Analysis Overview
Threat Level: Shows suspicious behavior
The file https://github.com/doenerium6969/doenerium-fixed was found to be: Shows suspicious behavior.
Malicious Activity Summary
Legitimate hosting services abused for malware hosting/C2
Modifies data under HKEY_USERS
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Enumerates system info in registry
Suspicious behavior: AddClipboardFormatListener
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-29 08:21
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-29 08:21
Reported
2024-05-29 08:26
Platform
win10-20240404-en
Max time kernel
195s
Max time network
301s
Command Line
Signatures
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
| N/A | camo.githubusercontent.com | N/A | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133614444838014038" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\History\CacheLimit = "1" | C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Content | C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Content\CachePrefix | C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings | C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CacheLimit = "1" | C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\History\CachePrefix = "Visited:" | C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache | C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Extensible Cache | C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Content\CacheLimit = "51200" | C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Cookies | C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:" | C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3699363923-1875576828-3287151903-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.mspaint_8wekyb3d8bbwe\Internet Settings\Cache\History | C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\mspaint.exe | N/A |
| N/A | N/A | C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/doenerium6969/doenerium-fixed
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xcc,0xd0,0xd4,0xa8,0xd8,0x7ff887b89758,0x7ff887b89768,0x7ff887b89778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1932 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2096 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2864 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2872 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3780 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4748 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4480 --field-trial-handle=1756,i,3846892654945730472,8552427793700538393,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\install.bat" "
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\install.bat" "
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\fix.bat" "
C:\Windows\System32\NOTEPAD.EXE
"C:\Windows\System32\NOTEPAD.EXE" C:\Users\Admin\Desktop\doenerium-fixed-main\install.bat
C:\Windows\System32\NOTEPAD.EXE
"C:\Windows\System32\NOTEPAD.EXE" C:\Users\Admin\Desktop\doenerium-fixed-main\build.bat
C:\Windows\System32\NOTEPAD.EXE
"C:\Windows\System32\NOTEPAD.EXE" C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat" "
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat" "
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat" "
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat" "
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat" "
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat" "
C:\Windows\system32\cmd.exe
C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\doenerium-fixed-main\setup.bat" "
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xd0,0xd4,0xd8,0xac,0xdc,0x7ff887b89758,0x7ff887b89768,0x7ff887b89778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1668 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2016 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2068 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3108 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3232 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4504 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4652 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4752 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4884 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5044 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5352 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4496 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5364 --field-trial-handle=1740,i,13916822936171667228,9700129391536146191,131072 /prefetch:1
C:\Windows\system32\mspaint.exe
"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\Desktop\doenerium-fixed-main\screenshots\1.png" /ForceBootstrapPaint3D
C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
"C:\Program Files\WindowsApps\Microsoft.MSPaint_1.1702.28017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe" -ServerName:Microsoft.MSPaint.AppX437q68k2qc2asvaagas2prv9tjej6ja9.mca
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | camo.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| FR | 142.250.178.138:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 138.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| FR | 142.250.178.138:443 | content-autofill.googleapis.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | 21.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | codeload.github.com | udp |
| GB | 20.26.156.216:443 | codeload.github.com | tcp |
| US | 8.8.8.8:53 | 216.156.26.20.in-addr.arpa | udp |
| US | 20.231.121.79:80 | tcp | |
| US | 8.8.8.8:53 | 131.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| FR | 172.217.20.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 196.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 163.214.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| FR | 142.250.178.142:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 142.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| FR | 172.217.20.174:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| FR | 216.58.213.78:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 174.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 78.213.58.216.in-addr.arpa | udp |
| FR | 172.217.20.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 67.214.58.216.in-addr.arpa | udp |
| FR | 142.250.178.142:443 | apis.google.com | udp |
| FR | 172.217.20.174:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 162.20.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.229.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.173.189.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
Files
\??\pipe\crashpad_2448_QGYHBVFDZVGFBBZF
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\Downloads\doenerium-fixed-main.zip
| MD5 | 4d00748da35862747e574178ca73072f |
| SHA1 | cae0571ee744d98ba987dd01c03f5074683faee5 |
| SHA256 | 4cd1f379313a39a3947c35cd1d6dafa5bcaefab5ad2b55af8d76fdeb416cc7ad |
| SHA512 | f7f3190b8c19e91381be7853875d553c1d69e1b070b00e657a0ea2b24add04343f80ce6ae7c29641e4b2f346d94d2908edb23f4a6b4e88d8780aad8c7aa9b9a1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 3910c5d93678746065cd687627be4820 |
| SHA1 | ce2ff670fe060bdd729642b841f4aabac1ee1df7 |
| SHA256 | 8f6fc5dd012a13cdb51a9ae97b71deb2de3fb1ec17b59fede35ab720e29fd04f |
| SHA512 | 46b31b2a72bb56ff6ef71387bbdb87282caea9ab531b045707617761971dd80176b09947d99fcc2daf93f5af0ee841a0fe6e5f9169e2b371ce87f13af9d49e19 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | eb187f3bcb8c6833e3dddb3e0bcf60d6 |
| SHA1 | 9f12b0a5e264c6a5538df82799cbca8940707fd6 |
| SHA256 | b5acc9c3d4e72a1e2a4385cc17a3dcfc8732cfb9cb5bbe8bcbab74f1594083a7 |
| SHA512 | d03bbff609bfea28518586099a58b6fa87aeaa7edd279e81508a22a527b9df22fd383d10c3f196e74d33a58963d6203b31692e82e5f299dd6225063ed3e0bd89 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 6dfd5f213d277435fedaec9889984773 |
| SHA1 | 4acf61dcdd0c5cced40157576e43b5f678b79166 |
| SHA256 | 543e69ad0730287f50a1a6d0f98baf66204edb8ff4683f6ace8dcef6a0e5a333 |
| SHA512 | ba993f7761b12eb2c08d5eec92ac392b6feaedc849ad27c9ccaac1dd5265d8f9bb568d72e8a6b40fac0bcc7e44c41c1ef13675b13dd0cb083bb56ae8c5124ddc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 1ffcf807f42add750ae6186bd2aff378 |
| SHA1 | 6def88c23c7a582c781fc82374f8bf2a1e289453 |
| SHA256 | 39fadc2ac9f3b0073518cfa219e2fd61853758a1bff814037416d4a034cc9a73 |
| SHA512 | 4652213c2ee66a3350e19a15f577bfef727b21f6163004d3c74b7539c370ae85caac22c4d55e7c601af5f71b9b9c78a73fb5a799198c359221771a8726e3aec0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | e929bb64e87f995d2b2a6d17eb19626a |
| SHA1 | bd1ed1cb71c75e46f5ca910bd820ecc118da1746 |
| SHA256 | 09aca54832c54e956539a9fbdcfb943923ace9af541adf94c2f02dadae330c75 |
| SHA512 | 24f733aa0d8d213becc8085a97984b15c6082e365ecc17011c0920ac24342737eb331956540b340b30f0f1673f1584d4ade445b3a8ed7fc22a79e8c1eadf2861 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | c64929d71f8769929406b672778db163 |
| SHA1 | 9dcbf05f8029ec6263ec43b6958a54626adb62d1 |
| SHA256 | b8d3e55babd999d4d2ada4cdae8d09b2b34321266395960c07ec811d08b91a0a |
| SHA512 | 9ce6eaea812713c9dc9de55875f5899b21b34e2fd09666590f0a4b3a4c6b3dcce382c5c1e73e01f4066c4b99024cda816ddb324701deabf2756c76e6f5977332 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | 9eae63c7a967fc314dd311d9f46a45b7 |
| SHA1 | caba9c2c93acfe0b9ceb9ab19b992b0fc19c71cf |
| SHA256 | 4288925b0cf871c7458c22c46936efb0e903802feb991a0e1803be94ca6c251d |
| SHA512 | bed924bff236bf5b6ce1df1db82e86c935e5830a20d9d24697efd82ca331e30604db8d04b0d692ec8541ec6deb2225bcc7d805b79f2db5726642198ecf6348b8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log
| MD5 | 63f276a675bdc575820c3985a1dc1d0c |
| SHA1 | 7a5cdee22af117418c75d3cec1f0853dcc22be14 |
| SHA256 | a673797553be70c55b67334dc52f3e977a96a41ff49dcb21a2ae7c298300707a |
| SHA512 | 50d4ae4e2ec0925d7c767f5240688921c0a8dae59e85be51981552fed3ab839ad99c34085da3405f3d158a23e5cffd2400d548149b64602d28780a60828fd7e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\000003.log
| MD5 | 5d9bf818f3b476eada94a2125820234a |
| SHA1 | 7e872883d7b58991cf5f593be49a8c0fc9429998 |
| SHA256 | 79489fb59120fe1e6fda9adae9abe238e5a78df54974c176b23d7837e0a2cf79 |
| SHA512 | 12a39cbcbf87496803a660fc3c74c54e29cc5a0ca79ed151081c61bcee618e49e8306af4c933d1efe01fb2d4e5dc8a6c5f58e42d3c837587010c805bfcd95f89 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
| MD5 | ef13c3af85c794fe036c1ee5d94fed91 |
| SHA1 | 3034fc7283976d05fa1152a7cd60cc92fdfe8483 |
| SHA256 | d4c9e60f584e02269b7c1c7837ee9480c5371bb86566ac288a042aa71bbf9682 |
| SHA512 | 8b591edab4d24199b321f6d1cb6357d01ca7258e83748cd81b0d88a062858a025bc87d01dd1f9c1ffba3d82a569f98957fbb989c56708e00e2f03a42a512cdd0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
| MD5 | 9079226d2b1b999d16a7e7ea4b7136e9 |
| SHA1 | 5d85b3c13516105cafc722d320c6ecd30a414a61 |
| SHA256 | b7064b22366097213c47a7b7f758378d927025442eff43b7dcfcbb0988a5f30b |
| SHA512 | e6ae8772a7b8ce3cafba9e36bab93283589c49aa2ef6d7363de58f7d263c72d96f1f14440eff9be0ffb4829829a04deb8b4e491b9136efa05eff65202b17aa7e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13361444488357515
| MD5 | 1965e1fbb9bac574445b8dc8524ff216 |
| SHA1 | 6bda31914e51f3ae07f381b9d040d895484b2d4f |
| SHA256 | 04214deb6c26cfa031c6a4642b9f90b422fe14e012b18db6274f00f390b2ce9b |
| SHA512 | 0ab2a56636f135404d3d61abc906cbadb862f9bba6de6dded7451cae95baf946b1ca573cd6f0b54cd14484a8ad62dc53ec201a2fd2d9097d324bf5fbb7ebf9b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links
| MD5 | 1ec347267124d1a859c5cda03659faaf |
| SHA1 | b29683af47d4d774a30b676f65eaaef23165a715 |
| SHA256 | da2dfcf3cf40083e04c6b3e44cef5aa859714be719b2adb7881b88bb7199d50d |
| SHA512 | feeefe697e30444b4eb5cd7050c9552ac4bfbd11ce9718a553eb23f48c49fc32111c4fcc04252226faffeef5800aba98ac9fbe1853ee35201b58448d84863bf6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
| MD5 | a50e3b99572f303cd907a5c3c4802a37 |
| SHA1 | 5d3bd275bcbce0cec08f9e4f047a65c29c8e6710 |
| SHA256 | f950ee69d63c33140bdab8ffd6368210608333c58bfa9c5baae3722fa2607d97 |
| SHA512 | d7f7336ebff1e0babeec67f68c185007467f24822f0a43e2f286a71566ac7721d1e4e871e20968a63b671fe4375af4319d410591985ab4f0c08090ced1a19724 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons
| MD5 | 1a538e6e8808593e8b1b2a7bfb502e75 |
| SHA1 | bb8dc80030de5a4328eace548705b38154ab8fe8 |
| SHA256 | fed5fd98603ea39883def22f4ed20d59dd2a4e6b2d740224c79ecd620a4714d7 |
| SHA512 | 98340a5ad67223448498386971636cc3da270253001b29b9e23f0c7250e1bcc62272935f68b2353c7f75fe28033ed8e0b4b623fb7976f447d444089bf8951ac8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
| MD5 | 3917be26217f3a3d1aef7abc0bd05f1a |
| SHA1 | 4a65f577ec5528970e6f684b1fb47b3238f3869b |
| SHA256 | 1fe1131cb3c2750f91cef4e867f2b1bb54fb46239efb00dd54165bd2f58e32a4 |
| SHA512 | 1050a742a71fb322e630a10ac40dae65e791c753f87f2d4e811f6db067947fc1be71ba40fe18ddc646f10e5931b64f11b135a270e677d395a7fb4b5068e97eb1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3
| MD5 | 09a4b234ee3547169ef0b63f16f2e278 |
| SHA1 | 1ee3f80d6a1b851ce9227ae263a4a2425a5be3b3 |
| SHA256 | c14072d77e6c8ddb3d16d9b24b76bc09fcd9607845ff8f1a29734cd3ba86fd17 |
| SHA512 | 1cdef1967a87dcb7be85911af74e69b18c69a5b8ebb3f6a62d51e1fa6863da7710136cc577475ad9621afc18a86caa504e3acbedf0f58450ba5dbb1001948081 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2
| MD5 | 354c135393c9f9fe3195734eaa4c9db7 |
| SHA1 | 37ffa8322a4d6f0172dba60d0e0a709d48f3cf52 |
| SHA256 | 1229c128656bd1b7ce3b1b4629706322c8027d01c3d3df9ddbec137fd3ddf8c0 |
| SHA512 | 399c2f74da11741e2f7728932de2e9b307e7078994adea61a4f740c33264b1a0d6cba63fd861e256b39a1f6042dda7679ec698b66fbd4933c6e31e24e7a4873f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
| MD5 | 0b5d490a9a2e1e18310c2872b425efe9 |
| SHA1 | f607277a3d82a89d9a47bca029c416c9c2ff3259 |
| SHA256 | c06732f1bf72b0787fe35a42941948980c0d1c3a6429df32a4675117d5d9c7f8 |
| SHA512 | 7cba753dd7482b28fe20f50ba0bebd5039c2d3c2a8b62abf706e64d35e6e40132c7460b6607ff2eccf43ecbaece27bff5be90652538b15ed3d277ca317510398 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
| MD5 | c689529c19bde63fd748831964e9ecf9 |
| SHA1 | 27157ce8ec1f86cc25ef593bd88fa2d90ed125e0 |
| SHA256 | b3379b7298ffbd6353497416f0e1a85a40a355f05a657ebc95f79a134ea7d820 |
| SHA512 | 24242457abaed87363b8db9ebef08674861c343e610e6c69d1f630b16bf0eac8868944c255c97e4518095a9e2574afb042ba349a2fd357d4873afda2d26f1b38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
| MD5 | 43702d9ae5b30cf65d42dc2670809932 |
| SHA1 | c333b4bf8ef103ca05b536ec891167e679168e91 |
| SHA256 | d424105b663485b0d1f31221fc8e4a7340a3310e5af1ef92ca7a551aed891341 |
| SHA512 | ac7531c652f6af4b863fd0a3de0074f5e5ed9582d532f58ef354319e7ee00352a7d0f5b2a3d0354c40793fb1c13b2dfa31c1869b569264e6a1eb727905415ed1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3
| MD5 | ac02a866e52f08ab2d9fd7f1c8b6def1 |
| SHA1 | 6595b68bd2f234ea2f65ef94745e5aec7fb867e4 |
| SHA256 | bf9574e1dda18a8b4c8cc70fbc6bb3b4efed429d3c2be4d666f662fdefe06d7f |
| SHA512 | 51a6dcfb0b06072be78059f7a489464d5f38b33f8c2bb21392deafdc6035dba756eabf139c30d547b3dbd25b65500fff16a6f39b9f1118e2e1032838b718f661 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1
| MD5 | 6dbaf8dc0218fe2f25242dc13123fa00 |
| SHA1 | 61fb7db70599e29a6e6c95f920856ac29fa86173 |
| SHA256 | 2c30e6b3dcf0290eb5ff6a39625935c0ffd835d6309f88b99faf7440b08c4984 |
| SHA512 | a7c81386e6ed74707e5338b77cc209db6f0211d31d69131344d5c47ca3c1759325569c25255e5ff5f047d8d2b7496c55904c86d9ea516e1722a111ca94147ace |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0
| MD5 | d31247d60361b8434d08ce6c713ae849 |
| SHA1 | 5fcb582b3a0c8ae689d968f76dcaa871e6a649d7 |
| SHA256 | f858d9adce0600b84333f957bf047055b053f2013010a192b7562287a4ecfc19 |
| SHA512 | 31ad87e04c7936ec3f764abf4c693acd0b55047a054c81899a15842f3954696edeadd2cc50c9c0a1084904092f0f2b4d784ea54bc20b989e2b053ef9f5acc30e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log
| MD5 | fbeaa191a052e2f1b845cb2286bbf907 |
| SHA1 | 7ea5c81f05f81bc5311e37b69b14c0b61ab033ac |
| SHA256 | 2205dfb9f488171606ec2dc4b8c69b5429d1deae3a3465a4ed492db166bcfc32 |
| SHA512 | 59f7007f6fc070ae6729a8d747459720ba3f1efe9b1033e7b117b0a4521245534b95914c9948f462b1f3673c710f8096649c6ae30975d2923b5b5026cdf7f481 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG
| MD5 | b26cf284034262a7ea5135542b0959a8 |
| SHA1 | eba21b2b08d1ebab5af2cc452e95756b7fc68fa5 |
| SHA256 | 0c8dc03ad57f4e5358845cb7cf385cc30be7aab2c1f855eb41ee553e02638348 |
| SHA512 | c6125667df54f9efb7a7952d9dc2db5c39ff4e74bfdff2ac20e7522d7a7b94d0321be78bd9c312689718c3eaa849c7a06a448849065a5d9fa37d768c0ec2bce7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | c4b9480e91644337546c467d8cbc3d3e |
| SHA1 | f61c6648e346e3061daf131f6410631f65b2f6a9 |
| SHA256 | 1ddd001fbc6c23f354f0dd92a6b3bc7a99444b7d3a8930f18130ffea2b94df76 |
| SHA512 | 000a88118ab3de60599e044b5b410f1ef3cbfc51ce7e1d49d87d9c9e5a904adfceb0776dac5f90f9f8618530877f9d058d04438a113e0f257c50ff6e775efa6f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | d02d3a09dd4c63458e9761f774bc2333 |
| SHA1 | efdc35f71b4c764bc3f6ea834f9e1b7e32012d3f |
| SHA256 | 974ef2de272eec3b84cb59adeaff68def8c758ee157c005ccbdd7fcec48695a2 |
| SHA512 | 03caedc82c2166b20149869eb30da721b4b7bd64d9a9eb98ce0888bcf0408f71cfe3f9ae371fec71ec2f5b009ed3304489e62142655026456d978effb10409b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
| MD5 | 3e331d5dc579df6b2ed6aa2b2ae7ec27 |
| SHA1 | 81cf933b91f4a50ad329d9ad48cb7f300c752349 |
| SHA256 | 45618d3644d08e92c69bae6f7125f99f2ac1d8581563fa4eac6495d0194a6bcf |
| SHA512 | 41e4c2ef882a68060f2b3849dc64ee5061ca9d0892afb12a6d2832d0269681295fb418b158242827c451e1ea7d94b9a7276ad1f8cdac6bc9a1069d572f034569 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 35b21509ac6c279f67bc4b08f045db99 |
| SHA1 | 7ba167dbe56a1116034f0c3d3eab030c87ee2679 |
| SHA256 | 9323c645e90f8f3d239dc931cb882ad0cccf8661ea4f1e341dd7d5ca0983cd0c |
| SHA512 | 05a59a992f8484f40593da9db3f7a6d901fb819e4cdaff5cd3bd454c633afeac08f269f0eb06106b5da3044059038699861169d4a10c5a9494ef035faffde530 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | 8a91c258da1a287f418fe9edce4d7139 |
| SHA1 | 3f912a33cca95495c3a60f0a151e58cbed93ea8d |
| SHA256 | cc94f5cbf94f03732bdbef2cb3eba0eeda02df62b265c96a2ab612e93249d257 |
| SHA512 | a327fbebc30941444875b684bbad0a97a8bb0aed784df8378ecad7d3a9386ef687b92b1ffc607a788766a61786e0aa8c64986362cd38961bcaa5c22044f97123 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000001
| MD5 | 9776cb5c65e3fe76b219b84b0f3b4bd4 |
| SHA1 | de3d833fe499f379ff0e1ce7cc88a97b9a68a3e7 |
| SHA256 | f474b99ab1a3c5165b5d0b2c491b2dabce5b97c17d2451c3e3a25091f2b3b39a |
| SHA512 | ea412c5687ac0449a28bb95ceed7f463f1a072793df5a987c6c3d33d5ebe3e6e09486b79f7660184a760bc0febc0759a0749af988db0a9ef3223bd53c9652b83 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000002
| MD5 | a64d32d35f08881fc241e1a54b1d9c62 |
| SHA1 | 2543fc5865e2d7458fc24d55e0743b9276598bcd |
| SHA256 | b22fa8fa318db9254464b589950eb3508cd35a798eea2588f03dfc13d663388a |
| SHA512 | cdcef8619607fe1d776fe7f1810cde7119b1e1c601e30c0324884027ecb1f1c243f07d7ab973630a9bc17eee4328fa2853cac86fbf369cf00922220cc8279563 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000003
| MD5 | 17f638eb36d922ef8061fdfc3e0f4f7d |
| SHA1 | 2175b3208b26e069bddb286cc0622d97e19e65ff |
| SHA256 | 63fce204e1e854e0ae58828355ad32bddfc360f339fbd373f0450d730f64bedf |
| SHA512 | 8889af15189e169701700272a9d4d1b2007f41d6c08259a7200df7e04bc50df8d0e8cb70a014892b2811ba1c6ca80ffecbc0960c3dd15ecf222515c2e767655d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000004
| MD5 | ba7dff0949245e64b2bafea2800848a6 |
| SHA1 | ef85a9796564b0cd90052f0145e1df12afdf5ce7 |
| SHA256 | 9c5f811e3fc9c4744b4394128bf57e581cb9f7b17203cefcf8a099b39ee8e9a0 |
| SHA512 | bc301036228d59ce8bbeef49837c82146d3012f956a67751b1252efec9c675e5ac7fde7878a6e6218f21d3a6fe4cd4f4a2eb46c4847776cfcb87186e00252d4e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\f_000005
| MD5 | ed2b61fe38059d7d8afe7a1beb9d3b8e |
| SHA1 | cc2890cfa48124d393cd19b73f979c7bcda41339 |
| SHA256 | b1d713eb4b96eade2ad7a2c9d7445c3efb8bed537aca8241947dba45192563de |
| SHA512 | df7634c85bd10a1014b704e54409a6b213eedbddb8523dccd445e3f8ecefb1230f4c6290ea840c28b7a7fe083a01c61246d142ce34eb3383737eb9b3e9aba886 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
| MD5 | 22597d0a7589bb53c1749f325713f7ae |
| SHA1 | 825ee183a68dde9b2eca17518f8ad97ce636156b |
| SHA256 | d7f9e6da230fb7bec659db214fc31fb9c3ac39f33b70dc660eb3460384ec0f09 |
| SHA512 | 6ea23921f763bac4c24ad3587e23fef674df8c67bca75e2c1aa9d416b2188d0295e56c6ae1855bf02b87c473212b09b79671af3031a5048f919fecbe2228e880 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13361444481116515
| MD5 | 84224c944098980378df4a1bc22c964f |
| SHA1 | 67dece44a0472660294b60d77cf07bf58f99ab74 |
| SHA256 | bcabaf0df18d4feea69f32ec255c6e53cba11f382ab286897b7d4dab317dab3e |
| SHA512 | c36a1baa444181768f1107a48fcdcd25dc99d91cb8771625f55624c5c5e95b09d95d31edd30152a890c79ae643b8f64307885db2523fdb620402e7d1e6e65a7b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt
| MD5 | f2e9102f4177c268cf292773fe3c3e59 |
| SHA1 | 03e8952afc74506f799625aa30748833476e434c |
| SHA256 | 71a148476d02139f4db1ba6de4b8f4e94e133688f6d268066f55020514fae61b |
| SHA512 | daa0605d896a50bd0126a7805cf47de651e2615d4dcbb8440380b550202277393f592f0b9f1f82eb93efb4b9c11705e041b76affde148e5f2aba77456af84b79 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser
| MD5 | de9ef0c5bcc012a3a1131988dee272d8 |
| SHA1 | fa9ccbdc969ac9e1474fce773234b28d50951cd8 |
| SHA256 | 3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590 |
| SHA512 | cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 7ed7fcecfba294f90e1cfb970050b537 |
| SHA1 | a5c34c669b6a2c73b867999563fb06236ab0658e |
| SHA256 | 5e4766d99cecd8941067d4534755701918b7fcceb1b8a760e11f9d2e3bd5c5df |
| SHA512 | 0904d7a6b5ade74b4288075ac3ab9ed9e95b12b8e5c889b256d7f5742b6e6030ef69a24d3f1d0009cdc78296eae69ed49e9036454b087227ff7056ae7ded562b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\2e23b444-33ba-4731-bfe3-a296fceb19aa.tmp
| MD5 | 1de387b89e0cab399e6f37030355e73b |
| SHA1 | 65279c2082deb934779f9e7ad05d8e23f0c5059e |
| SHA256 | 2aeb5554cb3b7d0b37b3238a18f12406bab7f27a09b7f99ef726875a33c330d0 |
| SHA512 | 8ca78145546b358e1c660e609c01fe0b359dfcabb47fff125e8599750ed642f00f0ef43b77a479b7cbb894adf885657f78aa3d498b89e27e4d9e9b6676dc64fe |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 732c2eb39915a43e65b1866390435cc8 |
| SHA1 | 46110b91bc556690b30a8b19c90ac9efa8937212 |
| SHA256 | 1e029f31a0b465b2b5ca5fbf5584811047e597e7d02317e1f827819d5307012e |
| SHA512 | dc540e29ea6383016f495d70ca24477fd501417d67e365d4ef447e9612096ab32bb64caf79af88d9bf04bc1318e4898f229ec4c4949d7fec1138b001dc6d6be2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 094c437466cc17a1dc1f1ea4c80d5eb1 |
| SHA1 | 941bff3674812c7ce4780520fe7af97d692a93a0 |
| SHA256 | 1ad125a1a814fc9e3c4bb6da74809723cbbe93786bdc3a63e0a529fa538ccb8a |
| SHA512 | 92dd473789c61418eb0ea3144baf7126efc86a7ddc718850b34d3a320a3779971e0a33aa373e9a9278a657d5069229dc32607b5c70a52ca47eac06e29587c753 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | dec071afc947c525ef42923c7af671f2 |
| SHA1 | 46300b0c0a55a0a7467a74283b94f02251435557 |
| SHA256 | 85c3e118c92a0283345455640ed5b269783757607bf3f66dae215af033ce1e7d |
| SHA512 | 1a1f88be19b864285e4e810b3861bc3f6bd13e1fc0cc73e569f471a85f502a6d5df338b5010e211153d5e521dabd55796579ed636f05f72ddc6523a281576d78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2514e9313e9e8df61e049a2e7ccdc77a |
| SHA1 | 7f7651bf4334ec1035d0045c8155f8d4fb67a83f |
| SHA256 | e478657f7bc79973aaf0e1672bea5655fa7470b5161af4cbb7a097c4489a119d |
| SHA512 | 6a2e18b9798104369d6fd3c1e786e8135762f6e15346ce6bd76b97d10d776b6623344198fd58f53c712d136a156aa28c9371a0518d9a6c770ec205c60cbd08c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f970596f783e7abbe34a53f745e4e8f7 |
| SHA1 | 0c47821c0cd9a3fae7be49af9d9d1aad106bfe52 |
| SHA256 | ae6cbd22afef41df386f68e6a89688924462c6abbb7e7847b720e8f40ed2c8ea |
| SHA512 | 3c9ee820a8bbdeb0507ba855e9e14e0c58c918ede646fa7b9a583be11bf6256400f94c9ac90939d0d05e0dc6e415ca93622ea85611c5d7dbc640f3450e82f109 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 2cda42b3b0f46d575a4f606a96ad7e47 |
| SHA1 | cb307607497895247a82cd7c4bcfd6f2df314140 |
| SHA256 | 9b73b720ffa26680e60bdb7742ec95553087d39127dae8d6efd03f52e639f345 |
| SHA512 | 1bcbaa9921727b4fdadff522b69869e6e03030e4e254e8f958afb32e67e7e6f6445caf1f2675c84d8b95c09872a3f35ab8ebf36cf846ac8dc2c254dcc3659a20 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\b39543be-0ab4-4337-932f-2e4c4f8a337c.tmp
| MD5 | b009577332fcfd0b0c4e1bf5c3bc0058 |
| SHA1 | bc22e8496223e4b1cd9b5f21c7d73f94325797f8 |
| SHA256 | c037a994291652ea318a612b2154fb15a0d011bd1c22198050b57f8fc799da5f |
| SHA512 | 0797aab039b4032c52f93d16aae34994b25edfb64b5cbd36d8aed1b9e145681341c603258f857f27d0d6caabcbb40d15a309aa46d2c412dcd7186e10901080f4 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\LocalState\Projects\Projects.json
| MD5 | 430ea5a2e2078a360d37381636eb1e59 |
| SHA1 | 55a8d4c1fc60f6d87434173da6a8e6af2800d523 |
| SHA256 | 665237a68f784ebc3c3615fab92399b91473f0b64a10e0dc884d65af69ee2faf |
| SHA512 | edbeb4ec74e60a3341a76506a46c080a1fc71ad5299cd1c688cdbbc60cf6facfe2c94e061a3d2d5bf7ee205ac1334d6f0781e3e4dcd383a46e48427d4cce6b33 |
C:\Users\Admin\AppData\Local\Packages\Microsoft.MSPaint_8wekyb3d8bbwe\LocalState\cloudCommunitySettings.json
| MD5 | 404a3ec24e3ebf45be65e77f75990825 |
| SHA1 | 1e05647cf0a74cedfdeabfa3e8ee33b919780a61 |
| SHA256 | cc45905af3aaa62601a69c748a06a2fa48eca3b28d44d8ec18764a7e8e4c3da2 |
| SHA512 | a55382b72267375821b0a229d3529ed54cef0f295f550d1e95661bafccec606aa1cd72e059d37d78e7d2927ae72e2919941251d233152f5eeb32ffdfc96023e5 |