa3e48898f16.safeframe.googlesyndication.com udp
FR 216.58.214.161:443 321b8a7b7a5d53da2bf9fa3e48898f16.safeframe.googlesyndication.com tcp
US 8.8.8.8:53 tpc.googlesyndication.com udp
FR 142.250.179.97:443 tpc.googlesyndication.com tcp
FR 142.250.179.97:443 tpc.googlesyndication.com udp
US 8.8.8.8:53 ads.superawesome.tv udp
IE 54.229.199.182:443 ads.superawesome.tv tcp
IE 54.229.199.182:443 ads.superawesome.tv tcp
US 8.8.8.8:53 eu-west-1-ads.superawesome.tv udp
FR 142.250.178.130:443 googleads.g.doubleclick.net udp
FR 142.250.178.130:443 googleads.g.doubleclick.net udp
FR 142.250.178.130:443 googleads.g.doubleclick.net tcp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
IN 142.250.192.3:443 beacons2.gvt2.com udp
IN 142.250.192.3:443 beacons2.gvt2.com tcp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
US 34.120.56.101:443 t.poki.io udp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
US 8.8.8.8:53 eu-west-1-ads.superawesome.tv udp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
US 192.178.49.195:443 beacons.gcp.gvt2.com udp
US 192.178.49.195:443 beacons.gcp.gvt2.com tcp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
US 34.120.56.101:443 t.poki.io udp
FR 142.250.201.162:443 securepubads.g.doubleclick.net udp
US 172.64.145.186:443 5dd28e51-015f-11ea-ad56-9cb6d0d995f7.poki-gdn.com udp
FR 142.250.201.162:443 securepubads.g.doubleclick.net tcp
US 8.8.8.8:53 ads.superawesome.tv udp
FR 142.250.201.162:443 securepubads.g.doubleclick.net udp
FR 142.250.201.162:443 securepubads.g.doubleclick.net tcp
FR 142.250.178.130:443 googleads.g.doubleclick.net udp
FR 142.250.178.130:443 googleads.g.doubleclick.net udp
FR 142.250.178.130:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 www.google.com udp
FR 142.250.179.97:443 tpc.googlesyndication.com udp
FR 172.217.20.196:443 www.google.com udp
IE 54.194.33.184:443 ads.superawesome.tv tcp
IE 54.194.33.184:443 ads.superawesome.tv tcp
IE 54.194.33.184:443 ads.superawesome.tv tcp
IE 54.194.33.184:443 ads.superawesome.tv tcp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 147.185.221.19:65129 kitchen-minds.gl.at.ply.gg tcp
IE 54.194.33.184:443 ads.superawesome.tv tcp
IE 54.194.33.184:443 ads.superawesome.tv tcp
IE 54.194.33.184:443 ads.superawesome.tv tcp
US 8.8.8.8:53 eu-west-1-ads.superawesome.tv udp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp
IE 54.194.33.184:443 eu-west-1-ads.superawesome.tv tcp

Files

memory/1976-0-0x000007FEF52F3000-0x000007FEF52F4000-memory.dmp

memory/1976-1-0x0000000000A80000-0x0000000000AA8000-memory.dmp

memory/1976-6-0x000007FEF52F0000-0x000007FEF5CDC000-memory.dmp

\??\pipe\crashpad_2712_QYGAMJTXHJHPLQWI

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

memory/1976-92-0x000007FEF52F3000-0x000007FEF52F4000-memory.dmp

memory/1976-94-0x000007FEF52F0000-0x000007FEF5CDC000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 4fa7a5540bc55628a9a4cb8c1a48ca14
SHA1 bae64d0745b1d7e363852933b7449e5446c778bf
SHA256 de445731e3dd19d321ef458aa33f79f16841461c5d828772a32baa7cc87c1d19
SHA512 5838665fba9669fd01ef9796ac0a4ee8fb47f5347b8b0e0049bd051af9c5e8d912d4abd18785a92be3a9d8b831cee113532dba9ad89a4eb78aacf0f28e222279

memory/1976-162-0x000007FEF52F0000-0x000007FEF5CDC000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ecf37177e0a5512fef722df0862a714f
SHA1 87a6d427ba6c33fcc6b5ee94a17cb3e1fdd1b45d
SHA256 ecdb00da31831dd0e18f6544049653b462c3c7b81d8afdedf7747f37815d2159
SHA512 0fe5d4f80406628702472073daf0e043d631fe30f409f47f8f523dd4551f2999a5e1d726f6778b854a9fe891da40ea6b1c345acfbd5a716680cadeb1bba6f567

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c15653107658d4ba5f46693b8e3246f2
SHA1 1ff050ce54c08532f5fcd148d4745942e28d617e
SHA256 69f329eabd7fc22ff7aaf13dfaee5c85e9605eeaabf19a5b91e3b15ff0050e46
SHA512 f71669c48d6efe13a5ceafcec7e7f49a621d713dd05f64b9a5bb5691779ab03199720929e2397b473bcd2ad6a76fe72164618f113a3b56c6e7d9bb0825a3941d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Temp\scoped_dir2712_95727232\Shortcuts Menu Icons\0\512.png

MD5 12a429f9782bcff446dc1089b68d44ee
SHA1 e41e5a1a4f2950a7f2da8be77ca26a66da7093b9
SHA256 e1d7407b07c40b5436d78db1077a16fbf75d49e32f3cbd01187b5eaaa10f1e37
SHA512 1da99c5278a589972a1d711d694890f4fd4ec4e56f83781ab9dee91ba99530a7f90d969588fa24dce24b094a28bdecbea80328cee862031a8b289f3e4f38ce7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Web Applications\Manifest Resources\agimnkijcaahngcdmfeangaknmldooml\Shortcuts Menu Icons\Monochrome\1\512.png

MD5 7f57c509f12aaae2c269646db7fde6e8
SHA1 969d8c0e3d9140f843f36ccf2974b112ad7afc07
SHA256 1d5c9f67fe93f9fcc1a1b61ebc35bda8f98f1261e5005ae37af71f42aab1d90f
SHA512 3503a0f4939bed9e1fd5e086b17d6de1063220dffdab2d2373aa9582a2454a9d8f18c1be74442f4e597bdba796d2d69220bd9e6be632a15367225b804187ea18

memory/1976-407-0x000007FEF52F0000-0x000007FEF5CDC000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c3e3a4698e4587ba73ac6bc7ca14005c
SHA1 76eee42369d410e9a8b486e0b7e0a9996c5fb86b
SHA256 fed037001de664280c847134dbf6e79f8b8c217cbabcc10d57d7fc70217716cc
SHA512 ecaf45b789dc68025b2441a624f7464ceb57750d35eab7262dc3ed60c4b51768d8556f6eca3d45b0a671bd57e67d540d724425a640358931a4598b98f174ed7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 88f9746ff1d5effe5315eff8f46bbe43
SHA1 cb7ade6028df651cf1cb48177919cb3d51f5596a
SHA256 8d24a77f94a0676b9176a00c174f423520242f0e4863cc5e025368a7dd63b2fd
SHA512 403f5a501adb59bba4106aa129e4786334dc5ce56473706e26f03927462a135fae06622ca323f9da5624b72c0eafd14363e53209b8c545e4a04d352f80b062a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 36ef6a4737f69455f6c5dee816fbabc4
SHA1 cbc23f537349af9e0c43996a00df767353313399
SHA256 92f4fe642933f2aae23f94e95603624c7e5a7c8d9110374a4dc50539ff272bd3
SHA512 1748e873572a1c1fa0324ba6d1fbea9ffacbb17956fbbc8ceffa326b8021e4e6882af4488034e94ec3e0df8b79c033da9d9a08f265a1daac97ce85a85d0ff899

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6e82830036a61a9976cce5bb228beb86
SHA1 124ac2cf026a6ecc091c9993b1eae0eba2828312
SHA256 61b2c074c98082dfa241a7528c57a940ac1edbf9a59c9ec36e655544255149c1
SHA512 bc0ab1277f2417ae3fd4782582ff9089ef42fb5755808682317903d517227a88aecea6482c165f78e9cb2ef60c9d0078f9bf39726d8ba01ed0519b8c5d268de5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f83efdcc86d427b99e5e19bac0a187c1
SHA1 a72884efc4f24ec0c3b1d7399d0687c94ac46bf8
SHA256 dc80e20ed1ce7e321795d45367a423582b71ed1f8da735ab51b5a1b1f85dd740
SHA512 19319ad33ad2cdb913cecb6b4b86cf31dd855ab8530c20cf53507bd6c15d966ecf4d6700aeb5b0b34b7de1ce27bd1b5a66473804c8e6f1f18e7f3ef1604cc6cf

memory/1976-505-0x0000000000370000-0x000000000037C000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f623f237339a3c9e073a95bd77522c0f
SHA1 4e629e8c1f6ececce077ebfae482a166dfd4ce42
SHA256 81974bbdae46df1e89dcd64e0a168689485de66c46b265781f5679535fe0400e
SHA512 b45c4b23b5864f9f76b16e31201546ca893273884e529ba265272912d6853c40ee9a2d78205d56d28597fa73bffba8fba4b1b59f042e1e5e19324203e100d588

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\3772d34e-1eba-4019-b302-d2246fa6cce6.tmp

MD5 9ce5f86ce803c970cd7c1d006d6dc409
SHA1 d231b85ff987c67960313e494569cd2d47bfed71
SHA256 6a7bc9f70466715422bbefdecde092506ada7d4361598fb72c1a2086e80f7624
SHA512 4236429772d48efef535925e416b9adc6b6abaa442d4f61bf897725cfc1124b28fa674cebb55217ade3f2979a0a83c8fe4bb7b352acb6d49f6105025480230c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 77ceca472893449a80eb867c17acc5c4
SHA1 a33666abb01d9fbf21a71e4bdd69642d70149315
SHA256 c051b4c74852e8fb804f592199026e1295d4db545b1115e6cef939ff83d68667
SHA512 0f37e79b29581b3f338b3b30735d5b6b1ba65f20311b22acb0046991e34f11da7e23899c8ce7d6825cf3985ae9e6bd5bfe483635364f0207933381b47bf0fef6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 174980899e731ff0583d9eba6bf8beaf
SHA1 969292c80c70a5cda99cb05182b58a7ae69fb44f
SHA256 3d31f94fc57a0b0e44734a36977d8a4b3791d81848d8e218bb718d08b1d6b176
SHA512 80006eceea255de973419e7980e0dd72525afc60ec0e8982dc992b51c596837093e49f2670245d01524adfd53e86ba87365dac6f13548a6ef176abb584c2da5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d7e5254c7b0d215b612d8eb80bafcb35
SHA1 9a734d93ed565c461e09ee13cbb271c8e0caf937
SHA256 5f6308e1ac2f55074cc7074062a062333cc197501954c3f6a5abd687f86a6a77
SHA512 24bb5d49b50a5ad7baa91f1649247953208ddcc453c677c96f8bee2f87a78d7b28032909736072e8204b89a25b132c1b5ecd49a4f96b62983a599356d2c70af1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ccf8edbff04b672406ec6f2e22b08026
SHA1 845e71e43c427039585d66b00b1cee97c7798e1c
SHA256 85ddd93712254f41c60625b5517899ee06e0b62e8ddc74e71b774ceb2b7bb9f1
SHA512 9129ac417a3fb54e103cc2a1b2cbeb629f46f62b07101daae72c1002d2de08ab04af72998b523ea64fdfa97a1dfc73e9393690947fdea540dd58e19c698f1d89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9a5d9767ccdd513ad99904664f359121
SHA1 20f0cb84ccff968256e2b1569dac4f816171ffe5
SHA256 8b96bb51a6106785b434652124a4a836ce6686ebb84ebc26d17f0b12f7d9e16f
SHA512 2c3ababe754794c4eb746356c8a03c43e3a7a4b0a2442d621e284a70a67c207ea9b97048b91b8ab06d36ac1afc202f782fafd28d98dcda457a8cabfa655f14e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d4eec50487bf5cd6f6358492e70d0f04
SHA1 33b51e98de202c938fd6a80f699d710d84f016ac
SHA256 5ea4321e709127737c258e07512b344844d7244576d67218ddb44c48e04cb835
SHA512 92de2be5a8483378fb1e41a3a29f12021a9e4a05523fc1515f809e1d590fc9db7b299b6d17a00a64ce53723e49ad021a274a2d73ec7806904535928429b908d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 afd6807354a65edce79cdc6428d905b3
SHA1 5fb7eea88f525675bd030134493b1f2237682a0b
SHA256 b06113a9ae9d6133755611a6b1a41abdf4903d9bf060ebb00ea9880e35c36c6e
SHA512 409bdbc80088d2776c0daa786a3dca4cf46eabb73a81fbf21a39085b9d98f4972a5993ee00d56a6b7d079556d7eed1d271a56e42f88a03cda953f15413fd5317

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ba5e0175b00b7da8af3faaeedf3bd045
SHA1 ca32f837bc7cc5d74e21d31321b9127ccba8101c
SHA256 a663e6d95ada92ca0c040aca2a40a897f87750820862ae114558b37ba79587a8
SHA512 7f55328e17291410c4d206db72e9292f5522e4b029525519bf08482e80ed4bafcfce85bd4ec898e93c84f2294c79eababba6eebd25158cb134004b22c9b103eb

C:\Users\Admin\AppData\Local\Temp\asziwc.exe

MD5 7320032b2b46c07b4a432745829223b3
SHA1 23386c3d89290ecc3d47c4a626cc7cc68ad2ef5a
SHA256 834ae4c2ca0b332fafcc6abb2ce7d5fa4c5ffb1778fc1280fe1f09f65f1ecc9a
SHA512 312ce17c8b3203928ffd8eca3aa94f3b04194e89e12ff25cffb370722636994f100708e05ab9782ca90756eb92607d6126ab72ee60726d3a0a1dc2320e208684

C:\Users\Admin\AppData\Local\Temp\Log.tmp

MD5 0bce0f9e1caf7c68a1b7e10492ca40fe
SHA1 e6fb193573ee99ae65b040e657d11efc7396abd0
SHA256 7779690fe169219959a6110b2ed16563375481dcaebb42860983dfd18e0b3599
SHA512 1996f4cff475017d01eabc9466fc505ff7fae5f2cf1a2311d4b0d529d6cbe3d68df32d65bba3e1a73eedf84ec52b4555ee1eb076afa3faa73965243fe06d66b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4ef84a974be91dfb7a3e61c283e0b8a8
SHA1 4d526558d5659bea302ddd8fce554fd25849743b
SHA256 16cfc7740e9dbd7f4af1a3c10f836f66d3dcdf04ff5fca4c30bf385de008a772
SHA512 99e1a2fde8ab60af8f6ef99641e1946892c55dd7cb69acc2cdcd0c15c5540608618249a85d4b33f4f99d8dd4732c00eb9fc65d1093533cfd5f9e2e56ad71ede6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\903b8818-e8f3-4c19-ab27-152d44d3d6c7.tmp

MD5 7895e5b3edb975bc446903caba6ee1c9
SHA1 8dc03c7e328ea1fbfa33da0e5b6ab23646e85caa
SHA256 60f698390a1682df01f0cdac620b4c597eb0572bdabfc156a9742c8be5eed4ca
SHA512 597985d7b6f72770051b877e6c186a6cae83e54a72d23cd484930c49b2fc9e06010d34270e0202010b1ef4f3c4292b61a6b05d7e13585e5d948429b0fe417e8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c6d912e3ce7b5d1d76696102fbb771c7
SHA1 8941add3a9ec857efa1afc781343b3e1716e9f1c
SHA256 7933b071f42999a602ea1c02c965e6f2a59c3c0c9c2da129f0375410da17ddbe
SHA512 209100db4fcd9b0daf590d5fee388b2c4b2d4040b978dcd6c309bd0a4adc7510be22135380534329cd663cac253b77be0def23b950ec47341717676c7651d99f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8d136407f5b76d78c2938a80bf2491f8
SHA1 65645014058cc0da83c5d9990c55f33b8a851dd3
SHA256 ed1e15cb760575cde33fb5964946b6d47aff212a967c0401ce866e730cbf2335
SHA512 1a800bd73c60cc57befa1c1434b535c117fe0042898cd05e1afff3f89ecc3425f9367adec5ce1c894703cc8285631e626f6aa89349d25c8e870b960038978306

C:\Users\Admin\AppData\Local\Temp\Log.tmp

MD5 ca79ca396155861c48ff26e7638400a3
SHA1 d50802c39fd43d2ff79d1e1cd7eab3af1b7debe1
SHA256 59f146aaa7c9193d7683a4121fc22b83dddafeb543f4765fc723ba6d23c3e839
SHA512 46986a21663f69429c41a91c65d03307b1234a3d2bd0f68457179e1502688e3ecd08b4146cb91eaea93bb03877bb52aa85c8a2e2a9272f6c447718854ae7fa68

C:\Users\Admin\AppData\Local\Temp\Log.tmp

MD5 56db7e2c3f58d4bb04bdde01a47a1f8e
SHA1 e46e4f50f781b42d1c2c91be13f5e34bd64c9ef8
SHA256 7008ef45b04cc50e36bca23515fe001587f6752c20c531898a634b9ce18787f1
SHA512 6bc4256e5dd2f6bd840f85a6d5dad4fcdb833ae6f8377125b67e1b0f8a3b079c5a19c5257b2e1c71ddecc8d28a450ede96f4b341c4cec0b26db222890d0d724e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 33d2dcc9ccf87d6ed728ab0c46235369
SHA1 249e080a07601d8537b242546067229f49a4aca1
SHA256 a455f1cebb519dc1861af1646224fb2cff08843469c0f346d93efb6745615c4c
SHA512 754e230d5ed0a578559702f43312b2cb2b282676a95218ec3213efb566fed6ca02034bc6dc7ba124afee6f9b766a0680a8e51ea377b998eb2a10d0b7de67f7cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0d7b0054696c5ceeb950b07fa45538f6
SHA1 3b3ef57caf0a9f8168af302e843cc05f57e71080
SHA256 f45aeddb7ee81263c4746fffe7034f1e74f915203604275bd69f4c6cf9acbf1c
SHA512 4ed7a54ad8f7c1463ddc7310033ecda485e6032137ae7975fcdaa9bad30c009edf8f0cccc25af40185cf1b048da51c0bcdd37048c5c6628e5959baaca32255c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1127540f5e67b3e0a946f89669deebc1
SHA1 5baa922bb761a4e87e46fb5182e373b1561e1ec2
SHA256 1049afa73e7f96dce4d1b3566c5bf3df398737928dbd268a777900bf104b0052
SHA512 a047a4dcbf5b8676d0230ed1216d37bf5134048ef6a0f5f8d0d27b79d4716200edd9b530e08b65817173ef0e665284f1e028fbf26cf553048420fe5769cd0614

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3b4ef739f94489bae195a0d26741955f
SHA1 905078392b1ea72bf1f53f22dd9ea46e96124cbf
SHA256 f052f4091313eec3d02d9ecd3f7d37b22b5b06111458667343ac0fdca384e4c1
SHA512 dab44de19ba6a3883b3d8a7bc7660d9c274d6f69293d7db25d98a6252f6ab3f4c88b971718c5bbd4d97d8c5bbdf88f5e87b7028ba5e4de7cb701da3f52ecbef3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 7adc04590dbf9d9a74ece0cac069b216
SHA1 6fb1d0660cdc6a6a8bb1cd6e6cf332116786c26f
SHA256 712aeea3910c48db0c9d7096704f66be290e28dd27221d8dfc21291c4bf01487
SHA512 a66445887c76e3116eb8f2eace1da284f91bd1b7c0f715f18d72b7ec0c2cb7c00c3708721597d61c4f2321b5e3279788fe5a276137cfc5e82d74ed6c34eed86d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 071bad853db2c89526a8afe9746205cc
SHA1 6b19c04d22248d491ff57a129d2c2165d60da7d7
SHA256 75fd4b7587412e8eff037442c62c4e560cff73065b42c6d4f1979960cf92457a
SHA512 c2a40f3eba6e0a31ffa85d59403d882e948d08a1c44f3cbc5b5ca1d705ba88e5ae5e438bb548392d4922e412f718f36c9b532a6bd21979f4deca221cd3f7ffe6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 c356a0c771a0209d3482777edfc10768
SHA1 1ff2d992af8a6f19c30ecbe8f3591f26fe1cab08
SHA256 32381f4549d36fa4583e599adc04056a4da80a6067c6805b7081c3f3f54a27ad
SHA512 561084baf8d65579ead79e79c2c3920ef987384d52ecc11a2689aff95c54a6b823a0c4a8e5b910e60e569450e36563f53adb5796f261f13bbeea59130b81fe3c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 d55cb324a0fc18d5c2990112431d6cf7
SHA1 5c28d64a0b9cf5f317086261d6fc29b218264a76
SHA256 f14890dd74dc7456223e7f0ca796193ab9201f9aafd01b7a69fa2e4a599f035e
SHA512 7e31bdb64d569923d1cfa38a52f026b9a2e3969b7e557bb352d2de8ac3c06bdb730d5816d52d67ed40c512778bd3ff9b0b5fa0d39768a7b0df953200472b9e6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 52d7ca4e85351c7af65824430cba936e
SHA1 1c1edc43a52e85174842347a821b3d0ca1908e3d
SHA256 c1c076f63213a71a8458e0fd5f8ffb19c49d4330b3dbd4ac9f8df4bbd37c9543
SHA512 8ce52604f47e94c6cbd8142cca9341c0c9c24284d9f07f1e5584a36e25ef2582648379b448de413e88431e101481a5e2beb611b096c1224849c6097cba1a6b17

C:\Users\Admin\AppData\Local\Temp\Cab1A66.tmp

MD5 29f65ba8e88c063813cc50a4ea544e93
SHA1 05a7040d5c127e68c25d81cc51271ffb8bef3568
SHA256 1ed81fa8dfb6999a9fedc6e779138ffd99568992e22d300acd181a6d2c8de184
SHA512 e29b2e92c496245bed3372578074407e8ef8882906ce10c35b3c8deebfefe01b5fd7f3030acaa693e175f4b7aca6cd7d8d10ae1c731b09c5fa19035e005de3aa

C:\Users\Admin\AppData\Local\Temp\Tar1CF8.tmp

MD5 435a9ac180383f9fa094131b173a2f7b
SHA1 76944ea657a9db94f9a4bef38f88c46ed4166983
SHA256 67dc37ed50b8e63272b49a254a6039ee225974f1d767bb83eb1fd80e759a7c34
SHA512 1a6b277611959720a9c71114957620517ad94541302f164eb872bd322292a952409bafb8bc2ac793b16ad5f25d83f8594ccff2b7834e3c2b2b941e6fc84c009a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cbdc4373e851ba17aef2b3ba314ea6cd
SHA1 95965575d29fa0822cac8b158777709ff6e99cc5
SHA256 bee96232b7bb35b9b76f527152fae11d748ba7ef1b07b3e6b1ab6ad9c1ed98ab
SHA512 6f519e1aa2546bbb1bc3ce2d318e18a73c0e0f681c90c73f0ab30df5f16145ada320cac7a8f5767f36f54bd01b7ea1059c58818d9c2e0170b6768192ac54be6c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 8e9d59a0834e976849fda9675ea06bfe
SHA1 869945a24c8ff5cd0fd83a2ef2601e999c61a195
SHA256 d253f89c5754470ca91aaeff4d2289d59628629ef6d3f681180bca7dad1a5deb
SHA512 20d5ede99d889801849340c0b43896a7f2da1ad5001e75119116500a8ed751b190a39e3a99b3ecc84da7d19c0719d690277eb776213c383361c802eb6757cbcb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b01dcaec14b388a881cb4920ea3273d7
SHA1 64b6571e845b697fdf02704988033e1a3a908c33
SHA256 104e05ddbe9cd83e9d40a2980a7f900b1a57bd3c7567b8888f6d38a710034f6e
SHA512 f0a05ec165d41755c976b45d599222f6bcf245bbc7ca3b8b699e12717be1902ae81fe5873990cdbeaf693cb6c36e1bc37b046780d5f77578eebc105f81210674

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dbef3e9fcf3c8a0115e4a38e491d74bc
SHA1 133eded3616ba4ab01d69362f5214759947b5313
SHA256 336f3bb72c7f2d8cfe720db24a6fda0475c5acf4532edc7baeb23a45cb66e33e
SHA512 fd633d288b027e161330d2b13c201812b5669bcedfd884aec5fd596c4eff7ea2a55afd726d443f0a4ba47f442cdd5f358cb9e9fa28c12023e6a7de83c6b852aa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0e9cdc841b7da7b8037c85c62ef0aeb7
SHA1 25e4e2e926757e353636ecfe67debc4b019bfded
SHA256 6e45e6f404e9c8aaf3958ffded6297d3fadaf9db04ef9d639bbedaad4c825c7d
SHA512 d92a0998e16ade69de15dc40d40f21a087749bc5f6d5fc0f8341fd4fed43f74ca8eda255ed69ae06765f8f778b62a32344a6ad260da70cb8a40504fb515a5ccb

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 bb8013a4c65e2ce775b07ddaa212823f
SHA1 a0faeee417314d599f63d7f6845f5b0141b4b6c4
SHA256 172c86e4f32bfbffc05a0f1351f387eb90b649a5d9d7a75b7e4e323f33cd417d
SHA512 22e1cc1c852cdb6014701c445e669020241c543f66b1f92a89145dd0558e5003673e6b53567074bb87794c0dc08e4442cc12bd867a03df2867479e3a931039e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 379ec91db6e19f1a152474cb9d2c51b4
SHA1 f6dd76eb7a78f0b3588db57a3f53e15e558babfc
SHA256 1ada08af2df2b20343ca01a9d65649c15ebd17199e7f2087a69f6917a08e0564
SHA512 d29d8f0a1b4b50dbb21cd88764b6b426734aaf59c67e0b53ea4a03db52474b1a4fa6df19ec9a8115edb49f4d6b477e14c84725d8ba30375e0e5fc82f742b7529

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f8e555a82a1f2620224ac37b4f207665
SHA1 cb41f957e54df360f245ee2686305ba59d3f8b30
SHA256 30a02a5b5564a841a484e5e59fd1db5562f51abdd05235eb72997881c3a61e8d
SHA512 fbe2cc4825bb8f30c0a821e71d8bb321d39145bd5fb018f858a0d785ed1dca62ef8ca3b99f5f1f6914a9763c05fa809d04ebc8ee59c39bc3a7f85abbcb2acf6a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bd7d7bab5ff4584908483f8b995f3892
SHA1 2ce4bfd346f4c5bfe651ecf19c6fd16b1b68d452
SHA256 161703711b52f6c66b1edaf99ab091ab39196a37664a3bb8cfc7ab3305141858
SHA512 183fc207431fcbb07a996d4d82050d5dbc4772794994e1a349601115458f615ac246bef048851a366bfceac42cd8097e9368455ec91cf1b8cb1d2710b1b81e37

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 dd2467ab21a2d9125522008681362cbd
SHA1 89121a435eb450b86a1ea0ae15179fbf8de8ef82
SHA256 49f87a9ffb29f7f5f44f94a58220359a6085c0e1570e4122a7f3cb54295c4be3
SHA512 3ffd78730e96a6e049e4c5cbf8d996e61c8021d4fb713448a047fae111b111b70402bb7a0f34b7edd9e50eb3eba075a75ec3a8dc5a559d7c8d9b58af762ca330

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000083

MD5 dd634701f71c9ac9e7075cce58a4f4d1
SHA1 29d0875c4e679462140b5c2b290fc7177da5bb04
SHA256 e18198321cd3254352b1f416e1251c79b5b7bd04184b2be048a0e75c8b433103
SHA512 0bfb454c836e01329dfce5dc35bce212d320b868f344137c5fecba315cb7ab629482de7d15790a01d756e69d2b28133ae307d9b08e85f3e2fd4653426a9133ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 6444c238e8889dd2b1a63ab6103b22cf
SHA1 31dfd23b53f39a7d8ab992e3b3d369feef9043e6
SHA256 61d63ffb50eb50b13d548acc3d769d548b09b67f6c9a3ba786275d8363d82ccc
SHA512 186101259bfc14e776a4038f08b1f126dd23257a3ae32bbcba3c7b4e6c9ccee6d88b0e6264423bff4a51b6985fcea21c8e18aee1496ea6cfcf0766a77fc65056

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 527fed3ed52e5191f6cf4ea13153df46
SHA1 d935934e460471c9c568af19e65851e5998632c8
SHA256 17379ddff92de3ef1776daa764a189e8c14fd5f7735386121da87b6a5e002d0f
SHA512 f6cf817b0e0b22ffb8dd71b56fbf6b626a3aaf42ad9ddd99ce428069e371ef0791408ae7440a5091888cb7449319e2e92952b54879aa6521cf3fc1ee4d2b20a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3ffc1780e492b824dc4eafcaf245c529
SHA1 d7e9f09f26f97fa247a62d4b580bf7938271e5d2
SHA256 4a6b88666a3111ffc6be07b3c0571f8f2fd8dd5f10aeccc638124de796d3aed6
SHA512 29d9141d08fa0f2d86e98becebfbe5ec43739edf81e5983a99371f6ead6ee4724c7818e5ab774abb52ccee9e184f02e298182a39f0fee4e580fc0b048141affc

C:\Users\Admin\AppData\Local\Temp\tslbyo.EXE

MD5 9469ead70e0c55fa944a630699105521
SHA1 26fc9a5eface3e45c9f582598d9af81e457c5b8d
SHA256 a980a6edfe5500d87ac809678796c4c0e9c66a95033a34bfd65329ffbcc32880
SHA512 39533924d21a5c9e73e71f670444836f6a8cd21ef94f35339feef64ad7190b9c904d2170f79fb24263553bd52a6eed49b5e63937c3c6d6d29c6dce1f25a089a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 07bdf1e41c3369ce40aad7a687d8bb20
SHA1 4a7ba4899c608032902152b9cb1d694dada135f3
SHA256 573ffaa3395c32a70d959ab0da5d2f51e6da312805bb14559a0f5685d3222e9e
SHA512 fb717a505c8d4c4cf82f440fab9fc30c83fc800e4c7adec552745461c3de02248a949d9bca756ad630c50ebc39ef2977f76276e0a16ae8b98894cb0883b4cc49

C:\Users\Admin\AppData\Local\Temp\xvruzg.exe

MD5 ebad5e33a7d7a12641ea3957d0b42f67
SHA1 216a12ae4d5787e33ec86af43072ed3ffe2045ff
SHA256 ad7bd828f653e6d3fdf3c55093b3416a11b897f91572e9ba7855b00da222893e
SHA512 32a9e50250da0c4dd4e684a6998bd53534e40cbdc8d7f40b4e76ddb673f2c1f087affdd7cc4d54d357392541063c77e2317c208f22abe605bc9d895de1874c48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\e29f4bb9-3b2d-463c-88c3-1bdae1ca8114.tmp

MD5 70d85bcdd7c8a75b01b75ee2b3f75274
SHA1 468b5f2333e9d565dbcd559e875470c575bb2870
SHA256 aef410ba53e556be839ca1b3b81154566b84d7f5847053131a742048d0b105a0
SHA512 f73591bc8ee42864dd1cb72b272b9a62c77738e8c8496bfca1c464a761cb6ca35029453a94c072a6d56fe7931f28fc53a8d9906198be49e538fb5860d07c9240

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 335bf58bad59e4fd845e77ef38fdaea8
SHA1 5ddf658d3342caf53d8a74ed8b71db4146c83e42
SHA256 39132a0d5908a314457a6ddaa91b89b2f9083fb4f62332a0322f482c4d20cd81
SHA512 7b3798bf33ea8a0928bfeffd056c2f4eee46516fe23537b1d6309a51868729dc784773cf9897a769c3ba8128815ba7e3aabb43db675009234f6c5d21f2e851a7

memory/1976-1875-0x0000000002150000-0x000000000215A000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\f6ac4e8b-9a87-4aba-962b-66a37fbbbf9e.tmp

MD5 7169665aac4591ef3a0c421009f7278d
SHA1 fff83613799dbc4ee727dd236420f73cdf5455f6
SHA256 ec4a07ea0bcbd0c247eabe548dd7129a5b74043e670fe33549926e9b6ac93ea3
SHA512 48a27121423f26d7f2c3170aa17b5a072410f4e04cf7965aaf54d15ce0fcb56347814f1400fe39918d28a65bdc1c6135ea781ebc0f6609718bb91cab8c73757a