Analysis Overview
SHA256
3203d4e4c83c28e405e23523d7075cf0c89be92579dc4cc3bbd6846136bd6b2e
Threat Level: Likely benign
The file Dominios SPAM.txt was found to be: Likely benign.
Malicious Activity Summary
Drops file in Windows directory
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-05-31 15:47
Signatures
Analysis: behavioral2
Detonation Overview
Submitted
2024-05-31 15:47
Reported
2024-05-31 15:53
Platform
win10v2004-20240226-en
Max time kernel
303s
Max time network
305s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133616441454382226" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE "C:\Users\Admin\AppData\Local\Temp\Dominios SPAM.txt"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=4092 --field-trial-handle=2744,i,16362475727591565961,3676688664819797550,262144 --variations-seed-version /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff82d7d9758,0x7ff82d7d9768,0x7ff82d7d9778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 --field-trial-handle=2004,i,13843051845436303829,16195083071152774299,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1940 --field-trial-handle=2004,i,13843051845436303829,16195083071152774299,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2292 --field-trial-handle=2004,i,13843051845436303829,16195083071152774299,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3252 --field-trial-handle=2004,i,13843051845436303829,16195083071152774299,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3272 --field-trial-handle=2004,i,13843051845436303829,16195083071152774299,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4704 --field-trial-handle=2004,i,13843051845436303829,16195083071152774299,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4820 --field-trial-handle=2004,i,13843051845436303829,16195083071152774299,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4940 --field-trial-handle=2004,i,13843051845436303829,16195083071152774299,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5168 --field-trial-handle=2004,i,13843051845436303829,16195083071152774299,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5280 --field-trial-handle=2004,i,13843051845436303829,16195083071152774299,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5608 --field-trial-handle=2004,i,13843051845436303829,16195083071152774299,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4896 --field-trial-handle=2004,i,13843051845436303829,16195083071152774299,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2660 --field-trial-handle=2004,i,13843051845436303829,16195083071152774299,131072 /prefetch:2
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 152.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.211.185.52.in-addr.arpa | udp |
| GB | 172.217.169.74:443 | tcp | |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 13.107.253.64:443 | tcp | |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 28.118.140.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 183.142.211.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | nam10.safelinks.protection.outlook.com | udp |
| US | 104.47.55.28:443 | nam10.safelinks.protection.outlook.com | tcp |
| US | 104.47.55.28:443 | nam10.safelinks.protection.outlook.com | tcp |
| US | 104.47.55.28:443 | nam10.safelinks.protection.outlook.com | tcp |
| US | 8.8.8.8:53 | 28.55.47.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | docdro.id | udp |
| DE | 54.37.79.95:443 | docdro.id | tcp |
| US | 8.8.8.8:53 | www.docdroid.com | udp |
| DE | 54.37.79.95:443 | www.docdroid.com | tcp |
| DE | 54.37.79.95:443 | www.docdroid.com | udp |
| US | 8.8.8.8:53 | s.lunaweb.cloud | udp |
| DE | 141.95.74.118:443 | s.lunaweb.cloud | tcp |
| US | 8.8.8.8:53 | 95.79.37.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 118.74.95.141.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.212.234:443 | content-autofill.googleapis.com | tcp |
| DE | 141.95.74.118:443 | s.lunaweb.cloud | tcp |
| US | 8.8.8.8:53 | 234.212.58.216.in-addr.arpa | udp |
| GB | 216.58.212.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | google.com | udp |
| GB | 142.250.178.14:443 | google.com | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 192.178.49.163:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | 14.178.250.142.in-addr.arpa | udp |
| US | 192.178.49.163:443 | beacons.gvt2.com | udp |
| US | 8.8.8.8:53 | 163.49.178.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.117.168.52.in-addr.arpa | udp |
Files
\??\pipe\crashpad_3104_CHBUZOCULMWZWONS
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 17edd9eca04635efe804315b8c46d839 |
| SHA1 | 236f7befc5f6fc2e9b977207399e5317f1db0c5b |
| SHA256 | 39cf694bf3b0adfc9715473af6392b477444754770e236f2ed9f4084807dd283 |
| SHA512 | 0a0b7134288b237b9e245a81c4ca42b9a102906e9cf9bf32aa562da5c47c49c7348f9007e40e566dd1010585180d0b7794d609a8410401ce7119c5de5156cb43 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0690854c0c5cce5033b52bc352455efa |
| SHA1 | e11cbac061e437e40f2ac00032ad4b7bd462f2a7 |
| SHA256 | f46088852ea8a55f739f0687ae87e95e4a13bb8d453c94fbe0e62949401ba849 |
| SHA512 | f246eed0c979a994baf65eda28330b8e4c47baa59133fa9d25d1cce782c9619e9d0d858170d62c51bbe15ef8fa6373b99d14f69cf2ed790974d95a8febc6a9e5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a9f4bc92a69fdf2bf05127aedee396aa |
| SHA1 | e48a6c9e5391685e8fe37564e7ca42c4ddb11e52 |
| SHA256 | 05d51cd63d31751e939dad53da7a5620090b4f0bfc4063e23cf6f63c0d41886e |
| SHA512 | 404a733829914eb0dcafa0248e611bb77877209ee242c146f3ee3d0d9e4b1ae214f8872966ed4d4f1e31d660882b18189b7d866d84cd6308a19db17e70284822 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 543b4092ae9e987c76a97d5bd24ad319 |
| SHA1 | 8addbb560814df2068fb74c5d83ef2b0a6993139 |
| SHA256 | 79c28418f760adfbbad7189169f64f1ca47d689c1b0aa158ac4b2aa331b3b467 |
| SHA512 | 0142eb68cda9d8ebb93393071d0bea97d6ddf10dbcc7c7e7717dac2163b986650120ba1c8716b7a7cf86c0a5552fd2da44d7bddb8699b7a1dfe169e5e03d1594 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d09cc872023e557dca3d052ac7bcf190 |
| SHA1 | d68f4204234eb9bab80857c89ac48e9fbc64f3c7 |
| SHA256 | 794dfddba25bbb9766e3ceaab4a08d733d31591e741f6128f20bcd80fda96c3d |
| SHA512 | 8a6e3fffdbe645e70e6c81a979e2efb799b01967c382963838caa771a0a9ec00c76ed2fa7e2c63753a64d440654edde661d3bfeb5b91f162a0aab86d90172973 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 17f7d23190f9833fdf9602d9c9324ba8 |
| SHA1 | 18610490008551e7dbd073fbb083383a3d795dbc |
| SHA256 | 1321e6b85bb6de5a6b70b3df95692a9002282f7d5e2245e0ece7407e9ed27a00 |
| SHA512 | f2d1d84a87c523945e5fc563d2b41710b5753919f1322276b2a71eeacddd7665cc3cf669f2996f7eacbafe747815402361608b54f46560ac1e602976e794e9a1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bcad883874369e2cbd56c884de6762ee |
| SHA1 | 3c87c3da9603995157bd0c9221ecf66df70dd61c |
| SHA256 | 2d713174dc42cdfc1723129e833cb34726ce2d2a1a5e73ba6ea65ed925e13671 |
| SHA512 | 819728100578d91752b6de1e9f271ba2d6e89d9d4bc29fef78e6a1a2fa89295a951661c86c6e1ff55af02cbb5f43955301f8a27ade3dd60013d42098685159fd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d904a25b9c63f257b8ddb24f78304aeb |
| SHA1 | bacbe182ca9499227e4ee2a0a0708d22f32c701a |
| SHA256 | cc346816447ea74a140a8e6ee2c1b88126d15f817780c3a67b57a2c9b252cf33 |
| SHA512 | 618d1d94b4abe6a1066c5aea129ae0e003f8028797260575afcc098a3d0a792db5808d91e8f7e846d034f60011e12e7d47e2af15cf31b0c197a0e139b57ed9ce |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\1eff44bd-af9b-4ecb-9e1f-62aad4629c75.tmp
| MD5 | bf613cf13245af1df2565b7a3dc56833 |
| SHA1 | 6f0d70aec309ff93e2bb2009387abf797bdbfe15 |
| SHA256 | 38583492390f126ad2e4893d6f751a17f30e875d59cdfe3ca65ab17dd789c850 |
| SHA512 | b30e7c9a0aac2871baf400c96c743ade0d51c0586cf048bd5de738e9c209ed8af6a4a516e112dcd3a2325a1421e1132e22a1559cc6e1e8c90650a12d939cb06c |
Analysis: behavioral1
Detonation Overview
Submitted
2024-05-31 15:47
Reported
2024-05-31 15:53
Platform
win7-20240221-en
Max time kernel
103s
Max time network
305s
Command Line
Signatures
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | \??\c:\windows\installer\{ac76ba86-7ad7-1033-7b44-a90000000001}\pdffile_8.ico | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Uses Task Scheduler COM API
Uses Volume Shadow Copy WMI provider
Uses Volume Shadow Copy service COM API
Processes
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE "C:\Users\Admin\AppData\Local\Temp\Dominios SPAM.txt"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef7129758,0x7fef7129768,0x7fef7129778
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1156 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1520 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1420 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2260 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2268 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1676 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=1392 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3444 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3580 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3664 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4000 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3016 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=1040 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2720 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=2496 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2744 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --pdf-renderer --disable-gpu-compositing --lang=en-US --js-flags=--jitless --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3660 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4212 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=3876 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3824 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=2736 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=1040 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=2284 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=584 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1148 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4388 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4436 --field-trial-handle=1184,i,7582026313368908634,912460812575170062,131072 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | nam10.safelinks.protection.outlook.com | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| US | 104.47.58.28:443 | nam10.safelinks.protection.outlook.com | tcp |
| US | 104.47.58.28:443 | nam10.safelinks.protection.outlook.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | docdro.id | udp |
| DE | 54.37.79.95:443 | docdro.id | tcp |
| US | 8.8.8.8:53 | www.docdroid.com | udp |
| DE | 54.37.79.95:443 | www.docdroid.com | tcp |
| DE | 54.37.79.95:443 | www.docdroid.com | udp |
| US | 8.8.8.8:53 | s.lunaweb.cloud | udp |
| DE | 141.95.74.118:443 | s.lunaweb.cloud | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | tcp |
| DE | 141.95.74.118:443 | s.lunaweb.cloud | tcp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | www.succoksa.com | udp |
| SA | 212.76.85.75:443 | www.succoksa.com | tcp |
| SA | 212.76.85.75:443 | www.succoksa.com | tcp |
| SA | 212.76.85.75:443 | www.succoksa.com | tcp |
| US | 8.8.8.8:53 | edocu.mudanrc.com | udp |
| US | 172.67.184.123:443 | edocu.mudanrc.com | tcp |
| US | 172.67.184.123:443 | edocu.mudanrc.com | tcp |
| US | 8.8.8.8:53 | code.jquery.com | udp |
| US | 8.8.8.8:53 | challenges.cloudflare.com | udp |
| US | 172.67.184.123:443 | edocu.mudanrc.com | udp |
| US | 151.101.2.137:443 | code.jquery.com | tcp |
| US | 104.17.3.184:443 | challenges.cloudflare.com | tcp |
| US | 104.17.3.184:443 | challenges.cloudflare.com | udp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | a.nel.cloudflare.com | udp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | tcp |
| US | 35.190.80.1:443 | a.nel.cloudflare.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.179.227:443 | id.google.com | tcp |
| GB | 216.58.212.202:443 | content-autofill.googleapis.com | udp |
Files
\??\pipe\crashpad_2688_EKHZRMHQZICJHSYQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000007.dbtmp
| MD5 | 18e723571b00fb1694a3bad6c78e4054 |
| SHA1 | afcc0ef32d46fe59e0483f9a3c891d3034d12f32 |
| SHA256 | 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa |
| SHA512 | 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 33a6f207b7d1d7d4affd045b94c9bfc1 |
| SHA1 | 9fc8d54f11323ceb23b36afafb80ef79dd138a0b |
| SHA256 | 33ddf3c41f9b74dc160e6ff8319b55eb1fa8e929c2b30c4cb5dc12f616e0943c |
| SHA512 | 917e0427261d536e5cada7e66922a04b9c71260ee0f24e37089412f4e2731b7b22e1a741f5e6d92780127fe452c4657d1bf71523a5d96056c8495b030809fcc8 |
C:\Users\Admin\Downloads\56219gFDO.pdf
| MD5 | db1f910590626bdd372321f88ac9968e |
| SHA1 | d220013570f834afa084a8cb21a39115d41b5e57 |
| SHA256 | 9610beb5716bc03620bfb283d2f41bc0bc262f7af30ac477c8ecf559bda863e5 |
| SHA512 | d6e7b39e2dfba1ae61f31ef3334657a47cebbf6ed3863c33510c47bb87f7ec21c5aad6d7685cda35a641f2bb75f3b266c8e27fe20bf765c46b4b38b5bb6671b0 |
C:\Users\Admin\AppData\Local\Temp\CabEABE.tmp
| MD5 | ac05d27423a85adc1622c714f2cb6184 |
| SHA1 | b0fe2b1abddb97837ea0195be70ab2ff14d43198 |
| SHA256 | c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d |
| SHA512 | 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015
| MD5 | 49aebf8cbd62d92ac215b2923fb1b9f5 |
| SHA1 | 1723be06719828dda65ad804298d0431f6aff976 |
| SHA256 | b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f |
| SHA512 | bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b |
C:\Users\Admin\AppData\Local\Temp\TarECA9.tmp
| MD5 | 4ea6026cf93ec6338144661bf1202cd1 |
| SHA1 | a1dec9044f750ad887935a01430bf49322fbdcb7 |
| SHA256 | 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8 |
| SHA512 | 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | 93d2abe3ec835bfe321a561f8bb9cccc |
| SHA1 | 039de6fe37572fe2df61e13f00cdd97c20906318 |
| SHA256 | 3654b01971885fbd36126c1070b123a1942011ce82bb1e0b44eb9fa882a71b40 |
| SHA512 | 4f44d09ba0a86afd285257d9ed8dd89fe7197ef06c66cc551b724b16d43caf4f31553736f6f941ffcb5b09fcd3388eb05c75ca5c98ab7164669ebbc1eaee7437 |
C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
| MD5 | d7767b08327368aee8c586dd3caff7d1 |
| SHA1 | 347f2c839ccd5d56d6b239a4e5213d5ee540c2c3 |
| SHA256 | 8ba2c374e1b8eae12df998e98f549f6030684a090d30bfccd351457a79fbf9bb |
| SHA512 | 210c13ca1a85ef9b3a05226b38d99a5c62713e0fd7791be39468a4c86d20b54b9852eab898722a476900c7a591619ba973347c35b8c51f04df9b28008dc85a65 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | df8d0ef556a0807115dadd6e1bb0bc45 |
| SHA1 | 1a36549f7194da8bb880dc512a0aa6765aa02cee |
| SHA256 | 3a48a44e2caa3753b514b92115740c82da2282797ae52114593edafcc3fb9c78 |
| SHA512 | f546c6097429658c7f43ff2e7a691fb54f73457fc479e6d4753c261a53b7b8484b55942d7117024aeba89091b3e2950c0503be566b576dc9afd22f424805ebca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 73e460a201e6375911fe2e157c66858d |
| SHA1 | 18a0def91b65ff0ad1b57a43bc46a5dc7ad8c3bd |
| SHA256 | a4ba4156b2db9a08c6af5a739d30797a554c382f45882f1baad4ad4b1093e91d |
| SHA512 | e063a7e3669623dcb33e782d2413a95a941570a6f168ce118519930c5fe6f0daec801e77fd07a0df4910b19bd32c02310996081e3a42f1b07fce21e52d40fdd2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 30da39cb90270f4761ecba713f614bf4 |
| SHA1 | 45d6e88cddd1aa32f117f00fbb1f641f12348581 |
| SHA256 | 5c8e6790f307a57068fdf1c104c1a67efd31a431c521ff0bca176476e10d4706 |
| SHA512 | 074988176f276167f8212db46e7015bd67a9e2dcba767fa605c96fdf1e5eef4b0fff9764529217468772c3f05200005765d0e212a94ee718f642ec0883f36dcc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\0e0ec312-0f4b-4b34-97f6-05e85b726f71.tmp
| MD5 | 0fb6128d959435fa8ef45c9407702f17 |
| SHA1 | 83a278d12de17ee38b914d6fb79ac16009d349d0 |
| SHA256 | 5ab1a565684cfc56c37a667556c03793cbb50597721f7464eb5ae41f97278f66 |
| SHA512 | 8b1f372a69b30d7900f137c5e7bc4f4c7fbb730226853aa80d46e29e50bbb413d868e2df474ae3b272e68c1a62f9a756a8c8cd7b0f8552d5f88aec3a003be6e6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e1756ce5bd039ab3d0672d5669e0b333 |
| SHA1 | 88c4c0da216db1d412c929265b731859b1210f2e |
| SHA256 | 54262dfa4ade20685bc017118997fd46e4be92458e8e409a54da2659906b1be8 |
| SHA512 | 55a5483de28bfec5bd9ae731d0aa1514f57744cb9e31cfe77f2edd633b5245dfaba7a93dce4f0b01cef129008d510efbcaa7b39534b3e75e0a569dd40559a3a1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 93d85b318baf538d7261ad4eb88e10dc |
| SHA1 | f47f0f9b80b77cf136dcbcb3cdb3ecdd8b1c232c |
| SHA256 | 7a8fb6aa5bf567b9a5554a9a29965b592260e46cb4d5942bc2cc7703987e05fe |
| SHA512 | 681dbeaa70828ce339bc0eafc64a941da895bae8fbdbd04d407304b22b4026b42a641477318e4f97d8edb54118a369c08b57766f231b6070c0fe239197dd9bfb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 5ed2303def7a9476df64149ec664fdb1 |
| SHA1 | 72380bad033fdf063d37917ab611bd75f3dfbb23 |
| SHA256 | 88e955e9033ffef1631c490de2a78572f7ef9b65ca67e570e063df7e35c5525a |
| SHA512 | d3c8721104fe26496cd2c3be3f366aaf7cd81379b135edbc52021744292c6e094f5c786979a2316ba01d0d956e7359df2758ff63b6673559663dd56b8f5d57c5 |