Malware Analysis Report

2025-08-05 15:53

Sample ID 240529-j82a4ahb54
Target https://github.com/doenerium6969/doenerium-fixed
Tags
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

Threat Level: Shows suspicious behavior

The file https://github.com/doenerium6969/doenerium-fixed was found to be: Shows suspicious behavior.

Malicious Activity Summary


Legitimate hosting services abused for malware hosting/C2

Modifies data under HKEY_USERS

Modifies registry class

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Enumerates system info in registry

Suspicious behavior: AddClipboardFormatListener

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-29 08:21

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-29 08:21

Reported

2024-05-29 08:26

Platform

win10-20240404-en

Max time kernel

195s

Max time network

301s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/doenerium6969/doenerium-fixed

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A
N/A camo.githubusercontent.com N/A N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133614444838014038" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\History\CacheLimit = "1" C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Content C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Content\CachePrefix C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CacheLimit = "1" C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\History\CachePrefix = "Visited:" C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Extensible Cache C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Content\CacheLimit = "51200" C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Cookies C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\History C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2448 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 1728 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2920 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2448 wrote to memory of 2376 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/doenerium6969/doenerium-fixed

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff887b89758,0x7ff887b89768,0x7ff887b89778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1932 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2096 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2864 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2872 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3780 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4748 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4480 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\install.bat" "

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\install.bat" "

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\fix.bat" "

C:\Windows\System32\NOTEPAD.EXE

"C:\Windows\System32\NOTEPAD.EXE" C:\Users\Admin\Desktop\doenerium-fixed-main\install.bat

C:\Windows\System32\NOTEPAD.EXE

"C:\Windows\System32\NOTEPAD.EXE" C:\Users\Admin\Desktop\doenerium-fixed-main\build.bat

C:\Windows\System32\NOTEPAD.EXE

"C:\Windows\System32\NOTEPAD.EXE" C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat" "

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat" "

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat" "

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat" "

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat" "

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat" "

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat" "

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xd0,0xd4,0xd8,0xac,0xdc,0x7ff887b89758,0x7ff887b89768,0x7ff887b89778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2016 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2068 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3108 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3232 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4504 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4652 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4752 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4884 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5044 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5352 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4496 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5364 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:1

C:\Windows\system32\mspaint.exe

"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\Desktop\doenerium-fixed-main\screenshots\1.png" /ForceBootstrapPaint3D

C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe

"C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe" -ServerName:Microsoft.MSPaint.AppX437q68k2qc2asvaagas2prv9tjej6ja9.mca

Network

Country Destination Domain Proto
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 camo.githubusercontent.com udp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 185.199.108.133:443 camo.githubusercontent.com tcp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
FR 142.250.178.138:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 138.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.112.21:443 collector.github.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.112.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
FR 142.250.178.138:443 content-autofill.googleapis.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 21.112.82.140.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 codeload.github.com udp
GB 20.26.156.216:443 codeload.github.com tcp
US 8.8.8.8:53 216.156.26.20.in-addr.arpa udp
US 20.231.121.79:80 tcp
US 8.8.8.8:53 131.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
FR 172.217.20.196:443 www.google.com tcp
US 8.8.8.8:53 196.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 163.214.58.216.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
FR 142.250.178.142:443 apis.google.com tcp
US 8.8.8.8:53 142.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
FR 172.217.20.174:443 play.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
FR 216.58.213.78:443 clients2.google.com tcp
US 8.8.8.8:53 174.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 78.213.58.216.in-addr.arpa udp
FR 172.217.20.196:443 www.google.com udp
US 8.8.8.8:53 67.214.58.216.in-addr.arpa udp
FR 142.250.178.142:443 apis.google.com udp
FR 172.217.20.174:443 play.google.com udp
US 8.8.8.8:53 162.20.217.172.in-addr.arpa udp
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 43.229.111.52.in-addr.arpa udp
US 8.8.8.8:53 18.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 91.90.14.23.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp

Files

\??\pipe\crashpad_2448_QGYHBVFDZVGFBBZF

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\Downloads\doenerium-fixed-main.zip

MD5 4d00748da35862747e574178ca73072f
SHA1 cae0571ee744d98ba987dd01c03f5074683faee5
SHA256 4cd1f379313a39a3947c35cd1d6dafa5bcaefab5ad2b55af8d76fdeb416cc7ad
SHA512 f7f3190b8c19e91381be7853875d553c1d69e1b070b00e657a0ea2b24add04343f80ce6ae7c29641e4b2f346d94d2908edb23f4a6b4e88d8780aad8c7aa9b9a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 3910c5d93678746065cd687627be4820
SHA1 ce2ff670fe060bdd729642b841f4aabac1ee1df7
SHA256 8f6fc5dd012a13cdb51a9ae97b71deb2de3fb1ec17b59fede35ab720e29fd04f
SHA512 46b31b2a72bb56ff6ef71387bbdb87282caea9ab531b045707617761971dd80176b09947d99fcc2daf93f5af0ee841a0fe6e5f9169e2b371ce87f13af9d49e19

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eb187f3bcb8c6833e3dddb3e0bcf60d6
SHA1 9f12b0a5e264c6a5538df82799cbca8940707fd6
SHA256 b5acc9c3d4e72a1e2a4385cc17a3dcfc8732cfb9cb5bbe8bcbab74f1594083a7
SHA512 d03bbff609bfea28518586099a58b6fa87aeaa7edd279e81508a22a527b9df22fd383d10c3f196e74d33a58963d6203b31692e82e5f299dd6225063ed3e0bd89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 6dfd5f213d277435fedaec9889984773
SHA1 4acf61dcdd0c5cced40157576e43b5f678b79166
SHA256 543e69ad0730287f50a1a6d0f98baf66204edb8ff4683f6ace8dcef6a0e5a333
SHA512 ba993f7761b12eb2c08d5eec92ac392b6feaedc849ad27c9ccaac1dd5265d8f9bb568d72e8a6b40fac0bcc7e44c41c1ef13675b13dd0cb083bb56ae8c5124ddc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1ffcf807f42add750ae6186bd2aff378
SHA1 6def88c23c7a582c781fc82374f8bf2a1e289453
SHA256 39fadc2ac9f3b0073518cfa219e2fd61853758a1bff814037416d4a034cc9a73
SHA512 4652213c2ee66a3350e19a15f577bfef727b21f6163004d3c74b7539c370ae85caac22c4d55e7c601af5f71b9b9c78a73fb5a799198c359221771a8726e3aec0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e929bb64e87f995d2b2a6d17eb19626a
SHA1 bd1ed1cb71c75e46f5ca910bd820ecc118da1746
SHA256 09aca54832c54e956539a9fbdcfb943923ace9af541adf94c2f02dadae330c75
SHA512 24f733aa0d8d213becc8085a97984b15c6082e365ecc17011c0920ac24342737eb331956540b340b30f0f1673f1584d4ade445b3a8ed7fc22a79e8c1eadf2861

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 c64929d71f8769929406b672778db163
SHA1 9dcbf05f8029ec6263ec43b6958a54626adb62d1
SHA256 b8d3e55babd999d4d2ada4cdae8d09b2b34321266395960c07ec811d08b91a0a
SHA512 9ce6eaea812713c9dc9de55875f5899b21b34e2fd09666590f0a4b3a4c6b3dcce382c5c1e73e01f4066c4b99024cda816ddb324701deabf2756c76e6f5977332

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 9eae63c7a967fc314dd311d9f46a45b7
SHA1 caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf
SHA256 4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d
SHA512 bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

MD5 63f276a675bdc575820c3985a1dc1d0c
SHA1 7a5cdee22af117418c75d3cec1f0853dcc22be14
SHA256 a673797553be70c55b67334dc52f3e977a96a41ff49dcb21a2ae7c298300707a
SHA512 50d4ae4e2ec0925d7c767f5240688921c0a8dae59e85be51981552fed3ab839ad99c34085da3405f3d158a23e5cffd2400d548149b64602d28780a60828fd7e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log

MD5 5d9bf818f3b476eada94a2125820234a
SHA1 7e872883d7b58991cf5f593be49a8c0fc9429998
SHA256 79489fb59120fe1e6fda9adae9abe238e5a78df54974c176b23d7837e0a2cf79
SHA512 12a39cbcbf87496803a660fc3c74c54e29cc5a0ca79ed151081c61bcee618e49e8306af4c933d1efe01fb2d4e5dc8a6c5f58e42d3c837587010c805bfcd95f89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

MD5 ef13c3af85c794fe036c1ee5d94fed91
SHA1 3034fc7283976d05fa1152a7cd60cc92fdfe8483
SHA256 d4c9e60f584e02269b7c1c7837ee9480c5371bb86566ac288a042aa71bbf9682
SHA512 8b591edab4d24199b321f6d1cb6357d01ca7258e83748cd81b0d88a062858a025bc87d01dd1f9c1ffba3d82a569f98957fbb989c56708e00e2f03a42a512cdd0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

MD5 9079226d2b1b999d16a7e7ea4b7136e9
SHA1 5d85b3c13516105cafc722d320c6ecd30a414a61
SHA256 b7064b22366097213c47a7b7f758378d927025442eff43b7dcfcbb0988a5f30b
SHA512 e6ae8772a7b8ce3cafba9e36bab93283589c49aa2ef6d7363de58f7d263c72d96f1f14440eff9be0ffb4829829a04deb8b4e491b9136efa05eff65202b17aa7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13361444488357515

MD5 1965e1fbb9bac574445b8dc8524ff216
SHA1 6bda31914e51f3ae07f381b9d040d895484b2d4f
SHA256 04214deb6c26cfa031c6a4642b9f90b422fe14e012b18db6274f00f390b2ce9b
SHA512 0ab2a56636f135404d3d61abc906cbadb862f9bba6de6dded7451cae95baf946b1ca573cd6f0b54cd14484a8ad62dc53ec201a2fd2d9097d324bf5fbb7ebf9b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

MD5 1ec347267124d1a859c5cda03659faaf
SHA1 b29683af47d4d774a30b676f65eaaef23165a715
SHA256 da2dfcf3cf40083e04c6b3e44cef5aa859714be719b2adb7881b88bb7199d50d
SHA512 feeefe697e30444b4eb5cd7050c9552ac4bfbd11ce9718a553eb23f48c49fc32111c4fcc04252226faffeef5800aba98ac9fbe1853ee35201b58448d84863bf6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

MD5 a50e3b99572f303cd907a5c3c4802a37
SHA1 5d3bd275bcbce0cec08f9e4f047a65c29c8e6710
SHA256 f950ee69d63c33140bdab8ffd6368210608333c58bfa9c5baae3722fa2607d97
SHA512 d7f7336ebff1e0babeec67f68c185007467f24822f0a43e2f286a71566ac7721d1e4e871e20968a63b671fe4375af4319d410591985ab4f0c08090ced1a19724

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

MD5 1a538e6e8808593e8b1b2a7bfb502e75
SHA1 bb8dc80030de5a4328eace548705b38154ab8fe8
SHA256 fed5fd98603ea39883def22f4ed20d59dd2a4e6b2d740224c79ecd620a4714d7
SHA512 98340a5ad67223448498386971636cc3da270253001b29b9e23f0c7250e1bcc62272935f68b2353c7f75fe28033ed8e0b4b623fb7976f447d444089bf8951ac8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

MD5 3917be26217f3a3d1aef7abc0bd05f1a
SHA1 4a65f577ec5528970e6f684b1fb47b3238f3869b
SHA256 1fe1131cb3c2750f91cef4e867f2b1bb54fb46239efb00dd54165bd2f58e32a4
SHA512 1050a742a71fb322e630a10ac40dae65e791c753f87f2d4e811f6db067947fc1be71ba40fe18ddc646f10e5931b64f11b135a270e677d395a7fb4b5068e97eb1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 09a4b234ee3547169ef0b63f16f2e278
SHA1 1ee3f80d6a1b851ce9227ae263a4a2425a5be3b3
SHA256 c14072d77e6c8ddb3d16d9b24b76bc09fcd9607845ff8f1a29734cd3ba86fd17
SHA512 1cdef1967a87dcb7be85911af74e69b18c69a5b8ebb3f6a62d51e1fa6863da7710136cc577475ad9621afc18a86caa504e3acbedf0f58450ba5dbb1001948081

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 354c135393c9f9fe3195734eaa4c9db7
SHA1 37ffa8322a4d6f0172dba60d0e0a709d48f3cf52
SHA256 1229c128656bd1b7ce3b1b4629706322c8027d01c3d3df9ddbec137fd3ddf8c0
SHA512 399c2f74da11741e2f7728932de2e9b307e7078994adea61a4f740c33264b1a0d6cba63fd861e256b39a1f6042dda7679ec698b66fbd4933c6e31e24e7a4873f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 0b5d490a9a2e1e18310c2872b425efe9
SHA1 f607277a3d82a89d9a47bca029c416c9c2ff3259
SHA256 c06732f1bf72b0787fe35a42941948980c0d1c3a6429df32a4675117d5d9c7f8
SHA512 7cba753dd7482b28fe20f50ba0bebd5039c2d3c2a8b62abf706e64d35e6e40132c7460b6607ff2eccf43ecbaece27bff5be90652538b15ed3d277ca317510398

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 c689529c19bde63fd748831964e9ecf9
SHA1 27157ce8ec1f86cc25ef593bd88fa2d90ed125e0
SHA256 b3379b7298ffbd6353497416f0e1a85a40a355f05a657ebc95f79a134ea7d820
SHA512 24242457abaed87363b8db9ebef08674861c343e610e6c69d1f630b16bf0eac8868944c255c97e4518095a9e2574afb042ba349a2fd357d4873afda2d26f1b38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

MD5 43702d9ae5b30cf65d42dc2670809932
SHA1 c333b4bf8ef103ca05b536ec891167e679168e91
SHA256 d424105b663485b0d1f31221fc8e4a7340a3310e5af1ef92ca7a551aed891341
SHA512 ac7531c652f6af4b863fd0a3de0074f5e5ed9582d532f58ef354319e7ee00352a7d0f5b2a3d0354c40793fb1c13b2dfa31c1869b569264e6a1eb727905415ed1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

MD5 ac02a866e52f08ab2d9fd7f1c8b6def1
SHA1 6595b68bd2f234ea2f65ef94745e5aec7fb867e4
SHA256 bf9574e1dda18a8b4c8cc70fbc6bb3b4efed429d3c2be4d666f662fdefe06d7f
SHA512 51a6dcfb0b06072be78059f7a489464d5f38b33f8c2bb21392deafdc6035dba756eabf139c30d547b3dbd25b65500fff16a6f39b9f1118e2e1032838b718f661

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

MD5 6dbaf8dc0218fe2f25242dc13123fa00
SHA1 61fb7db70599e29a6e6c95f920856ac29fa86173
SHA256 2c30e6b3dcf0290eb5ff6a39625935c0ffd835d6309f88b99faf7440b08c4984
SHA512 a7c81386e6ed74707e5338b77cc209db6f0211d31d69131344d5c47ca3c1759325569c25255e5ff5f047d8d2b7496c55904c86d9ea516e1722a111ca94147ace

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

MD5 d31247d60361b8434d08ce6c713ae849
SHA1 5fcb582b3a0c8ae689d968f76dcaa871e6a649d7
SHA256 f858d9adce0600b84333f957bf047055b053f2013010a192b7562287a4ecfc19
SHA512 31ad87e04c7936ec3f764abf4c693acd0b55047a054c81899a15842f3954696edeadd2cc50c9c0a1084904092f0f2b4d784ea54bc20b989e2b053ef9f5acc30e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

MD5 fbeaa191a052e2f1b845cb2286bbf907
SHA1 7ea5c81f05f81bc5311e37b69b14c0b61ab033ac
SHA256 2205dfb9f488171606ec2dc4b8c69b5429d1deae3a3465a4ed492db166bcfc32
SHA512 59f7007f6fc070ae6729a8d747459720ba3f1efe9b1033e7b117b0a4521245534b95914c9948f462b1f3673c710f8096649c6ae30975d2923b5b5026cdf7f481

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

MD5 b26cf284034262a7ea5135542b0959a8
SHA1 eba21b2b08d1ebab5af2cc452e95756b7fc68fa5
SHA256 0c8dc03ad57f4e5358845cb7cf385cc30be7aab2c1f855eb41ee553e02638348
SHA512 c6125667df54f9efb7a7952d9dc2db5c39ff4e74bfdff2ac20e7522d7a7b94d0321be78bd9c312689718c3eaa849c7a06a448849065a5d9fa37d768c0ec2bce7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

MD5 c4b9480e91644337546c467d8cbc3d3e
SHA1 f61c6648e346e3061daf131f6410631f65b2f6a9
SHA256 1ddd001fbc6c23f354f0dd92a6b3bc7a99444b7d3a8930f18130ffea2b94df76
SHA512 000a88118ab3de60599e044b5b410f1ef3cbfc51ce7e1d49d87d9c9e5a904adfceb0776dac5f90f9f8618530877f9d058d04438a113e0f257c50ff6e775efa6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

MD5 d02d3a09dd4c63458e9761f774bc2333
SHA1 efdc35f71b4c764bc3f6ea834f9e1b7e32012d3f
SHA256 974ef2de272eec3b84cb59adeaff68def8c758ee157c005ccbdd7fcec48695a2
SHA512 03caedc82c2166b20149869eb30da721b4b7bd64d9a9eb98ce0888bcf0408f71cfe3f9ae371fec71ec2f5b009ed3304489e62142655026456d978effb10409b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

MD5 3e331d5dc579df6b2ed6aa2b2ae7ec27
SHA1 81cf933b91f4a50ad329d9ad48cb7f300c752349
SHA256 45618d3644d08e92c69bae6f7125f99f2ac1d8581563fa4eac6495d0194a6bcf
SHA512 41e4c2ef882a68060f2b3849dc64ee5061ca9d0892afb12a6d2832d0269681295fb418b158242827c451e1ea7d94b9a7276ad1f8cdac6bc9a1069d572f034569

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 35b21509ac6c279f67bc4b08f045db99
SHA1 7ba167dbe56a1116034f0c3d3eab030c87ee2679
SHA256 9323c645e90f8f3d239dc931cb882ad0cccf8661ea4f1e341dd7d5ca0983cd0c
SHA512 05a59a992f8484f40593da9db3f7a6d901fb819e4cdaff5cd3bd454c633afeac08f269f0eb06106b5da3044059038699861169d4a10c5a9494ef035faffde530

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 8a91c258da1a287f418fe9edce4d7139
SHA1 3f912a33cca95495c3a60f0a151e58cbed93ea8d
SHA256 cc94f5cbf94f03732bdbef2cb3eba0eeda02df62b265c96a2ab612e93249d257
SHA512 a327fbebc30941444875b684bbad0a97a8bb0aed784df8378ecad7d3a9386ef687b92b1ffc607a788766a61786e0aa8c64986362cd38961bcaa5c22044f97123

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000001

MD5 9776cb5c65e3fe76b219b84b0f3b4bd4
SHA1 de3d833fe499f379ff0e1ce7cc88a97b9a68a3e7
SHA256 f474b99ab1a3c5165b5d0b2c491b2dabce5b97c17d2451c3e3a25091f2b3b39a
SHA512 ea412c5687ac0449a28bb95ceed7f463f1a072793df5a987c6c3d33d5ebe3e6e09486b79f7660184a760bc0febc0759a0749af988db0a9ef3223bd53c9652b83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000002

MD5 a64d32d35f08881fc241e1a54b1d9c62
SHA1 2543fc5865e2d7458fc24d55e0743b9276598bcd
SHA256 b22fa8fa318db9254464b589950eb3508cd35a798eea2588f03dfc13d663388a
SHA512 cdcef8619607fe1d776fe7f1810cde7119b1e1c601e30c0324884027ecb1f1c243f07d7ab973630a9bc17eee4328fa2853cac86fbf369cf00922220cc8279563

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000003

MD5 17f638eb36d922ef8061fdfc3e0f4f7d
SHA1 2175b3208b26e069bddb286cc0622d97e19e65ff
SHA256 63fce204e1e854e0ae58828355ad32bddfc360f339fbd373f0450d730f64bedf
SHA512 8889af15189e169701700272a9d4d1b2007f41d6c08259a7200df7e04bc50df8d0e8cb70a014892b2811ba1c6ca80ffecbc0960c3dd15ecf222515c2e767655d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000004

MD5 ba7dff0949245e64b2bafea2800848a6
SHA1 ef85a9796564b0cd90052f0145e1df12afdf5ce7
SHA256 9c5f811e3fc9c4744b4394128bf57e581cb9f7b17203cefcf8a099b39ee8e9a0
SHA512 bc301036228d59ce8bbeef49837c82146d3012f956a67751b1252efec9c675e5ac7fde7878a6e6218f21d3a6fe4cd4f4a2eb46c4847776cfcb87186e00252d4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000005

MD5 ed2b61fe38059d7d8afe7a1beb9d3b8e
SHA1 cc2890cfa48124d393cd19b73f979c7bcda41339
SHA256 b1d713eb4b96eade2ad7a2c9d7445c3efb8bed537aca8241947dba45192563de
SHA512 df7634c85bd10a1014b704e54409a6b213eedbddb8523dccd445e3f8ecefb1230f4c6290ea840c28b7a7fe083a01c61246d142ce34eb3383737eb9b3e9aba886

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

MD5 22597d0a7589bb53c1749f325713f7ae
SHA1 825ee183a68dde9b2eca17518f8ad97ce636156b
SHA256 d7f9e6da230fb7bec659db214fc31fb9c3ac39f33b70dc660eb3460384ec0f09
SHA512 6ea23921f763bac4c24ad3587e23fef674df8c67bca75e2c1aa9d416b2188d0295e56c6ae1855bf02b87c473212b09b79671af3031a5048f919fecbe2228e880

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13361444481116515

MD5 84224c944098980378df4a1bc22c964f
SHA1 67dece44a0472660294b60d77cf07bf58f99ab74
SHA256 bcabaf0df18d4feea69f32ec255c6e53cba11f382ab286897b7d4dab317dab3e
SHA512 c36a1baa444181768f1107a48fcdcd25dc99d91cb8771625f55624c5c5e95b09d95d31edd30152a890c79ae643b8f64307885db2523fdb620402e7d1e6e65a7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt

MD5 f2e9102f4177c268cf292773fe3c3e59
SHA1 03e8952afc74506f799625aa30748833476e434c
SHA256 71a148476d02139f4db1ba6de4b8f4e94e133688f6d268066f55020514fae61b
SHA512 daa0605d896a50bd0126a7805cf47de651e2615d4dcbb8440380b550202277393f592f0b9f1f82eb93efb4b9c11705e041b76affde148e5f2aba77456af84b79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser

MD5 de9ef0c5bcc012a3a1131988dee272d8
SHA1 fa9ccbdc969ac9e1474fce773234b28d50951cd8
SHA256 3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590
SHA512 cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7ed7fcecfba294f90e1cfb970050b537
SHA1 a5c34c669b6a2c73b867999563fb06236ab0658e
SHA256 5e4766d99cecd8941067d4534755701918b7fcceb1b8a760e11f9d2e3bd5c5df
SHA512 0904d7a6b5ade74b4288075ac3ab9ed9e95b12b8e5c889b256d7f5742b6e6030ef69a24d3f1d0009cdc78296eae69ed49e9036454b087227ff7056ae7ded562b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\2e23b444-33ba-4731-bfe3-a296fceb19aa.tmp

MD5 1de387b89e0cab399e6f37030355e73b
SHA1 65279c2082deb934779f9e7ad05d8e23f0c5059e
SHA256 2aeb5554cb3b7d0b37b3238a18f12406bab7f27a09b7f99ef726875a33c330d0
SHA512 8ca78145546b358e1c660e609c01fe0b359dfcabb47fff125e8599750ed642f00f0ef43b77a479b7cbb894adf885657f78aa3d498b89e27e4d9e9b6676dc64fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 732c2eb39915a43e65b1866390435cc8
SHA1 46110b91bc556690b30a8b19c90ac9efa8937212
SHA256 1e029f31a0b465b2b5ca5fbf5584811047e597e7d02317e1f827819d5307012e
SHA512 dc540e29ea6383016f495d70ca24477fd501417d67e365d4ef447e9612096ab32bb64caf79af88d9bf04bc1318e4898f229ec4c4949d7fec1138b001dc6d6be2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 094c437466cc17a1dc1f1ea4c80d5eb1
SHA1 941bff3674812c7ce4780520fe7af97d692a93a0
SHA256 1ad125a1a814fc9e3c4bb6da74809723cbbe93786bdc3a63e0a529fa538ccb8a
SHA512 92dd473789c61418eb0ea3144baf7126efc86a7ddc718850b34d3a320a3779971e0a33aa373e9a9278a657d5069229dc32607b5c70a52ca47eac06e29587c753

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dec071afc947c525ef42923c7af671f2
SHA1 46300b0c0a55a0a7467a74283b94f02251435557
SHA256 85c3e118c92a0283345455640ed5b269783757607bf3f66dae215af033ce1e7d
SHA512 1a1f88be19b864285e4e810b3861bc3f6bd13e1fc0cc73e569f471a85f502a6d5df338b5010e211153d5e521dabd55796579ed636f05f72ddc6523a281576d78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2514e9313e9e8df61e049a2e7ccdc77a
SHA1 7f7651bf4334ec1035d0045c8155f8d4fb67a83f
SHA256 e478657f7bc79973aaf0e1672bea5655fa7470b5161af4cbb7a097c4489a119d
SHA512 6a2e18b9798104369d6fd3c1e786e8135762f6e15346ce6bd76b97d10d776b6623344198fd58f53c712d136a156aa28c9371a0518d9a6c770ec205c60cbd08c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f970596f783e7abbe34a53f745e4e8f7
SHA1 0c47821c0cd9a3fae7be49af9d9d1aad106bfe52
SHA256 ae6cbd22afef41df386f68e6a89688924462c6abbb7e7847b720e8f40ed2c8ea
SHA512 3c9ee820a8bbdeb0507ba855e9e14e0c58c918ede646fa7b9a583be11bf6256400f94c9ac90939d0d05e0dc6e415ca93622ea85611c5d7dbc640f3450e82f109

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2cda42b3b0f46d575a4f606a96ad7e47
SHA1 cb307607497895247a82cd7c4bcfd6f2df314140
SHA256 9b73b720ffa26680e60bdb7742ec95553087d39127dae8d6efd03f52e639f345
SHA512 1bcbaa9921727b4fdadff522b69869e6e03030e4e254e8f958afb32e67e7e6f6445caf1f2675c84d8b95c09872a3f35ab8ebf36cf846ac8dc2c254dcc3659a20

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\b39543be-0ab4-4337-932f-2e4c4f8a337c.tmp

MD5 b009577332fcfd0b0c4e1bf5c3bc0058
SHA1 bc22e8496223e4b1cd9b5f21c7d73f94325797f8
SHA256 c037a994291652ea318a612b2154fb15a0d011bd1c22198050b57f8fc799da5f
SHA512 0797aab039b4032c52f93d16aae34994b25edfb64b5cbd36d8aed1b9e145681341c603258f857f27d0d6caabcbb40d15a309aa46d2c412dcd7186e10901080f4

C:\Users\Admin\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\LocalState\Projects\Projects.json

MD5 430ea5a2e2078a360d37381636eb1e59
SHA1 55a8d4c1fc60f6d87434173da6a8e6af2800d523
SHA256 665237a68f784ebc3c3615fab92399b91473f0b64a10e0dc884d65af69ee2faf
SHA512 edbeb4ec74e60a3341a76506a46c080a1fc71ad5299cd1c688cdbbc60cf6facfe2c94e061a3d2d5bf7ee205ac1334d6f0781e3e4dcd383a46e48427d4cce6b33

C:\Users\Admin\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\LocalState\cloudCommunitySettings.json

MD5 404a3ec24e3ebf45be65e77f75990825
SHA1 1e05647cf0a74cedfdeabfa3e8ee33b919780a61
SHA256 cc45905af3aaa62601a69c748a06a2fa48eca3b28d44d8ec18764a7e8e4c3da2
SHA512 a55382b72267375821b0a229d3529ed54cef0f295f550d1e95661bafccec606aa1cd72e059d37d78e7d2927ae72e2919941251d233152f5eeb32ffdfc96023e5