Malware Analysis Report

2025-01-06 09:01

Sample ID 240601-fbyxxsac4v
Target image (1).gif
SHA256 4d7dd9901d31ad20ae67708f32f2ac093325ec90eaccb2217bb6dc51b918196c
Tags
evasion trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

SHA256

4d7dd9901d31ad20ae67708f32f2ac093325ec90eaccb2217bb6dc51b918196c

Threat Level: Likely malicious

The file image (1).gif was found to be: Likely malicious.

Malicious Activity Summary

evasion trojan

Downloads MZ/PE file

Checks computer location settings

Executes dropped EXE

Loads dropped DLL

Checks whether UAC is enabled

Enumerates physical storage devices

Checks processor information in registry

Modifies data under HKEY_USERS

Uses Task Scheduler COM API

Uses Volume Shadow Copy WMI provider

Enumerates system info in registry

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Suspicious use of SetWindowsHookEx

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Uses Volume Shadow Copy service COM API

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-01 04:42

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-01 04:42

Reported

2024-06-01 05:13

Platform

win7-20240221-en

Max time kernel

1563s

Max time network

1565s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\image (1).gif

Signatures

Downloads MZ/PE file

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\tor-browser-windows-x86_64-portable-13.0.15.exe N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Downloads\tor-browser-windows-x86_64-portable-13.0.15.exe N/A
N/A N/A C:\Users\Admin\Downloads\tor-browser-windows-x86_64-portable-13.0.15.exe N/A
N/A N/A C:\Users\Admin\Downloads\tor-browser-windows-x86_64-portable-13.0.15.exe N/A
N/A N/A C:\Users\Admin\Downloads\tor-browser-windows-x86_64-portable-13.0.15.exe N/A
N/A N/A C:\Users\Admin\Downloads\tor-browser-windows-x86_64-portable-13.0.15.exe N/A
N/A N/A N/A N/A
N/A N/A C:\Users\Admin\Downloads\tor-browser-windows-x86_64-portable-13.0.15.exe N/A
N/A N/A C:\Users\Admin\Downloads\tor-browser-windows-x86_64-portable-13.0.15.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\CurrentPatchLevel C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f44471a0359723fa74489c55595fe6b30ee0000 C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1 C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000007800000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 200000001a00eebbfe230000100090e24d373f126545916439c4925e467b00000000 C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\NodeSlot = "1" C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\SniffedFolderType = "Generic" C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_Classes\Local Settings C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = ffffffff C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\KnownFolderDerivedFolderType = "{57807898-8C4F-4462-BB63-71042380B109}" C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2297530677-1229052932-2803917579-1000_CLASSES\Local Settings\Software\Microsoft\Windows\Shell C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A
N/A N/A C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2164 wrote to memory of 2172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2484 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2164 wrote to memory of 2588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Uses Volume Shadow Copy WMI provider

ransomware

Uses Volume Shadow Copy service COM API

ransomware

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\image (1).gif

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef72a9758,0x7fef72a9768,0x7fef72a9778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1144 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1508 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1536 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2268 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2280 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1388 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2932 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3136 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=3304 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3772 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3860 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=2956 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2492 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=2740 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3752 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=1676 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4084 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4188 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4308 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4220 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=2688 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=1720 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=2540 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=2748 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=2564 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=2604 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3400 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4596 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=4724 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=4876 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5048 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=5188 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=5272 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=5344 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=3860 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=2456 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=3192 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=4700 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=3928 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=5136 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4404 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4276 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4188 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=2512 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=5412 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=4088 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4388 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3208 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=4280 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=2620 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=1072 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1380 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5192 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=3024 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=2548 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=3372 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1064 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4516 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4320 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4024 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2484 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4016 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Users\Admin\Downloads\tor-browser-windows-x86_64-portable-13.0.15.exe

"C:\Users\Admin\Downloads\tor-browser-windows-x86_64-portable-13.0.15.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4100 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=65 --mojo-platform-channel-handle=5100 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=684 --field-trial-handle=1184,i,10247771613656740946,16237432325516142825,131072 /prefetch:1

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe"

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe"

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.0.1433757574\2021299970" -parentBuildID 20240510150000 -prefsHandle 1744 -prefMapHandle 1724 -prefsLen 19248 -prefMapSize 243824 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {cda07ef9-8d12-430d-9070-7732c0c21573} 3132 gpu

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.1.1997822682\1578094653" -childID 1 -isForBrowser -prefsHandle 2068 -prefMapHandle 2096 -prefsLen 20126 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {5f71e810-ca77-4b14-b1de-9ba494fe8194} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Tor\tor.exe" --defaults-torrc "C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\torrc-defaults" -f "C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\torrc" DataDirectory "C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor" ClientOnionAuthDir "C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\onion-auth" GeoIPFile "C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\geoip" GeoIPv6File "C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\geoip6" +__ControlPort 127.0.0.1:9151 HashedControlPassword 16:cde5d8aa63185b41601268f9ef51dbed0ce34508b8f34ffd1e4a18eead +__SocksPort "127.0.0.1:9150 ExtendedErrors IPv6Traffic PreferIPv6 KeepAliveIsolateSOCKSAuth" __OwningControllerProcess 3132 DisableNetwork 1

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.2.428534838\863941306" -childID 2 -isForBrowser -prefsHandle 1216 -prefMapHandle 1244 -prefsLen 20944 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {0ef811fa-76f1-4bfa-a89c-c748b4f417cb} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.3.1399092409\1224848393" -childID 3 -isForBrowser -prefsHandle 2576 -prefMapHandle 2596 -prefsLen 21021 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {2eec7017-a405-4a3f-9bae-6c20cc68cf84} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.4.885771432\1107634322" -parentBuildID 20240510150000 -prefsHandle 2416 -prefMapHandle 960 -prefsLen 21265 -prefMapSize 243824 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {2b8a3dc2-2954-4bc1-bf68-fda775974cdf} 3132 rdd

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.5.1542961139\1774293487" -childID 4 -isForBrowser -prefsHandle 2072 -prefMapHandle 2280 -prefsLen 21244 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {41ebd550-0426-4bff-bcab-359e5aae52c7} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.6.657830562\1114113332" -childID 5 -isForBrowser -prefsHandle 2244 -prefMapHandle 2884 -prefsLen 21244 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {aed4c138-b4b6-4839-8250-03c0de7b3282} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.7.692759930\576306404" -childID 6 -isForBrowser -prefsHandle 3168 -prefMapHandle 3176 -prefsLen 22422 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {aa6afc17-5b28-4f25-910a-486b91bb9d53} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.8.1034964504\42927514" -childID 7 -isForBrowser -prefsHandle 3436 -prefMapHandle 1572 -prefsLen 23049 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {0fda7435-d287-4ddb-8ab9-d72079cbcaf2} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.9.871914504\343474692" -childID 8 -isForBrowser -prefsHandle 3536 -prefMapHandle 3784 -prefsLen 23086 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {e8888cfb-bc62-4f3a-9631-d6ccecf8f7f6} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.10.843032065\1219291870" -childID 9 -isForBrowser -prefsHandle 3960 -prefMapHandle 3976 -prefsLen 23086 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {75f6c78d-2b2f-459c-ae25-45dbab4ed8f0} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.11.2048110370\69647251" -childID 10 -isForBrowser -prefsHandle 8072 -prefMapHandle 8076 -prefsLen 23086 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {a60b981c-7236-4f79-8015-bf81484f952b} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.12.827991934\690559815" -childID 11 -isForBrowser -prefsHandle 3080 -prefMapHandle 3092 -prefsLen 23086 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {df4c6528-964d-4735-90fe-9cf8698117fc} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.13.810141051\330762300" -childID 12 -isForBrowser -prefsHandle 8076 -prefMapHandle 7928 -prefsLen 23619 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {6da60e38-0c5f-406a-a373-4763631881e9} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.14.271508958\703860733" -childID 13 -isForBrowser -prefsHandle 3320 -prefMapHandle 3664 -prefsLen 23619 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {af805c4b-e7bd-48e1-bc8e-950f65dbd883} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.15.619935583\1002436497" -childID 14 -isForBrowser -prefsHandle 3164 -prefMapHandle 3600 -prefsLen 23619 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {6454e4a2-c00a-49e6-92f0-d1edf5144604} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.16.1670187087\1053868212" -parentBuildID 20240510150000 -sandboxingKind 1 -prefsHandle 8068 -prefMapHandle 4276 -prefsLen 25585 -prefMapSize 243824 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {d73416cb-b2a3-4baa-b75e-b804ce26c9bc} 3132 utility

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.17.170027359\1681687431" -childID 15 -isForBrowser -prefsHandle 7268 -prefMapHandle 3040 -prefsLen 23619 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {ec80c07f-fe75-4a9a-8e87-ce0568203624} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.18.1388003830\1467930642" -childID 16 -isForBrowser -prefsHandle 8120 -prefMapHandle 3956 -prefsLen 23619 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {6ee208a8-c3ad-481f-ae8b-ef24c0394f6e} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.19.1511535231\1903838082" -childID 17 -isForBrowser -prefsHandle 2912 -prefMapHandle 3520 -prefsLen 23619 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {87b6c2ad-0012-4a88-877b-8d3c149167f4} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.20.1266029285\1492463985" -childID 18 -isForBrowser -prefsHandle 3540 -prefMapHandle 3664 -prefsLen 23619 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {1db35da0-848b-4a53-b1c1-c0c20962531a} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.21.2012160304\1492994192" -childID 19 -isForBrowser -prefsHandle 3908 -prefMapHandle 1312 -prefsLen 23619 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {e95734c7-baca-4d5e-b183-80bb56c9e247} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.22.1669928155\60624139" -childID 20 -isForBrowser -prefsHandle 7380 -prefMapHandle 3248 -prefsLen 23619 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {5f0ff2fa-e25c-4cb7-b33b-fed8ca5721b7} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.23.1481511880\1585650797" -childID 21 -isForBrowser -prefsHandle 3848 -prefMapHandle 7876 -prefsLen 23619 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {4128af02-e021-4ad5-92be-99393374f223} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.24.735751692\1625198921" -childID 22 -isForBrowser -prefsHandle 1468 -prefMapHandle 7976 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {acbadc88-9db5-4c71-a063-28b885525f3b} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.25.458718084\789317729" -childID 23 -isForBrowser -prefsHandle 4080 -prefMapHandle 3636 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {d690a62d-1fa2-4dbb-85bf-fd27c6756748} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.26.871572332\1599051902" -childID 24 -isForBrowser -prefsHandle 7472 -prefMapHandle 3548 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {ef307eb2-ca79-485b-9d7b-fc53e41ad620} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.27.603664030\1974414838" -childID 25 -isForBrowser -prefsHandle 2276 -prefMapHandle 7660 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {70a31998-af96-407f-8e32-f3dba1aa9f99} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.28.21081376\1750547937" -childID 26 -isForBrowser -prefsHandle 7092 -prefMapHandle 7228 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {78b19fd0-ebe1-4b9a-95d2-e5667eead7fd} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.29.891328160\1164059244" -childID 27 -isForBrowser -prefsHandle 7992 -prefMapHandle 2948 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {9406f638-117c-4e73-be7b-33b2837c80f0} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.30.1774250043\1030613255" -childID 28 -isForBrowser -prefsHandle 8088 -prefMapHandle 7352 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {976149bf-632f-472b-bf15-983244c84315} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.31.868555449\1680985371" -childID 29 -isForBrowser -prefsHandle 8084 -prefMapHandle 3644 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {8cd2f22f-fee1-40ec-a19f-7f7e727080f1} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.32.619003964\1553007518" -childID 30 -isForBrowser -prefsHandle 4188 -prefMapHandle 7524 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {72a2fec6-9b9d-4b40-a4aa-bd14e2d049d0} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.33.262510533\468287" -childID 31 -isForBrowser -prefsHandle 3692 -prefMapHandle 3116 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {d2121ad4-9634-4141-80b4-c97105817d89} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.34.319520740\1326613127" -childID 32 -isForBrowser -prefsHandle 7932 -prefMapHandle 3816 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {e5d5458f-3f35-4c83-b31b-b963e2b78a44} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.35.1875395227\717218818" -childID 33 -isForBrowser -prefsHandle 8120 -prefMapHandle 3736 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {fd5f52e4-4666-4276-bfca-bb3301583277} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.36.697409302\57498415" -childID 34 -isForBrowser -prefsHandle 3892 -prefMapHandle 8124 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {41834969-f8c1-4488-ab51-034462e5b5fa} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.37.708598606\110961081" -childID 35 -isForBrowser -prefsHandle 7144 -prefMapHandle 4172 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {62340aa5-0a64-4a47-ba48-20d06831b24a} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.38.2093307493\1419632303" -childID 36 -isForBrowser -prefsHandle 4188 -prefMapHandle 7260 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {9b4b7874-47c3-46a2-a751-a5245a4c256f} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.39.1199938246\1313435216" -childID 37 -isForBrowser -prefsHandle 3892 -prefMapHandle 3064 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {4d863e31-c2fc-45ef-8f0d-4c0ceae58594} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.40.110600907\1692846133" -childID 38 -isForBrowser -prefsHandle 7144 -prefMapHandle 7116 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {ddc7cb18-fc26-4b3e-941f-b9d2afc6b28d} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.41.1947841738\726817908" -childID 39 -isForBrowser -prefsHandle 3088 -prefMapHandle 3188 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {37a471d6-e82b-44bc-9b4b-e98c7d073028} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.42.747983671\1488398553" -childID 40 -isForBrowser -prefsHandle 7660 -prefMapHandle 3040 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {7d26599b-da83-4b00-88c6-a4347e88ad13} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.43.570018899\1819383819" -childID 41 -isForBrowser -prefsHandle 6808 -prefMapHandle 6828 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {efb7f0bc-25d6-4623-82da-1f326552bb73} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.44.2138091662\483283906" -childID 42 -isForBrowser -prefsHandle 1232 -prefMapHandle 7184 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {46d0c1a3-f5a0-4f85-8c1e-b4eaf9e3b097} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.45.2008193181\1955610935" -childID 43 -isForBrowser -prefsHandle 4200 -prefMapHandle 2240 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {acca53f4-df54-4874-9d18-f6d08575cba4} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.46.1421381589\1961878757" -childID 44 -isForBrowser -prefsHandle 6952 -prefMapHandle 6764 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {0ee3c165-dcfa-4347-a334-f4d99eae9db9} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.47.901403882\694935048" -childID 45 -isForBrowser -prefsHandle 6984 -prefMapHandle 7220 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {b24efe1e-8143-4705-814d-3b2e8f2126d0} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.48.654445757\1568657399" -childID 46 -isForBrowser -prefsHandle 6832 -prefMapHandle 3920 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {2bdc167b-f778-4174-94e4-9de0c418e774} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.49.538253258\1373035662" -childID 47 -isForBrowser -prefsHandle 7188 -prefMapHandle 7060 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {4642f4cc-cdcb-4b13-92c5-11fe5eb8316b} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.50.1394150680\1991492307" -childID 48 -isForBrowser -prefsHandle 7384 -prefMapHandle 7040 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {b075f091-52d2-464b-8ebf-fe7b9611d518} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.51.130709526\1073626015" -childID 49 -isForBrowser -prefsHandle 7272 -prefMapHandle 7916 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {4dfdf0ef-9ef9-49d4-b92a-329f5d3050a3} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.52.344297288\2121631469" -childID 50 -isForBrowser -prefsHandle 1180 -prefMapHandle 6884 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {ee292643-b666-4ca6-9876-dc0ba2faea0d} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.53.565463539\1812327356" -childID 51 -isForBrowser -prefsHandle 8096 -prefMapHandle 7028 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {838d4bc6-f2b8-4986-badd-4a31d60825e5} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.54.1928694386\1301487619" -childID 52 -isForBrowser -prefsHandle 6316 -prefMapHandle 7088 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {f2688ed7-bcca-420b-b353-c2a2ebb24897} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.55.382747504\636242440" -childID 53 -isForBrowser -prefsHandle 2940 -prefMapHandle 6252 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {c2e75309-6d04-416c-b1c0-53ad4b2a1e82} 3132 tab

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

"C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe" -contentproc --channel="3132.56.1869255314\1172446615" -childID 54 -isForBrowser -prefsHandle 7204 -prefMapHandle 7944 -prefsLen 23671 -prefMapSize 243824 -jsInitHandle 880 -jsInitLen 240916 -parentBuildID 20240510150000 -appDir "C:\Users\Admin\Desktop\Tor Browser\Browser\browser" - {aae4fdd9-8dd8-4fa4-ae18-a5a57c14edb8} 3132 tab

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 id.google.com udp
GB 142.250.200.3:443 id.google.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.204.86:443 i.ytimg.com tcp
GB 216.58.204.86:443 i.ytimg.com tcp
GB 216.58.204.86:443 i.ytimg.com tcp
GB 216.58.204.86:443 i.ytimg.com tcp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn3.gstatic.com tcp
GB 142.250.187.206:443 encrypted-tbn2.gstatic.com tcp
GB 142.250.187.206:443 encrypted-tbn2.gstatic.com tcp
GB 142.250.187.206:443 encrypted-tbn2.gstatic.com tcp
GB 142.250.187.206:443 encrypted-tbn2.gstatic.com tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
GB 142.250.187.206:443 encrypted-tbn2.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com tcp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com tcp
GB 216.58.204.86:443 i.ytimg.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.187.234:443 jnn-pa.googleapis.com tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 142.250.187.234:443 jnn-pa.googleapis.com udp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
GB 142.250.200.3:443 id.google.com udp
US 8.8.8.8:53 onlyfans.com udp
US 162.159.140.146:443 onlyfans.com tcp
US 162.159.140.146:443 onlyfans.com tcp
US 8.8.8.8:53 apps.identrust.com udp
NL 23.63.101.152:80 apps.identrust.com tcp
US 8.8.8.8:53 static.onlyfans.com udp
US 8.8.8.8:53 thumbs.onlyfans.com udp
US 8.8.8.8:53 public.onlyfans.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 18.239.208.27:443 static.onlyfans.com tcp
US 18.239.208.27:443 static.onlyfans.com tcp
US 18.239.208.27:443 static.onlyfans.com tcp
US 18.239.208.27:443 static.onlyfans.com tcp
US 18.239.208.27:443 static.onlyfans.com tcp
US 18.239.208.27:443 static.onlyfans.com tcp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
GB 142.250.187.196:443 www.google.com udp
US 18.239.208.62:443 public.onlyfans.com tcp
FR 13.32.145.56:443 thumbs.onlyfans.com tcp
US 8.8.8.8:53 cdn2.onlyfans.com udp
FR 18.155.129.90:443 cdn2.onlyfans.com tcp
FR 18.155.129.90:443 cdn2.onlyfans.com tcp
US 8.8.8.8:53 texts.onlyfans.com udp
US 162.159.140.146:443 onlyfans.com udp
US 18.239.208.27:443 static.onlyfans.com tcp
US 8.8.8.8:53 cloudflareinsights.com udp
FR 52.222.169.101:443 texts.onlyfans.com tcp
FR 52.222.169.101:443 texts.onlyfans.com tcp
US 104.16.79.73:443 cloudflareinsights.com tcp
US 8.8.8.8:53 ws2.onlyfans.com udp
US 54.85.200.53:443 ws2.onlyfans.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 fapello.com udp
US 172.67.40.117:443 fapello.com tcp
US 172.67.40.117:443 fapello.com tcp
US 8.8.8.8:53 adxsrver.com udp
US 216.18.168.167:443 adxsrver.com tcp
US 216.18.168.167:443 adxsrver.com tcp
US 216.18.168.167:443 adxsrver.com tcp
US 216.18.168.167:443 adxsrver.com tcp
US 172.67.40.117:443 fapello.com tcp
US 8.8.8.8:53 cdn.impactserving.com udp
US 104.18.176.151:443 cdn.impactserving.com tcp
US 8.8.8.8:53 www.adxserve.com udp
US 216.18.168.167:443 www.adxserve.com tcp
US 216.18.168.167:443 www.adxserve.com tcp
US 216.18.168.167:443 www.adxserve.com tcp
US 216.18.168.167:443 www.adxserve.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 a.adtng.com udp
US 8.8.8.8:53 creative.mnaspm.com udp
US 172.64.147.206:443 creative.mnaspm.com tcp
US 8.8.8.8:53 impactserving.com udp
US 172.64.147.206:443 creative.mnaspm.com tcp
US 66.254.114.171:443 a.adtng.com tcp
US 66.254.114.171:443 a.adtng.com tcp
US 8.8.8.8:53 hw-cdn2.adtng.com udp
US 8.8.8.8:53 ht-cdn2.adtng.com udp
US 8.8.8.8:53 img.stripcdn.com udp
US 172.64.147.206:443 creative.mnaspm.com udp
US 104.18.176.151:443 impactserving.com udp
GB 64.210.156.7:443 hw-cdn2.adtng.com tcp
GB 64.210.156.7:443 hw-cdn2.adtng.com tcp
US 8.8.8.8:53 st.stripcdn.com udp
GB 64.210.156.18:443 ht-cdn2.adtng.com tcp
US 8.8.8.8:53 go.mnaspm.com udp
US 8.8.8.8:53 video.ktkjmp.com udp
US 104.18.53.225:443 video.ktkjmp.com tcp
US 104.18.40.50:443 go.mnaspm.com tcp
US 104.18.40.50:443 go.mnaspm.com tcp
GB 64.210.156.7:443 hw-cdn2.adtng.com tcp
GB 64.210.156.18:443 ht-cdn2.adtng.com tcp
GB 64.210.156.7:443 hw-cdn2.adtng.com tcp
GB 64.210.156.7:443 hw-cdn2.adtng.com tcp
GB 64.210.156.7:443 hw-cdn2.adtng.com tcp
US 104.18.40.50:443 go.mnaspm.com udp
US 172.67.40.117:443 fapello.com tcp
US 8.8.8.8:53 img.strpst.com udp
US 104.17.10.106:443 img.strpst.com tcp
US 104.17.10.106:443 img.strpst.com tcp
US 104.17.10.106:443 img.strpst.com tcp
US 104.17.10.106:443 img.strpst.com tcp
US 104.17.10.106:443 img.strpst.com tcp
US 104.17.10.106:443 img.strpst.com tcp
US 8.8.8.8:53 stripchat.global udp
US 8.8.8.8:53 xhamsterlive.com udp
US 104.17.117.12:443 stripchat.global tcp
US 104.17.112.106:443 xhamsterlive.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 leak.xxx udp
US 104.21.9.63:443 leak.xxx tcp
US 104.21.9.63:443 leak.xxx tcp
US 104.21.9.63:443 leak.xxx udp
US 8.8.8.8:53 stats.hprofits.com udp
NL 45.133.44.10:443 stats.hprofits.com tcp
US 8.8.8.8:53 loc.nsfwadds.com udp
NL 45.133.44.10:443 loc.nsfwadds.com tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
US 8.8.8.8:53 nsfwadds.com udp
NL 185.106.140.7:443 nsfwadds.com tcp
NL 185.106.140.7:443 nsfwadds.com tcp
NL 185.106.140.7:443 nsfwadds.com tcp
US 8.8.8.8:53 cdn.tsyndicate.com udp
SG 45.133.44.71:443 cdn.tsyndicate.com tcp
US 8.8.8.8:53 s.magsrv.com udp
US 8.8.8.8:53 tsyndicate.com udp
NL 95.211.229.248:443 s.magsrv.com tcp
DE 136.243.46.131:443 tsyndicate.com tcp
DE 136.243.46.131:443 tsyndicate.com tcp
DE 136.243.46.131:443 tsyndicate.com tcp
DE 136.243.46.131:443 tsyndicate.com tcp
NL 95.211.229.248:443 s.magsrv.com tcp
US 8.8.8.8:53 u3y8v8u4.aucdn.net udp
GB 89.187.167.2:443 u3y8v8u4.aucdn.net tcp
GB 89.187.167.2:443 u3y8v8u4.aucdn.net tcp
US 8.8.8.8:53 acdn.tsyndicate.com udp
SG 45.133.44.70:443 acdn.tsyndicate.com tcp
US 8.8.8.8:53 bn4.trafget.com udp
US 8.8.8.8:53 camschat.net udp
US 8.8.8.8:53 bn1.trafget.com udp
US 104.21.0.238:443 bn1.trafget.com tcp
US 66.230.180.98:443 camschat.net tcp
US 8.8.8.8:53 pxl.tsyndicate.com udp
US 104.21.0.238:443 bn1.trafget.com tcp
DE 148.251.152.17:443 pxl.tsyndicate.com tcp
DE 148.251.152.17:443 pxl.tsyndicate.com tcp
DE 148.251.152.17:443 pxl.tsyndicate.com tcp
US 8.8.8.8:53 a.magsrv.com udp
GB 89.187.167.8:443 a.magsrv.com tcp
GB 89.187.167.8:443 a.magsrv.com tcp
US 8.8.8.8:53 creative.rmhfrtnd.com udp
US 8.8.8.8:53 embed.iluvestreaming.com udp
US 8.8.8.8:53 chaturbate.com udp
US 8.8.8.8:53 freewebcamsfan.com udp
US 104.21.22.54:443 embed.iluvestreaming.com tcp
US 104.18.100.40:443 chaturbate.com tcp
US 104.232.43.6:443 freewebcamsfan.com tcp
US 104.232.43.6:443 freewebcamsfan.com tcp
NL 95.211.229.248:443 s.magsrv.com tcp
US 172.64.147.206:443 creative.rmhfrtnd.com tcp
US 172.64.147.206:443 creative.rmhfrtnd.com tcp
US 8.8.8.8:53 nudostar.tv udp
US 172.67.68.36:443 nudostar.tv tcp
US 172.67.68.36:443 nudostar.tv tcp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 endowmentoverhangutmost.com udp
US 8.8.8.8:53 blurbreimbursetrombone.com udp
US 8.8.8.8:53 counter.yadro.ru udp
US 151.101.66.137:443 code.jquery.com tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
NL 94.242.247.20:443 endowmentoverhangutmost.com tcp
NL 94.242.247.30:443 blurbreimbursetrombone.com tcp
US 172.67.68.36:443 nudostar.tv tcp
US 8.8.8.8:53 ojlmkywcenhu.com udp
NL 212.117.190.210:443 ojlmkywcenhu.com tcp
NL 212.117.190.210:443 ojlmkywcenhu.com tcp
US 172.67.68.36:443 nudostar.tv tcp
NL 94.242.247.20:443 endowmentoverhangutmost.com tcp
NL 94.242.247.30:443 blurbreimbursetrombone.com tcp
RU 88.212.201.198:443 counter.yadro.ru tcp
NL 212.117.190.210:443 ojlmkywcenhu.com tcp
US 172.67.68.36:443 nudostar.tv tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.238:443 www.youtube.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com tcp
GB 142.250.178.14:443 www.youtube.com udp
GB 142.250.178.14:443 www.youtube.com tcp
US 8.8.8.8:53 fapomania.com udp
US 172.67.70.86:443 fapomania.com tcp
US 172.67.70.86:443 fapomania.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
SG 45.133.44.71:443 acdn.tsyndicate.com tcp
US 8.8.8.8:53 adsession.exacdn.com udp
GB 89.187.167.6:443 adsession.exacdn.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
DE 136.243.46.131:443 tsyndicate.com tcp
US 8.8.8.8:53 s.ma3ion.com udp
US 172.67.70.86:443 fapomania.com tcp
NL 95.211.229.247:443 s.ma3ion.com tcp
SG 45.133.44.70:443 acdn.tsyndicate.com tcp
US 104.21.0.238:443 bn1.trafget.com tcp
DE 148.251.152.17:443 pxl.tsyndicate.com tcp
US 8.8.8.8:53 a.magsrv.com udp
GB 195.181.164.14:443 a.magsrv.com tcp
NL 95.211.229.248:443 s.magsrv.com tcp
NL 95.211.229.248:443 s.magsrv.com tcp
US 8.8.8.8:53 s3t3d2y8.afcdn.net udp
GB 195.181.164.17:443 s3t3d2y8.afcdn.net tcp
GB 195.181.164.17:443 s3t3d2y8.afcdn.net tcp
GB 142.250.179.238:443 www.youtube.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 142.250.178.14:443 www.youtube.com udp
US 8.8.8.8:53 beacons4.gvt2.com udp
GB 142.250.187.238:443 clients2.google.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
GB 142.250.178.14:443 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.204.86:443 i.ytimg.com udp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.74:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 www.torproject.org udp
FI 95.216.163.36:443 www.torproject.org tcp
FI 95.216.163.36:443 www.torproject.org tcp
FI 95.216.163.36:443 www.torproject.org tcp
FI 95.216.163.36:443 www.torproject.org tcp
FI 95.216.163.36:443 www.torproject.org tcp
FI 95.216.163.36:443 www.torproject.org tcp
US 8.8.8.8:53 dist.torproject.org udp
DE 116.202.120.165:443 dist.torproject.org tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 216.239.38.117:443 beacons2.gvt2.com tcp
US 216.239.38.117:443 beacons2.gvt2.com udp
FI 95.216.163.36:443 www.torproject.org tcp
FI 95.216.163.36:443 www.torproject.org tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 216.58.204.86:443 i.ytimg.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 172.217.169.74:443 jnn-pa.googleapis.com udp
GB 142.250.178.2:443 googleads.g.doubleclick.net udp
GB 172.217.169.74:443 jnn-pa.googleapis.com tcp
GB 142.250.178.2:443 googleads.g.doubleclick.net tcp
FR 163.172.182.26:443 tcp
DE 84.247.164.65:9002 tcp
DE 51.89.106.29:8080 tcp
N/A 127.0.0.1:53044 tcp
N/A 127.0.0.1:9151 tcp
N/A 127.0.0.1:53177 tcp
N/A 127.0.0.1:53335 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp
N/A 127.0.0.1:9150 tcp

Files

\??\pipe\crashpad_2164_CDRHCKNJTMMFUECD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 de57b6282c3b100d837facdda9952bff
SHA1 329381302917b31fb6c08bd72f8c4a0acb26c78a
SHA256 d15952e24d190a08cc4c6907adf35e1e91f19f98ba2bb7eb674e879279018ce6
SHA512 07d51e946b604c08ee7ebaf2aa086fb5f3f321381e34de31ab5330633a84f24b138362364ccfcf303b8fabafde0d347fe6170819b472780145d33f02ca966e05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f7b84aee7b8d7f3845fccfad2fa4dd1a
SHA1 7ebce18a2d8597a5f898498160193997d9b07252
SHA256 eeaa2ced8031928a2188b8eb693a045941eee5f557ca261951fe1f9881b0af56
SHA512 292f42b26ae75f8d36047fecd065d0c88ace9ea222c6e3d88323884981d0b3a00499d761fd86e6c1c92b0fc6b3454d3fe74c0a93a3852bf075ab220fa7414ba4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf7667b8.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f3e15af5fa5556cc0bfa794bfbe43a94
SHA1 aa098990cb9c96f0d40143a1185b6bcf27b45793
SHA256 e18d1248312c0f95bcdb781ccd09a8f88e1917ca9122fb70780e2fc253e86ada
SHA512 32d0dbbe1be979c58405b354976a41e3d1bd3b404adecd2544a33f68e6a115f80aadd9f30ba336ee6605caf6b80dbeb1d25e7e994a614e2bf85ee632bbe5b6a3

C:\Users\Admin\AppData\Local\Temp\CabAA84.tmp

MD5 ac05d27423a85adc1622c714f2cb6184
SHA1 b0fe2b1abddb97837ea0195be70ab2ff14d43198
SHA256 c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d
SHA512 6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\94308059B57B3142E455B38A6EB92015

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\TarAC01.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 062ae5b122c441430e61ee5129f13218
SHA1 43dc4546a0ad1c9817db7d322e9c67996fbad4e8
SHA256 d1a38f56285f228f00d6c9323b4a0bf8bf22a1d0edd64dd818ddc8e6832191ff
SHA512 99296c69765e411230d6d26ea4fe7fac13280421acacdaa4b865e3d2e852b2c5173f3b5c15336a1dbd40bcbb38c20b3e67e230bf98a6540fac3e7924bad965dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9465915ff0803e6a60f95114ec4afe3e
SHA1 a2bc31a2eefe506354a7814adc97d225725c78a3
SHA256 384519605a13d3bf6ecc51286be1a3536623ef8134d7ccdc207b0dfd022b95d3
SHA512 321bae8ccabfb85f736565afb0772b8c0fcd70624abb1deba0b53d233b81b37e7bfe5321c5620cf11a5cc78ddddc31b871e5f977daf4439bf176390c099bc7ec

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e2471c04a39f7607a2b9fe7f23cda4c0
SHA1 730984a43c5cf4e94340c9704816a650c415a1e2
SHA256 70d6ce435cc1d9566a15af0e44a51f596f5ac4c4cffca4dd634651e20684efdb
SHA512 68018a6f9a96a1d8ed2f92334c96ca93080f82132af904801ca5d56a156fa87180bbef0b2c9a4af00f2aa267714d9b34f63a2cd4fa3d4a517385ee0d83a6c469

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 197b4b97a3755ddfbe96beed5468e450
SHA1 1e4a031734bbfbfe1ebb37c1999d2b5e41bee8f5
SHA256 c6e5e11c46cd1eeedf04ae5d7c8418f46a8ba3d71e2ed21e6f231f19be1e4071
SHA512 062681d7cfd5f9fcb46ce4b46c8d42ef2a69e0c075e553d17af241a92c11fbd44afa4b784720011e484929145e8e7c43171095549b46f4090a2eb526aba45259

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 d2c10f91af9ffe1b4ddd6d07583c589b
SHA1 87354b12c87fd1bea2a694fdcbd6a7187394199c
SHA256 f81c8e213083e603dd6cc0ac6f08c1b28438945d5841cf2d8d2820e320c99013
SHA512 3016e513a7f4605b0dd0cb2701fcc9e17296fd35ba59556936e210018029001d461d8c6ef566ec1e2933735efac3bb75f96865cc1f80bc55bc458d980045da3d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\070E0202839D9D67350CD2613E78E416

MD5 96c37170b6263e27955246c73dcf8402
SHA1 ab17fcba6f72a7e1ec6148f6143c01236b03d19a
SHA256 23696e7d51b6560fedc189d154dfaf79bfe6bf79df68d650f0238a73f3fb558a
SHA512 7ae3826df2ee8346a0c49fe19ea102b7720650a674a141c1495c47d7a002e5a435893618252388d4410c53939d56f0d44254eb8c2a5e97e94b48604870a80628

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\070E0202839D9D67350CD2613E78E416

MD5 55540a230bdab55187a841cfe1aa1545
SHA1 363e4734f757bdeb89868efe94907774a327695e
SHA256 d73494e3446b02167573b3cde3ae1c8584ac26e15e45ac3ec0326708425d90fb
SHA512 c899cb1d31d3214fd9dc8626a55e40580d3b2224bf34310c2abd85d0f63e2dedaeae57832f048c2f500cb2cbf83683fcb14139af3f0b5251606076cdb4689c54

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e35c83e93e2e07f8c82b691698de2b10
SHA1 ae7393fc8d877b2fb89ecf2c167cdcae9dc3aa8d
SHA256 570edd9989c11a45b10291ee60dc7bf9698f96c23b3c170024c41cb12e48535b
SHA512 b835514618360cf649dbc999e154a757f95fe972d041feadcb206d958b7be76ceb828f8e0b390af1d2d6c30da70461c942331a5def8a5deb76a2524af58296ef

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 149dffb45d93e40044646010921c776e
SHA1 a329601b9be2333feb3b7b47ea272e0eb63cbb77
SHA256 b4dfff420c13fd15a2ce1e41250c658ebc88bf70eb1d6de23109555b9e2f8c56
SHA512 23ae09b76e30359dbfc181dc7ab80d57bb66d7746979933d4134cd4ce2d7efa55533e5588a557cef47be18a98bb8af670fede595383bfbb7bef0ebbcb85fba8c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 18d36aa583905786ce7c2c0f7b4477d8
SHA1 4ce859beaabe82b8f40bdacd8fdf59dfd29aa501
SHA256 e83c7e1129055506517d0dd1b65b031b74680fedbad86a44e63e0618d860a9b3
SHA512 d0afdad11b2f78449077ee76ccd687e6b0a6fc3420e621f857925c58d83216b4b5000a3644e09327e085213b513c4977dc3b2eb255b9f66b3c84e959b3aba44a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 aa9a2ff41b29f42617a219b9268d4d4e
SHA1 eda1dda419cbdfc8e5c2df27ebc4e8d9ea79f2f0
SHA256 3e63ec6dda9177aad367214846282ab448cd0f818a8ef428cb2a4b4c9f4ae126
SHA512 66fd6c3e17dc30f153194ceed0d303266b919d37e62febeddeb759547b6807104db498e983b4a8f4a83fc0fa407aeea4ff07f71413bfd3278fe6f7329438890a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b044852f482bdc49a5c9440f4f139ea4
SHA1 500b13cce900ca55214ffe2c359f332a573bb34d
SHA256 5962df1551b6783f1076a0622a1f1ed848487850fcd654c8cc665ead16669fbf
SHA512 121b0bdaa4aa4001bf2d5f8cbecce6bf728c746e188d541d14c36cc8176a4ebd5af61ae502516de359589890d9a1000a543b6e9596bc2cb19078f7683e31b1eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 25b92ac998c43df4a5b74002e343a1b6
SHA1 7f19e07e397ab5a0933097519c7bca072398a105
SHA256 ce6a72625b7e83fd0a0ccd5ef41c378e794f73d3cb75aef6464cdd9a31ac6481
SHA512 efde5b2f2ef7e5affb3b8748625edde09200ef98c8dda7e41ea8d30504fa871ec9dfe2b4d761a33fd5fbeeaec2368541f0c2b4f6c3aa5317ac91c57fec6ad17a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4b28049a250973215b0d813c0c29b937
SHA1 794ac1c894b4ce9e5107ad252aff13f33dab4569
SHA256 e552b214a6939579c43937da13edc56f1c225958b9e715933199c06238d3679b
SHA512 4e027133e7e5b4d5a7ca7a7ba40ef9896b8439c3335d5c5306270c607ce65746e817bc8d4d7d7624a66f4cde38531b7efd94abce488d32a6f5f33b5338033207

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f51cce6f065fbcbadb7d9b177e07a171
SHA1 dbc34fd11329208156f89a934747dfde3f9de3f3
SHA256 5418a9dfb4e0dcf77239456a26d68a57d803ba322df60de153354e57941cd9d6
SHA512 0f82b7473f0a441aba034fe7738aca53665b8078cdf0b36874923cec1afc1e96cf562b2ff0aa0c32109af169635478f0d2e1a29275c1447f51b5d6d731180790

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 c356a0c771a0209d3482777edfc10768
SHA1 1ff2d992af8a6f19c30ecbe8f3591f26fe1cab08
SHA256 32381f4549d36fa4583e599adc04056a4da80a6067c6805b7081c3f3f54a27ad
SHA512 561084baf8d65579ead79e79c2c3920ef987384d52ecc11a2689aff95c54a6b823a0c4a8e5b910e60e569450e36563f53adb5796f261f13bbeea59130b81fe3c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 af3899196275dae45500fc7671ba1a97
SHA1 8baed8b4951ae14677fa093e56d5540f6d989372
SHA256 7413bc9ead0d8ece381038166e278e2554908209d8a084e961fc18eab8ee6c7e
SHA512 32a8c08b55013ebdc62eb9b1cfcaf54a8ce7ef7ab3dd208a30a3cd1f6281cafc7d667e0c19ffe6dfbea8be5cf53df9509ed0c34337d8bfbad0723aa620542d3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 903f3e2a85e0df01a858957b93c76257
SHA1 23195bcaa574386b0578b8e91dab0d0819fdb8e9
SHA256 9f64fa2c03388940f5b449bf844e492a26649c49847d9b9798ae52b88ab0c663
SHA512 cb2e9d4c3f4dde6f6eba556c16dcdbba442734148e017073938033be128799f7d22240db0b3855997ee9536133cfd89b1a436d7fb9c0c66f9db8aa140f7d7c94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 11bf14471b2ad6e950972922bb39e1cb
SHA1 13297b5ff556e9ee728ae4fc492de87689d05832
SHA256 b452b17dc3773900d274e31ef639928e2c7e2a7388680fbc7859c7c4914031a2
SHA512 135522ba1f07ce4b3db82b2551bc0de54f69ab17ff764bdde360c965aaa40263339183e6a8f1c60a950a9dae77eadf6d5e958c76c76d2d574742e00195769024

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dea780ca2f4aeed547d03e3615e6f6f0
SHA1 e2b74ef74671550b7126dd93894fc003be698e93
SHA256 2b07e9cadef6991bc9a3489de3766578f5a7a39bca936d89b20257b52cf39924
SHA512 b3861c7c578fd78b55df080dabf9d2917e9bfe865752592e625d9c217c9f6a760e56a47ea1ccee63fd843078d487e1cb789aed13a9d74a31bd5e7d34b30696fa

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e6f8c1e3f525f04307d84c983843557b
SHA1 e05a7f5ac06be716b2b49c53d690e7bd93f231ab
SHA256 1a3001b494d3b15ea0c135e3e0913bce7898237cc5c6ae91f8e3fddcce374095
SHA512 ac47de43ba08631b0e72d88c7d4efa1f4d6abb16869707ff2e9653c12fd7ee450d26b6a89ab97bc155a8de46a9d0d71b9e75f9cddea2b799dcbe02c5263ea461

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 e539ae3e319768b49f61d8b574414037
SHA1 b911ffa06f3bdf408635412918b1afcecbde573b
SHA256 fe2204895236c185625094bc76321af94b2ab51973d2f35f2c0d18fb59e136d2
SHA512 9e26778823843e9c205454afab6b7609050b7601a9f17ffe3aebd18324556a3805eebea21e0a2237e87f3b2426dff25e2ecfd0264f25c7030a4c7b88e1c6b574

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 de7ffaee566642ac1f3099b3b0b95b1d
SHA1 5da1ab245b1e4c38c9ea42ce1c51235b626f8c28
SHA256 2fab7166a045e375d66d9966cb4a89e0ca290e4bfe56f52f2ca719d656efe0a1
SHA512 966040c2b7b7caaa6cfb15ff1a9437789e6cd867395e974d376493dcbab0421fb41121298331fbd8ba7488acbafc0cd87a748f2a325808ca8dd209d36e43d0ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 9d876b48a421e682587dae5f729c4e5f
SHA1 2d970c39664e8cb85fad173619b97ceeb23b8dd2
SHA256 856cf4e02ae75534654ca67b365eae70fad0a88e0096a88b2ef381a7c449fcee
SHA512 d91ea18505b9f57be3317a03428931a0cfc826adabca672fc4ef4da71ccbab46fab1ab5e853521cc6eecd9ca96b56c43513e0c50ad30674ef89af9f7348de29e

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 fdbca89312b0c4a3d851220fb64dc5e0
SHA1 905c2e1d911c1a437ccf750f9cd1295ed22022f9
SHA256 52f8b7a2dee9575f4020179f3ef99e33823d8c1b7e1c0fdcf13abd0a011642ec
SHA512 b626b84e628f7ccd3465a68aacb9d839a88387aad5d5a4d43e995dc032fc5eed7e4822b4d799a6c51e83313aec13062131de24816e41c4e8a7d85aee4951ab6d

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 87443ad56bbd7ea29966029a42d57e5d
SHA1 f1b6f88f9f32e1ff04e19afc41a58c464aed06e5
SHA256 84a20d67d03f814e68f7e1fbf50dd73d95976a7e1adc8bc2d4b8ba5bff3d2e62
SHA512 271e7623d029cdcd59fe7cb21e957f27c8cc31d432b9ebed3f8e8b41e00978523bf62a6446f843b91d408c8093656fb612a01b01fbc10b661335576031cad5e2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 1d4121086404ec4d509e4e8184f7d14a
SHA1 0359c6ab5944df5dcce423a05599a3444da0d37d
SHA256 d39c9e05bf12764aff167ab2735fd02422bb4041f9c735fa6af877105165d6eb
SHA512 4e95a35107030bdd932ebe783c9c7d58d1cebb0cff1b2d42f47272ed026ac138a6423842b1fb8a41417cc02665da1d6239b838e57664f4bc5f10a28c32f43c22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 53f0cd33a3904c6b8f21261f8ee36a35
SHA1 71d42f0c0345ace417a016dc9e8fa0e9327da7c5
SHA256 c801070811254592a9abb381a015736d82b4758a02676bab5f3773968825aca5
SHA512 e850ab0e8050ab471f9a700d96d50863a2fbd02c5d39cd234e712bb28757f07ca7eee5bfa7bb5dd3ebfecfb99c977c0dcda0ba4674af23ed572471ba9d4db95f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 09a3d2bacf41567dd8de636f72806694
SHA1 7b29389ac4f5c041480ab149ff1da521d869d4ca
SHA256 24b411607fd25985bfeaa2576ab9c8e4a1f3d9e650a84b0380767cd9a51fd9c4
SHA512 12ecc7ed7b676576ab852e4d6ee846fe3edc3c5cc80852294f8fb0d58be96ac5ee033ed39351cb4573b0bd7b66249ca6673521ce3801fab43aefd068b3811337

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7993fb5700962a43e570d09686b45454
SHA1 990f0fdb4b151b2cb7fe7f61ece982a5b1f83587
SHA256 9fe358119f06d082ad420978e1e23cb3d34d035372ba2a93c135ee92444dc000
SHA512 dfab6c3cc8d0b369c8d667ac49d9710faae517eb806a97e174b9ae93ab99cea41a4bcb7c93ead884a7920bbec13a79ea64ff4fd545d70d6309047d4eec9d1b92

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 65397d67eaa6966616186b7ff344a9a3
SHA1 91f0e769a4b4cf57beaae867cb6510bf72f07212
SHA256 54696aab4e5cf735796a3c34600f9521dcd1b751b543a88fa8a1f2ed0b767800
SHA512 59a3ffdb30bf045efaff953f9874e0c47779736eed8f05c2a1754c756dde764670825a43535397abf5f6e74e8239a2877a463770039196ac092de3bfd4903af2

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 a578d69c28140b867cdf598e36aae4ba
SHA1 38a5c8a931c982cb3c066ba9432100341137c838
SHA256 fc605524da04f84a75d3253166600dab570e462ea6e41216242d3e1fd4ecbac7
SHA512 3c07fdda9c9795b291d5caa7348a7fb40f816101da188597c98001d6da0cdb4ed75576890078a558b739cd3fd393faaeaeb18da94e3a18fc909efea8c8c7ee49

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 904676d89dc8a64a584eac5d95592fd2
SHA1 61ece26b8926aeda924b32c97eb4a903590b83b3
SHA256 909165bc4809c6ff13d616165ccda2c3783e3b00784004586258b814a215b46c
SHA512 412d24c4f2b3e904664c7735df5409edd9fabc618509ea84eae03c834fb9d7e625dda562c12ef33b86419422c0e89f46a56223751235df187fa9bcecf81efd24

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ffcebbdb168bde2a04a0d12cf788606f
SHA1 010b6631b9f549ae5d7acc215db4bcc167b95ba0
SHA256 84ad0f0eb8869d120860ecc76f0951697866bf84fac17263935936e391f780e7
SHA512 2891577573c9a4fd08566dc95b469db126fce5fcad6f7b11e4ee0fa0841f50fbd6fc352ed0e5c8d5aa53c60b6b736b752bb1049b95cef4ce5ab87464f908ad3f

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 0603f41094205375a12a7b7e8b533bd1
SHA1 9ea8b0240bdc0211eaf2565d8fee5cf1268b9fc8
SHA256 f33f3a9a87d6b65e1ef796b3d84e13b335f38a4bc2aff5592e717a00e26bf247
SHA512 3e6cacb762978fdad00cd04c7385a4ce58d71d8762eeb70618c75f53422be1c3c2e90bda8c243f176f1f972f58b3af6e04752b98e7ffc3846e2275afd4a2fd36

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 891805ad3890de83e8f3475ce1f365c8
SHA1 3fba3d5a7ded953e092e0f14d2a6877d9f745717
SHA256 c2b815a1addc60511855a2f5fa7f782651c78b8a4a42fe5f87eba97f3c273cb5
SHA512 6ccb5772b77f64b9468ccb70bf7e95edac2381364b5b750aaa9c28a1ca1e228ef5d4677c86121ac918fc3fe1a2e9b21f0c326c9a1fd7f8fd75b80ef0d8f0453c

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 f91a6e7c317dd0b6447ceed346f18bc2
SHA1 ebd9748542e9ea68f21bd88bc0edf75f891e9316
SHA256 d9273143ceab6114fdeb75a02eb05d80bba4f7d9c15609800b75e53faadc2a8d
SHA512 8ba44460510b1dc5b3879f5429e2111790dc13badb8cdf7f7d716418662778ded282756cffe32c0ec7e0f5fa114fdc0e931923fec2494f4e6434e4ed39d32f76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d0d99c1a410bf35e34a3cd8845b4c0bc
SHA1 cf570abd3b2d0a426707bd228821081a31507b0e
SHA256 7ae9d3d96bb29696ae1cc58bf5e3d14be6f70f1dc00b93a9e7c220d379939b14
SHA512 3e66e518397ec86c9d79312bc9c38eff27c210031151a3e23ddfc706e18ecc4b88edcc8e367ef21e3957fb61f084919c5b029bfbd8bf4b8e6fdacbfa5c6bcb96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 361f4a106a806fc8c31f4863223ae2fe
SHA1 b4ff815bc9f50a434810b21caf8ffadd2beab479
SHA256 e12d0b2558cd19529f4b10ea4262695dfbe9c4512f62f45f672293a67bef6113
SHA512 634e92f73c8e1dfd412e36b1ea2f0d2ba97425cef2a2176259e3ac362125b544e995303fbbca37e7f8b0d2a31db3bf318b209e8f1e033f7dc23d612d4ff18579

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 070808f5d254fbdacbfbc86d240cef09
SHA1 7cb92c283f7064cbde288aaf9b48952c263a97d6
SHA256 6ceb04518d3920ff6eea87cd7217d0c8c0339515550221adb4ca39c363f58559
SHA512 9a9ff7f20a7e0b9840a6e279fe7905dace5c3d05a05c2972edf3a79059b73ea9345c2ec76b3a2dd3fa67b9a10131581c3c0197daa15f5ea6facbd337b26fb0be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 19f2eaa9500b720e549f246277280d74
SHA1 ec18988c67e1898e256114ab389c5a5105073947
SHA256 9b03561f606e112fc582af388fc2e33a4514c6f8550529ed98d84bf7a959c901
SHA512 fca0305fef6b75e9ecb04524cc94c07c263861d850ab6d6e2e27d4605a1542287c6c167b7a33171cce793b67991ea9f02f8ab7baa5ff18bb0f5703b663ca65b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 19cfd10d61f87b9b8e7d44e0f861933c
SHA1 836abf6ad85fae0f7821a19291cb59125973065c
SHA256 6fdd2c26d358fd9444f65855cfc2e0157a05c4c499498026caa9640ebf87bdd0
SHA512 674a3a82a17d82a591996d58d7ee69bc30be4ca419f7b453f8c9db11f5889962fa1b85b1a59d4112f2abf8b30eb5b53de317aa3f54aef25050e3d3a93a3328b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7eaeac94770388d2264bdd5975ac8529
SHA1 114f7cbcad2ab671a9b770dc77068b183ed3da5a
SHA256 aba9624c3491b66554d3d3ba95a3eba53697a403b5f452655162db39a620b4db
SHA512 3ddc6144a198a8b88cec25fc8bdab70d45471c1b9270b6fe150a8921ef930bdac0ea992b83c5a4140696a6e1b5b61eba716c77710a000fc59e1a9d2f49268abc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 06df5e337f7d9e0c8709e94c3b7fa1b6
SHA1 e414748359c7c711efa64e4b15c33cd2023b3676
SHA256 9236a9afaadaea09fc0bb50ad3cd4bd9e4b4a697a088b57082362fad4f06111a
SHA512 ee8b74ceb3ea711aba9859df3e501674aaf1bbe243f954f192819b1dddefc694154740792d400e22bf9cb15dcd881e1d0aa419f0ce4749cec1497f42c57b3ef6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 00730117aaee06fb53675303d30beac0
SHA1 08cff5bb3bcc85517b2be412181665ab5952f563
SHA256 163a256dac6bab11dbce45150aa78b17038503a1c741393e2bbb1c4a264ab47b
SHA512 3cfbfe856750d187658723dd019d1f8e4303afcd191b441809da252f45e1ad13331ee4082f50052116726d995da924cbf2001358aa99f2a72814495ec644c507

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b683aff089a35b0f_0

MD5 e561631de29322261744e90905e619ff
SHA1 e7ec44ff5b68af406a540005174d31a56fb5839b
SHA256 4dbd6065028918f510a5db6a714913409fc24282abf5d31eebb8d824374324f9
SHA512 63b26af6a5808d7f37fb7558c83872defa2c161e9bee57f0f5e0c70d8dd77f7f8299843471570ae3ff718dda16186c983364694139b92ddff3123f091d977e82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3f53680f7630e8e8_0

MD5 151ad58362304f7d123ccb859b8b16c8
SHA1 04091f7f7b28a1bf2a23228686d9dca08ea64966
SHA256 309f0bc5bb4f75be8b3128f0c1d5409415e0d38a73928cfc3ced05c9ab2d171a
SHA512 8b7b2c6ee60c07137ee79727301307ce7ad00d13f982d2238d32753d608ffa6732ae2584e5067f990fc0bbb6fc9f72944e6c50c34f4d7074ba8b9f2b372f8b6b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 242afcff48bd1886909acc7217be4ea3
SHA1 83ebd226cf3dd97640966c6882b8d3372b9a2845
SHA256 7239db16e07f95ff3bee34c3af9269be58075f2f47cce34dea120cdeaaa9b51a
SHA512 a9842160564c3634298993a36772acf6f0647cdd8ad2ecc348bbaa442bb75caca1d3e6a74a22a8d6286040e6d32088f61ff463e8d6fc0ebe86daec67d655c55d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f07ffb837cf41f68cc08440efbcaa506
SHA1 fd4e2db175f944bfcc97fe9e27d286970b010e47
SHA256 2071cbb2f50d53b94b6fef5a0696a4440a920ba9797007b49c5affa2ab71adf4
SHA512 b0588776d514db3aee5c91621f9d673e8d22fd053ca76501b57efd48f249209afd40cad5fed8d2cf223b42ecd509cbe9f71962179639095fb31212808703e1a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000da

MD5 9b9a962644ecc40380fc438e4d111ae0
SHA1 0d684b1352b4496af6a55b77f58568ec4b52a314
SHA256 9a292a1ad8f166c6c2c21c98b4b5f8f36fa16fb1f8d96afed827ff65db8b8b06
SHA512 5199a56ce358d6a9cebaad94077b60d45988f3a553e7505918197ee725d644d26017e72cfd8fa16dfaebee8713104fe8b2d2714f3619b9384f185e00d62ec7d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000db

MD5 f8f45720428b45cbcc2412bc186ff354
SHA1 683a49c0566ec5873b2cee1ba96b8ddc344f1e70
SHA256 1c6783766f05f5f4587c33f50a570a112087d0fc7ea28c92d384c255bf4d335e
SHA512 b0d0aa5f748eb415c1c14f01b91f897947666641c2b9dd4002ab38fdb664dbc39663d54beed1b09f3362009a668f4ce7dd2d6454f91998d4079e3285ff2ab60d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ea8b74ad4851ffa51bbccc1f200a4f52
SHA1 6dcca5f1888cca92ec1944fb43f05e9de21ef170
SHA256 d737b6baa122f5cdcd4c63233e5496267f14b871b161f4f51fd1196789ea3c2a
SHA512 2122a623ff9848f11abbcd829509af3cdab2b940bcab529af6d270a7a1536052f36f8be535963cd8128c72c1fb586845d4909deccd224909ebea6dd947d70dd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 16ee981bcb68d693dada8134f37c75fa
SHA1 89ed793edf1a33f51993d4a5c7dcc5452b7fad6d
SHA256 5dbd103e2db880ddb89f78b1bace2fae68ebf2ef5daad34d07ae7752759de8b4
SHA512 edacfc25210ebd7bbcec32d2fbe94ddf9740b61e2c2163be5165905654432897418c3d21624717b4463744d9314f44517c8a611f50c4e61b6dbaf27a817b63f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f7c76d35ffc71b57_0

MD5 1f84a48b629c778d3b667fa26b75151c
SHA1 e51c2889d3e1f0af20750f81cf16fe10fa8d5763
SHA256 5764692b6a4f10b388b58542976f5ddfd727bd456052fc4a8553af35ca89f064
SHA512 c41027760e85b9ae8994025a7e3c9a09426e24060bdf81656db06656e61dd392e87ec5d9d885029109e1c6f3aa42c7a7c09ee6e526805ce30f56f83e9d714226

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 415965ca536a53235a8233d02ffffb81
SHA1 bf8d92a03adb2ba5d267dcb2505680c9eb3bb184
SHA256 b1530c13d773dece1e2b525c9b3e3d91a6bc343e227745a9394ff93d8d4c8493
SHA512 f6c69a49cc745d0869bc58a95ff1932f0b787ca9467d1a066beeeebe64f9c2cdbdc433cf5dc01f736b39cba69b7eaa098a5d6c595713bbda21f160f4f3e1490f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 892ae2ab94d65c76a347f74a988a4772
SHA1 2dfd24ca4f9983f473fd6b6da6580e5564ab0f6c
SHA256 1886a5a4d60a5224c6679a331e1e4cc5595c55350c4493a289ab2db334121a9d
SHA512 89695342961f13331f6a392f3195310d8e644cfe3b44c15f09dd61f776809ef2518592e2ab5564572a0d9ec417d4dc589f32c15012b4dc07ba00b47c8474c5d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 563ec199c9315a28c567564860e7cac8
SHA1 09c1ab8d7fa91b7eba9b74cebf6b0e36217a0b93
SHA256 db5cc9de0eeae84767fa80573feee0e1ba8cc2f84b60f724255df29cf90cb079
SHA512 744e8ee6cfb8246568f0d9a5a95fb0b4d75d3f14bd8ef8861a9086ea71d5bb0d9d5a32dbb605f5ec0335540c3db411740db5dabd659ec13c48403f5e6d80985e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3e2f6dc17f346aa984caa0831276da73
SHA1 59dcbddfff1dfc055cb3f127bbf0f2ec17725cb9
SHA256 4588cc327970430b877c66c93d657ecf09f8481fb4a3cf66adcecc476167437e
SHA512 0389f6abf6b5935d02da2841f007ae9608a8553db917c716ab6ac745e7d3e2517025a5db38d58d9d7a434ce70646e4f2171b8eb4ef01089ca214547e6be95466

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 af91d97b482fe66bd147a54db26687db
SHA1 3996966319401253537538194d1bdb6b71e2eaf7
SHA256 5d01476268aa731472b2fd2ec4b01447cb76f2f5fbf6a212df46f2a744cf7bd0
SHA512 f3ac76e18803f4013cc70f94e87c4a9a26b08438f1a45a74e664fc01f4380f46579d1329d80628325a6541d4412f9d8940c08fba37149d21afc9331fe128d893

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms~RFf796401.TMP

MD5 b184f9ca2d3ffd5da15e498b37c7f901
SHA1 2ae12c7057f28e12be6d8bd1808561e2456ef4e6
SHA256 8db613e0d7584029c4c33a544295e092a703ef9d2f2a216bd2e8c5001a14ef6d
SHA512 4b1dfbaba561dcbebd6d3f2adc9376b3aa27b4ffdd56100609c257c48810cab27ed9539c9956b6b40d00fddc440d43c1e6ce6132f34ab98901ddc59c2ea4e6bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

MD5 33d2dcc9ccf87d6ed728ab0c46235369
SHA1 249e080a07601d8537b242546067229f49a4aca1
SHA256 a455f1cebb519dc1861af1646224fb2cff08843469c0f346d93efb6745615c4c
SHA512 754e230d5ed0a578559702f43312b2cb2b282676a95218ec3213efb566fed6ca02034bc6dc7ba124afee6f9b766a0680a8e51ea377b998eb2a10d0b7de67f7cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

MD5 aa12ea792026e66caab5841d4d0b9bab
SHA1 47beeba1239050999e8c98ded40f02ce82a78d3f
SHA256 65fe153a832452e97f5d484440a7047e314d3a83cb61ad2508fed48a820e1de1
SHA512 0b2b1bb8851c60c9d4ab1d039b990a4de5799c97c50b45f64e36a21849c14e785f69196f674ac225b1419d7f501338054074cab6203d041361a4fa1ed8802b27

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 af7a6b146e09eb02d0076f511ceecf0d
SHA1 200c592603a74340dc652fb6390a2b8f5cc4696e
SHA256 151cf05b9b598f6f20eec62828d5d37ac080e79e6da15879ed6592439b6ead02
SHA512 64ba63e6a663322904c07427d5d5c6c5a49ffa8df4463b0ff20a3a1477dbc40f979685f5396777dfdc49498433799986b0806dd6d62dcffdb66874165ab62b2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 990a7c97d1b015d48d939cac53aea8e9
SHA1 8029b5ef4a695f00f7093ac0dd8121f93498cf93
SHA256 c3225335d3818523c28ee0728515dc969714de190a44b7979186864bd42ac543
SHA512 59893d823e74dcbd75155b812ba2061697d1252ab077e667c39b08582dc4bd5461bc4c8f9f813e1f199f8f30eaa789a9e0773dfebd49d8288ab11b6b0e58e94e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 260fa01946ba4f3a4cd165bb13cea011
SHA1 d9df3e01d1b697377520105bd73f0986042b0ccf
SHA256 d0050ef610626511d0959cdf10f869f42e810a53fc4edf20a24e69416258d402
SHA512 ef2dafa52d89f29e711af9df809773f7f8143dd5f36361f413ed0181a3462f91bb478efaa8f5336b9343f7709b019e83dc6cac8d1e993a2700217c1a91e5ce69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da3f3ec1091b57b45a72e58b8a21468d
SHA1 049e835d1b4361a8ba5c1558de0bf91eaa4501c1
SHA256 582b364d6a97f20f61596b9b3b3d856d1a92092abec6623a72a20fc9cf7b323d
SHA512 f69fef20da9ed979c8558aaa8c32e466867c8ee59edc6f84d7e585be77d2964686d0d914316da5ca60b20a3fd4a9486817e2d74a1938c9ad964254f6a9ae4b4c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 126511af30e010f8568f22e4fe5d2838
SHA1 76d8b70eb0125753220e6be3b3cc9f25f41ef82f
SHA256 95be49e8593e0e1f5634183f101a03ae55e49338a137c32516815ae66df67e3d
SHA512 232c43ae39e639eb272f073781ceb994a9510d12fd492a2895c1f43b3909e51818b70366611488389284777e8c53058ff46344f25df34901d483c5628158955f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a19d0ed5b6ed0b4650ed644b1af7d26f
SHA1 37a5d2ff7926f36af867a1d8805303a8cb48ded7
SHA256 17080084616166f111a0108c208b1511b1ad32275a8ab3d74ba1112bb628c4d3
SHA512 0e90a9e7386a776aba2a85f64355977ddebe71af7105cfd53f642941032c2856e0d19d1758bce1cbe03371b311dc7736d3356fa6ab36a0366972ef56b852497f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\edf0fc685f8b50f5_0

MD5 7682ebc15fa4175bee20c70c1b1ddbfe
SHA1 4570d4066cd8e56fe9d213704313ad73dd2f8b2f
SHA256 058edcfca62de78c1d6bba20b465f5b2610f80e7eed82578c94082c9147450b8
SHA512 dd1e4806059c776483ad3e1b301157b166a9e54dec72ada45e16f9c1ebe315431a32c7533e440f99cf4d4bcec1a7c2134d4defe490dc84638b8de2e5adc129b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\597398a0880e68bf_0

MD5 bc0620773a3e61afaf0eee89603c9fe7
SHA1 872cde49f10aca75fcae40873f3d5ca9a79736e3
SHA256 7a295daf3d135bf930395bb60f051c628babdcfbd7786ed68f6c9da335983643
SHA512 7f662ebdb50c574a36acaf459bbb25d17806ff92af74602c3b767369ec98487d47858701c859f6adb0f2da1867dddb73d5718685ef63a64829cb524eeea6d6df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7cbfd0ed7eb712dd_0

MD5 45f4d3213cbc3878852330a027b5d006
SHA1 a11488fd7a4b7a8002acdf9bc54217e4a6f5d4c9
SHA256 9a5da0c0538738d53e4f91b2ebc324aedb9d4dab583a0279b02d1061a20cefb4
SHA512 a5e93f673d820a17d078269902c504d32de4520ed7f5934b677abf34435831e01eb64955f45e05f29aeb6e6fe4f2001618aaa4762869bbf24addcfee6142b01a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\551d3568b54fa1c0_0

MD5 f83b4e8a9f0f0c89b732cf8ff8fe1b1c
SHA1 ee866a8933ef1361d06184f78711cd68da19d55b
SHA256 2bca4087449cb78b1dee8f455ae392d3e1715d4cf33f7e0e214cb3bb89690e1b
SHA512 f096930e312758e34b98480d45fb51a5add0f2f516313cd867e2e7186052060f4a1f8f49bb1ce1ff2128b5b6daa772d04ef184aee1d9514486994ed804254de2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e1e2003f792d51cd20648ca273f06622
SHA1 70979c6716d3f02055716be17ccc41470928c647
SHA256 33acd696d93fce59c301616259d9470386cc485f4d1b76f6ff292f306dc5986b
SHA512 86af49150ebc8f85d705b1c3ee66000aeeebe637fd9c3e346d5fcbaedfd9e2588999b0d30c14a336103043fc6743d29274c42966fb4214b6a3ea98760013ee94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 017597518e6753a8f32f4438a2bb35d2
SHA1 229a810ef3bfdf5fda05b48b51b1c533e2bb001a
SHA256 9e0bdf4cfa1fe42fd32cef46080a73f22928792a4d85d9e9bb71b8ed2ca8dbf3
SHA512 fef1e4b1c21439015773c24f591be18a5f4392e6c8e0e389d783fb11b9957ec02c0ace278eeec0ec979112748b746a9adc10199dccbd3e3ac48e594cb261430e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\36baf27f189ed898_0

MD5 144fa18b4de46fbfb8c5786221e27dca
SHA1 529843ec787d28725586e4dceaa1abdd9dd3b904
SHA256 80fbeb682364d2284e57844b93ef3992e4e764ccd53325c01752bb0b0c86b675
SHA512 5e60f8e3ed343a2387f412180a0df2b60efd0e0a151df9b56d2d0439dd82cf8a90dfeb6b3df570d96fcfa8532b63271f4ac44cb4a15bc5f2ea4ea7d0fbfb515b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f5cb5c110f685da2_0

MD5 644a7b896e8e0e6957dbb4705a720638
SHA1 ea5582a80ff0801233a7db9960ecf69c6a56201c
SHA256 391c21613ef1186c796c897ea377b5031a123616da243ce1ee75af098a3dbef6
SHA512 bcd5957638e69816f879cb3416fef2c21bf938d98179419e7aefec5f32328467bf6e45fbbcd637abf2df88b54baf63656e28b0984acb6263823f8782e8d306af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\77049edab8169821_0

MD5 39a87775bec8689ec561d5e2a5a2d200
SHA1 69d408c3260660ac2c08d9c46c76c69e2f0df2da
SHA256 7091a4ef25ee0b75225b06fe50df8d49f7fc0c378d87aaf4133a1d984bb0fd42
SHA512 10fed6f3d4d143ab330870c6bcc32811ceab4b4f6920edc881d17e38ef07c1a704f35ad44d45ee939b75a28b1cf0183ad3a09e548f6d08a17cb1d5ec171251ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\360b1b0e335b22ac_0

MD5 434d2c3d8144f1cde64e536700400c6f
SHA1 f529af5ab0fdaca6f381466226d6da9df8e3b50f
SHA256 f08fc1a391d388c2ca4d1aa268539ba2701c91e9147fac4449affab1d195ca1d
SHA512 8937018c6e88e829049a6fb3a1b319ae1357d63026449565e5d1b2c0b8bc5f59c2efe8112a3359c8f560f0df4947fd08639a552bad8698ff81c1d3f8bada4fef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e9a7938d667e94a7_0

MD5 b078190f6f3ca298f2f2fc21edd5ec5b
SHA1 715b15485bf55ace8a74dbfc3ddbf4472d84991a
SHA256 e4900d3a8b49e00dc848715825f581cc317d684dac42e808b2506e053b36ff65
SHA512 c9198226993c22fbc15dda108f0502bd5d885017d1f7ec14f259518d911012a84887f9e597b1cb90e91e714ac9bb796b794fd0ea19beb69f40751ac4339017aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\47c0ff590ba9aad2_0

MD5 bed2290bf15260f5ae6cf2f47b8822b2
SHA1 9d8085bb56ffb3eb6ad09446f67e656974c5ed0a
SHA256 6cb5e02e101f4f70dd3044f28d2495f31bd1a6d56e07f2a4ff85be23b66f7612
SHA512 242cd643a29f7762b14b8624ed881857935de2925abdddfb84e245dcbaac4e330dd46f266fc285ad72673d178b18a0b884d2c8e4676f785100273cf95a03e459

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 80bddac5e28bd2afe2cfbf16264a9327
SHA1 eedd76ad24900cdb8fb5c5bac2ebd18ded005a5f
SHA256 0e086da26d4bd87ec431c20d16ad77b7dba4cc76f742255b4d6291de09846288
SHA512 9a35e0d9edfc3acc4ae321fad54db6c592c2368b62af2ff28a40e7130cd2045fc4bf6b4d1f9ebd51ddfba852b87176d1b30296405346d8f6215d0e88ae15e60e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 976cb5cdbbbdf0c044aaac7c4455e363
SHA1 4c8cdb91093a2d160d6b2879d5f81aa4bcf7944f
SHA256 5c6c3fdd0792de922449716b14ea7443cff66312081947fe79594a31cc6863c5
SHA512 4eed71faec4a0fef380e3fb6ccb956a0f7fbb8b1233c9fcbe6133270111b40d27ff2fb246e112bd586eeae76702f42af9f0726e2c5dc5b89bc01ae405268103a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2dd71ddce7f7d19f19338186243a5c6c
SHA1 eefad80fb5eaf3dd67f9d4c54685d811bd37c662
SHA256 0585296e6cf9de0a30bd1ecca63d39f171c8a908fee5fc0a928e37f2205e0985
SHA512 a5efdb2609188fe7f4fe227ca4c87f3ba3985a1e2ad6236e738993d5f36e7e2ce9fb78733d58102e18e9719c70d7489702fd66fad4babecb4733238434c60e7c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a2b7853abacf568a44d9db588f0eb2b7
SHA1 3722a5b348da79e1775786e8fe56624e8efeeed0
SHA256 03078b5b5d631ccc1627c67eaaeff43afb211c89e88eb06e93eccadee7d0b250
SHA512 6880979887a45f51481c9980243a71cf4e2cb10e02079453cf3de2957d1f4d3d299765ef91d2d56387159d4c3e5ed3933e9883a50a955e10c19f13090da0c8f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4613be03fdcfd49090e23238125fbaca
SHA1 e64871dd1106844f09d8dd708b5c730a06006940
SHA256 36a70c42fff4bb912c490d3d1ae71f3919b2a7979c3b60331840f9622138de9f
SHA512 4a5732186b02f0a625c0be6c44fac6185f764d3cff4dad02a3e9cddd60100a3e639a2c0e4481f2edddf4ae09f8d6845bf78358f64ee1e18b6d9d39d6793ff227

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

MD5 f6ea86fbf7efb5a885a91d59b2308549
SHA1 1cddf21c0d0f48452489bf3c3073f51eafdb1052
SHA256 e2441c3f333ea7772a65014b5a89b8e0918f91c970293675c541931d49b489dc
SHA512 853e03da6a2c9b820c761cdddc99d8094f00fb87237616fe8f183b5754c3135753da13f4a38c2a9b2086fbcf9985a90e443930e69e4d174f5856536dec648842

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 4d556c2cc10f8727638e49463b7d2a89
SHA1 257179478e9f824988c329ac72563c9aaf7bf60b
SHA256 ca0f78aad838f0e3fed01621284f941df080cf134c14768f9ae104fc47c996fb
SHA512 3146f1d3b6a0bd3ced1231d313d23591ad14a680b08f75403c79a22c52632ebd279fb05a11918b060b860751633eada4715d13b066fdf6867222f2506ad10a65

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

MD5 a06dcd12ab1eab766d22c22b772435e1
SHA1 de36891470ceaa364c65e9e31998aa1f1a0d4b03
SHA256 eccc0756122ada1ed0f4f7df11d6445e980c44de3e6cd961271c821a669623ee
SHA512 3998d3656f3e4e68a0507b51a6aab8251602dbd439839729eadc55e352c35ad81c1da0bd8cafd82dcf74ede5d7daaee47e1f37dcc6f6b308f5d1e355850f7b29

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 985b0abf7d72fd1f474522b8967711f3
SHA1 cd44edc5ffb8ea6cf79a51cfcfd1050d849a13eb
SHA256 78bb2f97e98ac03441093067cb2b1c2be913015ac1e0084f9c23c6cbe76f7e0b
SHA512 17b831e8c96ce055863724d1c9a5de4dc6cefc52e98c78878859aba1406c97b1e8a393e114de4f4ec24ff2a13a857da5d438e2eb1d20706ef4217eb8b3e31895

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0f647e428815a1675f97239a62d9c1c6
SHA1 89203a096ccee2df84c6765a9b79e02e45c3f623
SHA256 f053edc07ce1d25ed51c40c606efb113fa48cfe1171dac1e2e055bb8881cca60
SHA512 ffbef54a19d198061cd15306313cc0b174d2e3e74ac00ab8b310435307b0c9c7951bc7f2fbe33eff7d8f845dc8e964324c2e1a6fc773a3de2a3d328c21037184

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f10e271fc3745fe90742acf9434425e0
SHA1 c445922c7864f36850f2d00616821fe2c10b2091
SHA256 bcbb1e4ebb60e5eb769f0f323355182c42f4bc72dd61bebc905c810606632db2
SHA512 0828862d27430043a96cd1fe7bd6334d515a6123d2db0eaaf46c1e130de80c67a5fa6d378e47c137c20eab52f387bf1de9a88b9d2a5007152145186fac48026f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ae1bccd6831ebfe5ad03b482ee266e4f
SHA1 01f4179f48f1af383b275d7ee338dd160b6f558a
SHA256 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649
SHA512 baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 176e5beb7b6b59fdec3791e7ca9378ef
SHA1 91474edecf6b5c505ec1be5d9e6c6a1d7960e345
SHA256 b174f97e31a87f449cbff20b4c406e393bbd0e760f022dbb46f4f5485cbdaddd
SHA512 9c5b89e2a2acf6ae1dafbc27dc77dce95790c549aea85cdb205251e59d4979b2a9e9b49da00ff9ffaf5105e9c2d3d165ee78533c5338e9263476ae0728c7c50b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c0982aaa1c2dcd22f820a2712bec9069
SHA1 f81c261bf6a8fe42e5aa3ba1434fa54d53860990
SHA256 4cebaf30f683d1fbcb3937665fffe8f69a91bf5e50d49e1662f177f970c1d86b
SHA512 fc731f945c4016c94903b681f4f5ff0ff4d95a648c952834b2ec61ec445878051fc28e0747e2eac210e95a239922b8a7e52aebd7831d7028965e4158938f8069

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 566ec068099797d406fc5af408668353
SHA1 4a0e21e486f47daabca2890a48eaf57abde19ed1
SHA256 3c3b9ca55d6defa8d6781faf3c8f380544373271e427748898445f9c782228f3
SHA512 cdb58b625a254e207974d1ff579cc4c05688cec350a6d21aff4d073095537547ac29c759f3d7ce6ea45e3ba2d3ef6a45d74a6e7583f372744403c252e49e0c65

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a5f125609e3478922cb6f53cfe326016
SHA1 a035c1d71b5a59f0e7998a07e081ac28e5a75471
SHA256 46aeb2693a985b5054116ca226ebd76600a5d720cfd65ad573090f6ed3b47e37
SHA512 8dd4725d11c8465898e9b35b0a862b6aac608c3b16b49f09d0ca397b27bef257ebf15ab26e9c78e5a84fdef82e6787a22f114c7806666d23ca7cd4172aaf108c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 889dee8e5811ff4b6c435333dad0ffff
SHA1 d7f226805c360567a2750673033ea2a9c5fbf744
SHA256 25ad065cccb9eb0694d999f768adeaf6a8adb52fd514e9ce2542ff6fcb1d8be8
SHA512 72c4e39110c929456ef686656f89611686c5e8cbb7af26bbdabb020af2631e538b8be85f622069fc36dc8c60d890011a16296af54c79e8a38229fd5cc550b84e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 4218812f5e53b836d3bea76dadf0a43b
SHA1 4de3b9ef7ab6a47513438f42678227280e38da48
SHA256 41e5903b5715622aeed37b4596f5e1964e292114d5c5b85b4acc8f5dd6159dd0
SHA512 e2abcfdf659943f9fc7793bbb5c584586cb8288da67911af02883c3777dd40e5ef8b7ee74ecc348aec7188fc589ecf295e86504dd4d833c2f50fcb7a498cddbd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 590674ae7878e2acf17ac89240fb6294
SHA1 a41f23c39168cdf9b4a2143b8173bc0c1a0c099d
SHA256 76233a10a8b03ecabf47fb1381cc928f9608a4fc9a12dd5a3d3aa0d5081179da
SHA512 eddd3d3d682e8079a82a3bfce22a01f49d9cf8f6d726cdd16d1a56874706a40be26272b4df4676bd0051a4e7c4b128b306c32a0b0193b552d50c4aca9dc0a8a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e1e93a84bd5a48161a4a626220f4cc2
SHA1 ab26859f905002a5096b5b4f9a17170218345a19
SHA256 1996f948ba3506e618bddfb64ae9b236a8ccc02317ae51551734a4f4ef6ef42c
SHA512 d605bc2d8dff67fa7fffc062dee7ef75a77887894b6c601c5d1d5a1a5521ff68c0ac09a4167b42a2feed9f8cd3ceadcdf33790dca32f50970940e0175cb35824

memory/620-3297-0x000007FEFA700000-0x000007FEFA70F000-memory.dmp

memory/620-3296-0x0000000140000000-0x0000000140070000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 e77db85661b79c8e432d48240f397f36
SHA1 da829090c751b1624f4d8dcbcc3471f3fbfa558a
SHA256 e8c4850a4480853fd762631720ee5923224e53ee61c5e5fbf29ab6197d10e89a
SHA512 770bef50e993487879a09004da4f374f8a96d9c376d6952c7a91bd0a821427fcfcbc5ac155be8bfb8bbffdc32dd8979f7ab60a839f725928c140ec4c4861161a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\3f54f121-86c1-4743-902f-ed6f36ef6330.tmp

MD5 2862760370fbd0f3cfc7db47faff0825
SHA1 fab745b963911cf1d52bd52fa67f238683b2aa97
SHA256 95579fc622cae9bd288ac40446645ace32b905bf7a0a450ea0e7dc1a8fd5704c
SHA512 3c2b2ce216d722e0d0de1f31cd3a7f9512d8d5c39215ba7bcd83b22a69f1fe5881520e53c06290c46540e4dff7448cc0b02c9589373e96e59cd8d95eff717fbf

memory/620-3401-0x0000000140000000-0x0000000140070000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

MD5 faa475d077f88260d6796a46fd5656ae
SHA1 92900a3395076a8021aba31fc975fdcef4bc60a6
SHA256 e84fdb3d44a150998bf6846bc5519a66a97eb1e1462f3b92a9bfa997079025ba
SHA512 98cd54d3022b9f11f9819c729d20df829345ba930f5399308f8bb4b810bb9b7db739c4f7eed33bcb294823661ec1217096f457159bd1fde54b10b75253d90bf2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 f871dd44ae8c9e11c5c85c961f8b2ab1
SHA1 7618910822a0f2639b405e3c0b13faff0431140a
SHA256 2ae2564f74716a4e44850d845f0cca255c6c0c3a7dc0c8ee6bfca0212cc394ec
SHA512 3b9638f705f83e37c3e0c9db1205b2ac76b96ba72ac56013a6aca6f34a7a9ff3548e8fc67d2b85c9f23f8337f696baa8fab01523fb04b5fd618b130501eed47c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 0f0c9989cbb18447d2f5d954c20ed99f
SHA1 9ad0fd560c0c478c67cc8f118e363b3a1d1cdb5a
SHA256 a43a9e5bbd2d8a8aed070df3b2c799afe064312d6f248c4a498a67c0f9a02720
SHA512 ad6a2c60d3e5aab48497169e380d0fa50d7a0fd2bfa0a07313d880afaafd2ff2be7521864ab7ec661866b1ee4309467ef2733a24dba7e0facde8d190739d9fa3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

MD5 6ee227a16635fe5604b7b0522a40e0e3
SHA1 6382205c91495f6b93c2dc9e161715131219f978
SHA256 bf550c9aae5091c935890dd13c70d1acd00702693670afdf9516c10586901936
SHA512 ea68dc914ad394f0c35513359f6c52e11b0829a903f3398036d6b166d129d71678ed6f0acf26334ae6fba2674a5b52979a77a7a041ea6cb2d9da5656d186d685

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

MD5 0ca678222114585bc701a81128e81da5
SHA1 7153ab703cebe63231f07951ee322af357b30d0c
SHA256 d9899ffd6d9533dd3c0c34f02c7ec9f36c0463e0b9386185b0fd0fc5a6247997
SHA512 173f744c73f5dc6578dde2a593a0b66688b9c90e2ae066fcbc75f8c080378cfb4c863047cc36785250e788bf08b77efaaef02b56c1a4a8874fef8654b16c4f28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 4961cbfc51d9b370bc1d585165f727e6
SHA1 91898350fedd124cb9e9cf26d97bafe2d03813f8
SHA256 431a512f5d341fc19464c3515fde0d84f699d85bf493ef21b47cf137ac4b20d8
SHA512 c519047377bae6ae132cb464ad64e78f86400d14f165713848840303d4d366da8da5de1c3fd61635333fa4d0add3d436d823f6044c70b0f2025498ab54c705aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 501cb5e89a35384cffa1e5f4c8cd011c
SHA1 3a77f4c5ae59e64fbf952abaf72fe6ccea24c3b7
SHA256 e71d5bed5f83df8ca5ed98c870d113fada955032ec9950e902d9eb87414a9066
SHA512 b7c16ae468b9ad06d90f46bca003f9771cf1b4f46c2f17d97b401a435ec08255d522c51390b6392c1b4d35ae4edf2615d5983a70e74fff44c371b20a7c633dad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3378c42a00a26764_0

MD5 a2cd4978b28202a6a38f6ede0bb4cde8
SHA1 6d06933f7a0ebe5b31fb4da3252f26392feb6d63
SHA256 fa01cffa3f59edc81268e69d5df907d3dbf6b59c6fed4e2c44337450c24fb110
SHA512 d912762f46368bb08a0ca4962f8ce7c03d1bbef28810acb8548b838bdf0c0821750d94333a0cf35f1ca74c432308ea52026d4e2327c8f9c75eaa7146385a1ad2

memory/620-3613-0x0000000140000000-0x0000000140070000-memory.dmp

memory/620-3615-0x000007FEF7F50000-0x000007FEF7F5D000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d639aadf2ba7cd88c12bcd8b1565b701
SHA1 6ac5508ba8c234cad57e5d08265560a665faa760
SHA256 c4e039fb5521d532798c08cad49535b0021c1430032a0fdb5eb243cecc061a50
SHA512 401390bd0cf8aa1f80edccdaff86221ab19a6d7804e44f255ddeb7ef40c8c3820c522787f7238c0bea75b1fa851d5a5d1266ecd53c3a869968e24db96198ae2f

C:\Users\Admin\Desktop\Tor Browser\Start Tor Browser.lnk

MD5 6d5f9944c651a4872114a679fe9a11a8
SHA1 656db95fbf474c2b7fe325bc84a4e4bf113e3065
SHA256 fac26e458689e9bbe67b1313a56f671b80467b04fd3d21d1ec4d63888908cc0e
SHA512 7d90500230e0b4d279534738a23592307a17de13547aab32f500186c0673c30a6d7dde64f7ae5dbccb1304de9ff9b7eee5e9266726a96b301dc36877c039294d

C:\Users\Admin\Desktop\Tor Browser\Browser\firefox.exe

MD5 1415ff2562e8a4c595e99ff713a1ba38
SHA1 0286f612a5572ec221e456ec145149078930c76a
SHA256 18324f12f6e5858900e764340a24cf1f86b78041db68f3da062b9bca8ce6c7a8
SHA512 4dc261ba9bb6476eedf0c050bbfc20f5a46d080dbe35665b0d9230608b0c08115e6d251de741e87d83cf4ab4304d59e3f2328af71196443f3b967d4492d8dc64

C:\Users\Admin\AppData\Local\Temp\nsfC6F9.tmp\LangDLL.dll

MD5 59888d7d17f0100e5cffe2aca0b3dfaf
SHA1 8563187a53d22f33b90260819624943204924fdc
SHA256 f9075791123be825d521525377f340b0f811e55dcec00d0e8d0347f14733f8a3
SHA512 d4ca43a00c689fa3204ce859fdd56cf47f92c10ba5cfa93bb987908a072364685b757c85febc11f8b3f869f413b07c6fcc8c3a3c81c9b5de3fba30d35495ff23

C:\Users\Admin\AppData\Local\Temp\nsfC6F9.tmp\System.dll

MD5 480304643eee06e32bfc0ff7e922c5b2
SHA1 383c23b3aba0450416b9fe60e77663ee96bb8359
SHA256 f2bb03ddaeb75b17a006bc7fc652730d09a88d62861c2681a14ab2a21ef597ce
SHA512 125c8d2ccbfd5e123ce680b689ac7a2452f2d14c5bfbb48385d64e24b28b6de97b53916c383945f2ff8d4528fef115fbb0b45a43ffa4579199e16d1004cf1642

memory/620-3651-0x0000000140000000-0x0000000140070000-memory.dmp

C:\Users\Admin\AppData\Local\Temp\nsfC6F9.tmp\nsDialogs.dll

MD5 990eb444cf524aa6e436295d5fc1d671
SHA1 ae599a54c0d3d57a2f8443ad7fc14a28fe26cac3
SHA256 46b59010064c703fbaf22b0dbafadb5bd82ab5399f8b4badcc9eeda9329dbab8
SHA512 d1e4eb477c90803ddf07d75f5d94c2dacfdcd3e786a74ea7c521401e116abf036d9399e467d2d12bd1a7c1abda2f1d6d15b40c8039fd6ec79ba5fe4119674c27

C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js

MD5 b09ffd060187926dc4f4029fcbf38bd7
SHA1 796aaab477269c51de4d28c7dfef6ee321f83f73
SHA256 02e3b252397bbd72c080b3785876757b199829c871d9de1a5e31b880f7e328f3
SHA512 f63edd74c0979e68cfa475fcfa54a97649415b03632fb7c114bdc6047b561687fa9bffa6cc5e9f3ad459943ffd7051aef49dd7ba45f77a84029259b9e3fd09fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2a8097a5564b496153d096e3a0d4ae79
SHA1 f3fe81a3acfa426180ba7319998ee8996aad1859
SHA256 4342ae4baf1f5257e509eb68843d26bbcf78dbae1ad32294fef2128dcb5a2b98
SHA512 b250a83232e1d205620345923b8f6f532c99843201d8c99dafcf89a58fa38d557a23e91fac485aebaf159a2bbfbe0811ae2e28096ead03d601f2639aeb4d778a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 58026967fdfb8671bb3639423af01bb9
SHA1 a6112bd321ca50a4e7fbee5d5d13ed87ce7ffcb4
SHA256 2917e7971733a8c74766bbaeeffd95c0a59c599c1474d66a17acc712e2c48e7a
SHA512 5bc9ab0fc58fe26ab151bd394e6e9952d2a0fd16332e44254d215ce86055e36a9bf5bec34b7335be9bf39ed1724e025925ca78776c2b1c4e1ea68f3e248e01bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 889202999206ce578fa5c7604697aa27
SHA1 0cace29037719c94f6a481de3bec4d85972d2dd8
SHA256 3fd80fd5263f0520511044d67c1c27c7e6be1cefd14f2857fcde943fa95d1f20
SHA512 f28744228acabb486c5921c89c5703e63a76563e3a2e961170dcbcffd1a1e51ae35231237d1fda61a40f2e5140edab2438745425cd444bf210681d32285847cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\b5900770-2f2c-4007-afa4-8eaf31d99f8b.tmp

MD5 01f056fa421e4e47ca19f31ba13c8f5c
SHA1 8fd5d9aadeba8dfcedd25cfdb239b69a736ddc83
SHA256 e8534fe2c51c0993e825d25eb70d917849a94e7b08a5ef51734fb13635ca8860
SHA512 31f55d4eac6e6a062bae3728565f80b19f978d2df36ca23cf6b0b3288dd49fe5b248930a213a1fd73e4289e0a1ec1fdbc7af3aebf7eccd0af3d4647db0f43175

C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\chrome\idb\3870112724rsegmnoittet-es.sqlite

MD5 d3a8b257a3872518681c01b7908301c7
SHA1 e4c7bb988ab306dba0f0dd59347e8671dc6b8c96
SHA256 13e544c1af91df8416031ba305e0d6a0854cce8fc8e49ee72b33bead26c3e9e6
SHA512 5e5ad21341592ef662b035383a9412bc1ba0918bb81cb8bf26f731a6df3c76e15c472ca8b297e3494c835bbce81f4022e3695117a27ff31dd81103af629de7fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\1124ce27-35f9-45f3-ba6d-00650efef7b0.tmp

MD5 482f47fdaa9b2562af9b91678dbc74d6
SHA1 fc6ce050bd1a6f21186456c934d3aea0ebd037c6
SHA256 65137cc59b8bb71f355ae16ab3d1d026eef05bc4bbd12e9fd9ee2d15337760c9
SHA512 10eb73bcf2e15b5fae37aa7b57dc1fa54226a99a544f421cf1b76596e74dfdb29253baf58797eb1598034f23f561194731470bbc582d9fdd09c7b67b5ffacd70

C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.tmp

MD5 7fba44cb533472c1e260d1f28892d86b
SHA1 727dce051fc511e000053952d568f77b538107bb
SHA256 14fb5cda1708000576f35c39c15f80a0c653afaf42ed137a3d31678f94b6e8bf
SHA512 1330b0f39614a3af2a6f5e1ea558b3f5451a7af20b6f7a704784b139a0ec17a20c8d7b903424cb8020a003319a3d75794e9fe8bc0aeb39e81721b9b2fdb9e031

C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\extensions.json

MD5 2126d2768cefa09df423097f8d6a2bd2
SHA1 d6c59414405c74e74a84ec3a6393776d5748cfb0
SHA256 063de9dbcd3ff4f5ac65081eb04645792d1141a6e15fdaa4334db8f1a3e77d5e
SHA512 a3a33d73432a43c67a5c399efd69ec0fd5399dfb8c675164e773ed5f8fd4b87fb28aa81e2e6449bb350217064dd2e4f9ac35e4707a5c506234f1a24bbb9c2832

C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js

MD5 ab30b4e47a860fb1f0ec6a20212eeb09
SHA1 155be7853235f14f93e6c06cc27d4e6b555462f2
SHA256 69694a3da69dad512adae20f235ecb78d0733e2888c73df5cf66270cea44911c
SHA512 cc830ef8aca6a4e2a91aee465e0e24573bed2d6061759af902cb5d04ad0ea75ca9b6f1c26e418c58bbfa4afeadf1c53d338c06b9632d84fd36647d3df2537814

C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\cached-microdesc-consensus.tmp

MD5 64e0281fc68bb3af4e58661b6a8cb67b
SHA1 7b326fe72d7a96bdb39d8cc3d70279faf607f37f
SHA256 7d521b224a44834265f155020ed73605f53e7fc2e892d1b36ec31a72634e6ec1
SHA512 63ac8b08f0c983f5d990915cc0422cac3861ce664760acb7c22009e0dc08595936b2528d53d1d1a5c35639292566269880f2b9e7a08b6339b58c583fba9d8da6

C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Tor\cached-microdescs.new

MD5 4b5e02ef98fc3118b710bd1257ba2d47
SHA1 c931c8db59dbb0733ed0ab35e8e9c50e39b64c53
SHA256 c6b2905fcac6da0f6eeece95874346e00aa22d5be48281aae400a9f246ead5b6
SHA512 82cf780cb4c8edf12373c7e063d8747a456d589a14b00747b2d7d88732051f913161c42972846b7558bef148b10694eac87ac6e5ca58cc5a7ff21b360bae5fc1

C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs-1.js

MD5 c6ecddcd33d67b2335d7674d73c313b3
SHA1 dbc1fd1859fb6499dd3a150678150cf5e60f6f44
SHA256 a4462ee67d5f616f65f25e3171d57ec7c876daef9c5e58f5405ec7d10f97931a
SHA512 250658e7f5ac0643d0c01bfa09e6371262a0be32631aa8f6cf06b4957119c1a7962b50d1b869a13256e33b1efdb46fc923f772ddbc77349a4e0cdc283223501b

memory/3132-4478-0x000000001B260000-0x000000001B270000-memory.dmp

C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js

MD5 8a50d20a7734c5bbb7cb435f839c7e2f
SHA1 d46c46f51faa3a63a1654ec11bc763b85640d47a
SHA256 afd1d37f406055444ceeaa8b3d2da9a4de74ffa8b7680f3de29ef764c182e886
SHA512 8b20aed9233ec899ed4ba77936d9359e1151cffc73289310c3ae6e2dd1c10e0fb149107871a722fdbdc9b9a027cb9bee66a649d5ac5ad4d9c3dfd62efa258adb

C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\storage\permanent\indexeddb+++fx-devtools\idb\478967115deegvatroootlss--cans.sqlite

MD5 a03690288b4986513c28ff9510ed47b4
SHA1 d0a005744f0f6f1b169c8ac9a1ba5513f15f846d
SHA256 b0b897ca0860e791323a5e70ea013d2612f3484b5dba36fcf54ea481078b5f54
SHA512 51c24ea2f10ed006a9642b23f6118d9278dd153168df7cdea58cd9fbb65ac56be798f4f357a7b3bda8c18b9ab6dc69e85d99ea91a81e2286b8236677782dd427

C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs.js

MD5 9709488d18a3363cbfb91ea2a200336b
SHA1 3db46ec9e6d6c588aad00193d40cb8be6fc4f365
SHA256 21570bf436b4885108e1a808a3c0b873c2f57fa5682b8212921e882868c39e5e
SHA512 3d49f8022e3f9cf2eb9a0d554614bee50e46bd5d51a58f46df90da6f8cd8a2d64e0e08280d3b71356eed6972163967fd5e5f77dbce53a91fcd106281095d7999

C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\prefs-1.js

MD5 f8190a688a8a95ae6ef253d5643fc723
SHA1 e0712e7ac8afbab3491c68ef4f44551277f678ab
SHA256 0001f8cbf84de186da153f2afb9311a07388c8bb6829f795657aeed6fe8a15a8
SHA512 54d2103a2332032167e923419001695562ef642986dba94bd8d7bd789fa048a952e34636775d5ab5ea4da0807e17b58f720ae6834cf9da538076b25bf432c16e

C:\Users\Admin\Desktop\Tor Browser\Browser\TorBrowser\Data\Browser\profile.default\datareporting\glean\db\data.safe.tmp

MD5 b1c8aa9861b461806c9e738511edd6ae
SHA1 fe13c1bbc7e323845cbe6a1bb89259cbd05595f8
SHA256 7cea48e7add3340b36f47ba4ea2ded8d6cb0423ffc2a64b44d7e86e0507d6b70
SHA512 841a0f8c98dd04dc9a4be2f05c34ecd511388c76d08ca0f415bfb6056166d9a521b8bc2c46b74697f3ecdac5141d1fe6af76dd0689350caca14e9f849ee75a8b

memory/1656-5596-0x000007FFFFF50000-0x000007FFFFF60000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-01 04:42

Reported

2024-06-01 05:13

Platform

win10v2004-20240508-en

Max time kernel

1800s

Max time network

1685s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\image (1).gif

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133616905992191451" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3304 wrote to memory of 1908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 1908 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 3348 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 1040 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 1040 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3304 wrote to memory of 940 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument C:\Users\Admin\AppData\Local\Temp\image (1).gif

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff8a478ab58,0x7ff8a478ab68,0x7ff8a478ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1608 --field-trial-handle=1972,i,594338913665075144,1882831887466094096,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1876 --field-trial-handle=1972,i,594338913665075144,1882831887466094096,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2204 --field-trial-handle=1972,i,594338913665075144,1882831887466094096,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2960 --field-trial-handle=1972,i,594338913665075144,1882831887466094096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2968 --field-trial-handle=1972,i,594338913665075144,1882831887466094096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1564 --field-trial-handle=1972,i,594338913665075144,1882831887466094096,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4316 --field-trial-handle=1972,i,594338913665075144,1882831887466094096,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=976 --field-trial-handle=1972,i,594338913665075144,1882831887466094096,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 104.219.191.52.in-addr.arpa udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 74.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
NL 23.62.61.97:443 www.bing.com tcp
US 8.8.8.8:53 97.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 13.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 122.10.44.20.in-addr.arpa udp

Files

\??\pipe\crashpad_3304_MHXHUQJHSSVKGGNZ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bbb4a0a43957ffd356ae8212978f21de
SHA1 ccda06eccd1a9eb430cb96e00e51a00675319200
SHA256 f1dfc686781291efa89a08c93d309c6c4466107bd75e2928179257500af20e57
SHA512 68923674213608d11a60bafea416718ca362eb5653501e73fc4ab3581b45201e5e2502bd23abb0c579b59882135f3bbdd2235732f86515f244bddb8b6bc2f253

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 85dd8df66c8dccaad60a23cf7a9011d1
SHA1 41c0e49a0a8e275747fb2f55f20635a04526d2dc
SHA256 c2f3c27e52b46f2c94aa25063d436a3c420284b82601f06aa53c866df1f2dfa6
SHA512 dc1f039c1f00f6bb704f3399dd01d5f0178f3e4301e61f81bdca0fcbb214e925f163def392b1f5f9d0b5b8e3a0fd4d45014658792c3d88076d315bf4cb71c3d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 23fc46a406c50217096452141ad17652
SHA1 274237b6465218d49797eb602e556b63b5d40925
SHA256 b2dbc7031d1e012459587255fcf2ebb07f7e403eeb7310e7890f09b1b075756e
SHA512 1f229ff3d815c291b429f77368a11b2d61211b2425d262150f64299ad69158f84e924a0dd88b656fd062af0d0ae3f7340b6f8fed678f0704e81f96a3ddcfa05c