Malware Analysis Report

2025-01-19 00:27

Sample ID 240529-vxb3lsca2y
Target https://freecoleg.site/+_O0nckh1i4jidKF
Tags
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://freecoleg.site/+_O0nckh1i4jidKF was found to be: Known bad.

Malicious Activity Summary


Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-05-29 17:21

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-05-29 17:21

Reported

2024-05-29 17:24

Platform

win10v2004-20240508-es

Max time kernel

150s

Max time network

153s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://freecoleg.site/+_O0nckh1i4jidKF

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133614769300874831" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2184 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 5072 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 912 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 4012 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 4012 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2184 wrote to memory of 2940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://freecoleg.site/+_O0nckh1i4jidKF

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbeb76ab58,0x7ffbeb76ab68,0x7ffbeb76ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2184 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3056 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3064 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4668 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4428 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4704 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4700 --field-trial-handle=1872,i,13709087563938590725,4794399072282976802,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 freecoleg.site udp
US 104.21.47.110:443 freecoleg.site tcp
US 8.8.8.8:53 110.47.21.104.in-addr.arpa udp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 183.142.211.20.in-addr.arpa udp
US 8.8.8.8:53 99.58.20.217.in-addr.arpa udp
US 8.8.8.8:53 136.32.126.40.in-addr.arpa udp
BE 88.221.83.200:443 www.bing.com tcp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 104.21.47.110:443 freecoleg.site udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 200.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 104.21.47.110:443 freecoleg.site udp
US 8.8.8.8:53 kws2.web.telegram.org udp
US 8.8.8.8:53 venus.web.telegram.org udp
NL 149.154.167.99:443 venus.web.telegram.org tcp
NL 149.154.167.99:443 venus.web.telegram.org tcp
NL 149.154.167.99:443 venus.web.telegram.org tcp
US 8.8.8.8:53 99.167.154.149.in-addr.arpa udp
NL 149.154.167.99:443 venus.web.telegram.org tcp
US 8.8.8.8:53 kws4.web.telegram.org udp
NL 149.154.167.99:443 kws4.web.telegram.org tcp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 kws1.web.telegram.org udp
US 149.154.174.100:443 kws1.web.telegram.org tcp
US 8.8.8.8:53 100.174.154.149.in-addr.arpa udp
US 8.8.8.8:53 kws3.web.telegram.org udp
US 149.154.174.100:443 kws3.web.telegram.org tcp
US 104.21.47.110:443 freecoleg.site udp
US 8.8.8.8:53 kws5.web.telegram.org udp
SG 149.154.170.100:443 kws5.web.telegram.org tcp
US 8.8.8.8:53 100.170.154.149.in-addr.arpa udp
US 8.8.8.8:53 105.83.221.88.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 22.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 43.58.199.20.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 200.197.79.204.in-addr.arpa udp
US 104.21.47.110:443 freecoleg.site udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 104.21.47.110:443 freecoleg.site udp
US 8.8.8.8:53 kws2.web.telegram.org udp
NL 149.154.167.99:443 kws2.web.telegram.org tcp
NL 149.154.167.99:443 kws2.web.telegram.org tcp
US 8.8.8.8:53 kws4.web.telegram.org udp
NL 149.154.167.99:443 kws4.web.telegram.org tcp

Files

\??\pipe\crashpad_2184_GQWTZGGHMTUTPJGP

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 14e1d321fcb0c71b03c3961491800116
SHA1 2db8f19e5dd0a40d498083b4573d878a8643f5e2
SHA256 ef897c4a0e3bb573fcc263caaf0ca32381b423149010762fa8a17291f4986ad4
SHA512 3bc6b88cc4e3b90f8e168e2c0f53d79662aa37bb166871a0c558a82044ad5e45df345c3e22be0adce68175c55e8514c68ad3b23409d965ec0a2cd7318473a1b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 01ea864557f1599af19db1a7b535a1a4
SHA1 5f460a5968f54c5bcd2a3e0130b4a1a3db55d28b
SHA256 bf82b6fe472f84c2fa10251a1c69886234c911c4fa8a6d670f571d7b8ef7226a
SHA512 9c6d05be900813f7c586759e48dd43ac6a9986eab46a3f31a17165595fb99f2962d5f948de23ac96a2f4993c9cb395edf036a392a92df2d6d45d28ec0fb2e9c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b9984325065f64a538483f4cdb4d3cb7
SHA1 481f8473f29de1778c9012b5ca2a037e5587bf5e
SHA256 cf331d1db6ed2811dc2cd2a092a11873a97b92e2c1acee0696e6bc87b10e53b9
SHA512 1ce89962d088f5b8868f9a4daf68520d16608a3495ef0f8f7ed25f0351bb646930d4a616598d2e6d8107c99d14fdb95f6c5b01bd2c7dc98f8c5b23add52706dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_freecoleg.site_0.indexeddb.leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\index.txt

MD5 1603ab6cb41292688e6cec22a72315de
SHA1 0ce38881f803f9c383238d1e8742f44c583e7af4
SHA256 d49c5aa4f196bcd0e181992fc8dedc814d1a619650ccb19d3e0d16749d5ecfa3
SHA512 9d4cf852510fa28caa8f49e475b79ee9dffefb32bf8c1a59318c1cf2709c73126d0c9ef0ecb20169c29d1ff5207ab7d72897464b3b71f64ac8576741cdb24ef3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\index.txt~RFe57bb22.TMP

MD5 089bd438f23119901ffe36003d6eea39
SHA1 c1e81342cd82c7220fb2954887b4d272ff8ee4e9
SHA256 f8458d23e521f4b71dbc855c731ef0bbc902d257277264686ffcf9eb256114d8
SHA512 64bbe3ea430dea42bc13b3945dab6d7d0041092018311506139aa46f2b3383a3d576425f53d23c7d4f662986ea8ce6ea7cac685d08413f8da3e66d37a7203715

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\index.txt

MD5 b3e8cc89a95078167475ed33b34aeeaa
SHA1 d053646dad5c0ccb529374109be93d49ddd36882
SHA256 de8b1cb46af1ebbaec33bf2b60ddde81303587af4826356d7da7b093fe85e849
SHA512 194f1c59778104f3f201a93d75dd8d0a0ef278330479baa3a6628ee106a06e6061ef2e4bbe798d3c5b2ecb1d150a7ea6caa04837a503e517e8bfb980704c0395

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\6b11ca6b-78a3-41e2-a6a3-c79f3f2e800f\832ec4e50d222bcc_0

MD5 5de54e2d24161a7dc848658ec5c2a915
SHA1 710bcce0862b78ed7f69f83e6f817a13ac04c2ef
SHA256 1beb485b4bc1fe644daafe12e79e63a158ebaa1c82123ae54f19577f7f285f7f
SHA512 6975b4a1f486f7b08d5b820dbf49e28ceea6081a4660bec99da2c783f359888d13014e6888351ebe8f0f199340e98d55ba0ef04f1efdbc6bade05c8aa3ba804a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\6b11ca6b-78a3-41e2-a6a3-c79f3f2e800f\4692d70ac748dddb_0

MD5 ac1445414634311a1025b5c40c8799aa
SHA1 84f0b412ec0d58dead86aa1fca939e7a294a099f
SHA256 4e758331ec5b6426477f8503ff11ac9de999374c6d3512487b13125ba05fcd4d
SHA512 53780f4b2a3d95c0c8206d948f3f9dea3570cc018ebcc3350ceec14c2d194513681b32f613b0bfc08599ac37691b74a9ded8d31f7b81d48679753d872e98fbde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bc22a05e5e4983e327cc9b8e2f8855cd
SHA1 17f1c66e6f060ab7477a1cf7eb86a0cf986a2318
SHA256 46a69794fe64ef5581a66e674151672269f1415278f6e802f9018ad57019a59a
SHA512 58505a7c99a227d4e6f064840ae70a9c557ceb2decb2fdea13c1d9593684c783e3dff512819452f29b9d4f7a6f9267fd8b080da1216a0ad4d9a7e5866f20ac0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5808e4.TMP

MD5 222d67531744b809d79ca1976e800793
SHA1 277a1315efbcbd250444aaf4d1e9cb6c95c99779
SHA256 e530d5d4b32156f7d947faabb6ccd946e1f07f42a43c46c18f754447454ee501
SHA512 5f33cb6dcd96a4567dfa258c5510d4e79b4e546a073d577890d3b53848ea06bafe2a02aedb68e7739eb4acc359bf8de26f6a7ed7fc828c1a141f1d95027b0c30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 4f851e263141e980630a8590f3506b66
SHA1 0deaa0306f530a3424daaf994db6f785f23b61e4
SHA256 4e64d96124b390cd2d675f27d1b0c41774f8ec4feeae2fcc216bce379d3fa835
SHA512 da3f48f9b035a84f22cb631f3988d8dcc2aabae94d09317c92c6b3be07114fa673510be1b6482b4022340896f495a99e17654ae57f07ea87ee613d65c545f8ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1598829800565cd9d063d5be675f1e91
SHA1 f238cc53d3cfd2e34fc9bccab8b706b41b106a0f
SHA256 f5f91382ea73a240bd2fe36d33ce10bc88b81ca29f628a40b8b878bec3077dd3
SHA512 2d1aa820d00936d43acb19fe52b4cd0f2426bfa94b1b90bf6432cb495ea243362b56b349d264a97e99af30aa54ccb7278ef72c44c0a9d28d2ae705d24cc39c34

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 cdcb616ba2c563c7d48982e9845c6e01
SHA1 79ee893adb6a27de4cef7531e4be94cdcb77f1b7
SHA256 2339e5c0ba53811a2ebfbfefe0b14faf39663dd9b8c8354b2ac29bac5efbf60e
SHA512 0091d79fe4751a0fa7062c293af7955a87019d5b1db210c1ef1291de362ee156f9951eb27f433f3f9aa2dcda03751b8eb2e130d81e3414ff97408f7bb5506aea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\6b11ca6b-78a3-41e2-a6a3-c79f3f2e800f\index-dir\the-real-index

MD5 9d5b8ecbdeb8a2e334a37e81298631dc
SHA1 dbe9b47fdd5beb781dbf041d3ffb9b6f21f9163a
SHA256 5e0f1171ee4d40d1c2265fa202442e529c8a1d12904bbf89a2f82cb6960d3dbb
SHA512 8e95628305d3a467caa35fcae74109a285ab3b51e6a3c3e664794a8189227550dd4058cdd82fbee8224dd306a78cb9624bae586732faa2874c43c0ee6c0809f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\6b11ca6b-78a3-41e2-a6a3-c79f3f2e800f\index-dir\the-real-index~RFe582b60.TMP

MD5 2f9b3a48fb09c0ac3ce0db7cb749914e
SHA1 b1dec7f0d6558168b2326353ae4a7074e6a681bd
SHA256 847bd43eb11cfde1d9e94f0f73517f70dc15a8faa29dddbd841228005f6d23a5
SHA512 dac0c16426e36d831a4e7efce411be4bd311eb70ed077061c6b83f4e6f3c884e63e7dcd885099cb04b1ffd105a36a1510a183f7734f159c35b5bf304f842c3f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\index.txt

MD5 1618e6a3ecfea690f47ac96942b7d041
SHA1 51f6ed39c767507079da215f6b75f10ffacf5fff
SHA256 3e64607a672491ed630ff0d3ef8b72127fbb4358e4bf8f2608db007887b02b95
SHA512 3e9349791b4375852189a57e11094c47d047de7bea2930c9fab036b83095d053ea808dcac7640152e44b0d2b95c91627616fe869dbc92e4eb1df8f6ae0d513bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8a6c2a0f67439c11816a6037ebbd44ba
SHA1 569ef286c391e0e5523bfa72665303dc078143e9
SHA256 8dc3b1038cd873348a9555c8ec3c399efd06fd7501197b6fca6276079a9693ee
SHA512 c92cb378114cced80bc2601b11d134f1a77ea949ae2e1bf7f2d237339a0b2b997e142a9f9ad9ef40783e8a85d2938f00d13b348de76a6cf84addc9e470588062

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6cf5e199f76b547111e3329620314e1f
SHA1 54ad2665626d2d0db8349fba93760f014db914de
SHA256 db700c17530e79211ea3a2755bbb52e8734a62e654b6d7e42cdf2c83f7a14312
SHA512 bbe750ab0c9beeb8f09dea7a2849f37f9f3ccc7ca5dff47c7261e3506fc2fed4153a9da643a50c5a4aac3691ef3d3fbd29e74cc9cb0d73d26095b5ed63aef589

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\index.txt

MD5 be6d59f9d1420aa0a8a2d3cb8ac92e48
SHA1 d70e8274fd453b8054c90e31601899a4af05ce2e
SHA256 8506544868a2ffdebd6402fdde7c074bb3dae4086e99fb0eae4f30a6d4e284b5
SHA512 e010e9bfb9f7c739aa51259a6c84e09d06b620565aeb155b3d4326768fb56f788d856a4fdc704d8117d446a2c78aeba6ee7772ab824bbf23edbd831f22567536

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\index.txt

MD5 a020cb4c36737ae18ddc18431681c6f4
SHA1 f23a87b0fcd8ff316841fbe277a2d64489100fc0
SHA256 69efcc7a2a8dcfaf108095ef32ad6d048d34ce79abc61b04194abfae9221656a
SHA512 230c2e554154beaf949eb9ca25394804aef101162380cbf33357d5c586d1e170b06f7e8cb7769d56ba3b9060af34a075dd7273765665ce911bdf78084bbb8241

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e308e3e9cfcc8ddefd3a4df8c0d8cb4
SHA1 3628910fb44c9ee3702414c89626195dd26ba62d
SHA256 2c0a32b1d10a238f0709e78378945e6bf8b52f3390295e41b025f7e3c2c4d35b
SHA512 c8d571c096a35d5358132cd0916aef7bc5fe421469758343edcb8681ede0f5cb3b2747b134ff691bcbf720fb0d601fa60186a9f9d975b09b6b1ab5807228a7c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 33d1bfdb0ce60dd00e8e8c1731542461
SHA1 44b35cd981db4c1577a987ac38ccb4b988b30400
SHA256 892530448895b20c5c44cae41dbde9c99955afbff0092bf3e4cf64eb77adc260
SHA512 42db16e92c570d372e826e2e7b5b754e88cd6257dc05bd7827f714c7570df379c703e3a6341fef9c3d5ce399adac5a09b3f9aa4fe32f259b1a0d67bcf1323b25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe593aae.TMP

MD5 7285ea674287812a5be79f9da7e13943
SHA1 ef069361d76e62400ac2470085a3bba768d609b0
SHA256 5cb70d67a789dd3aa1b03dca019496f82b81fc53d82fe59cb5e33e4a11f91129
SHA512 03c33a1bde7d085adf201f683a083281e282af4ef3f1a6002a600c7384a786dc948a30d5506d0e24e67e5e568faa7eadabfdf69bfe3ca67ad9a0ea8434b49da6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 9b09fdf4f6e57b09020c764681c21517
SHA1 7feff783ecc14d81bfbefa4a5d311ea175f5be9d
SHA256 9ac0afecfc21d308fe9aa6e065ac1d63fe2247eaa50b3b61130d60ca3fb2864b
SHA512 10da6eab80fb8727948dd8bd69fcd380ea1e6a7589b2346483b61278967ba31aa7721d80145015331a42fc7c0ec8fd6fdac3471742703fbfc57140f314fdc971

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\index.txt

MD5 a986f0859ed0536f2bd7e692f7b30603
SHA1 d030009dbb647a7700ad15aae9dc9d0661d4d42f
SHA256 998e71037ac7027175b66ce20b8d76766e05eca588e340cdf3ffb8b8c72716cf
SHA512 a358c983aa009f98809276ea44204e65a943951544dcec5289b8673c2ec2af7fa551e65b6a0fa696248254ee3cb68c3d3949f4a1afadb45df41bce617d4d7a33

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\74989de41ee8362592c7bccf8cbda138283600c9\a41ab738-c216-45bf-b866-a459004bacba\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8c830b32c6a2e9c2_0

MD5 04883bef9eb87854d70c1888136f1efd
SHA1 46240d481cf1ae75888b65152d00b8d32ab94b2e
SHA256 06c9305e00d0b14456d2525a266e05c9c5aa08bbf5420b6e992809d40d88edb7
SHA512 150727a1bb9cefb5436a451f87dc8e5478afaea207bade4da0bf8b1a7f9a6acae38646f71b3b87e69080fe5ae23dbd3131176fc785df0df57416753870809695

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

MD5 5658a17f5c0f82cc5f9bbaf8aebe5ea5
SHA1 ea1b1af70d8a6584dbcf23fac37ddf171889bff7
SHA256 2d2b4f3d955b91611a16e6db8819efe4d002710a40e2c8cb5b51b7c5d3cdf6af
SHA512 cbe5e5825eb35062ff87599215305edd5902c21e629257e3f6363cee1a56f228238b65d62190ece0b3da7eba89a3ef65fdcf8dc832a6c173a542202a61491455