Analysis Overview
SHA256
6b1da4e1d3f7d39a4375a37b118a6553b08f666bd8736d69a185b5fe7f29c1ce
Threat Level: Shows suspicious behavior
The file Lossless.Scaling.Build.13165770.rar was found to be: Shows suspicious behavior.
Malicious Activity Summary
Loads dropped DLL
Legitimate hosting services abused for malware hosting/C2
Enumerates physical storage devices
Unsigned PE
Detects Pyinstaller
Suspicious use of SendNotifyMessage
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Modifies registry class
Suspicious use of WriteProcessMemory
Modifies data under HKEY_USERS
Enumerates system info in registry
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
Suspicious use of AdjustPrivilegeToken
Suspicious use of SetWindowsHookEx
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-03 22:13
Signatures
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Unsigned PE
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-03 22:13
Reported
2024-06-03 22:22
Platform
win10v2004-20240426-en
Max time kernel
532s
Max time network
534s
Command Line
Signatures
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Lossless.Scaling.Build.13165770\Lossless.Scaling.exe | N/A |
| N/A | N/A | C:\Lossless.Scaling.Build.13165770\Lossless.Scaling.exe | N/A |
| N/A | N/A | C:\Lossless.Scaling.Build.13165770\Lossless.Scaling.exe | N/A |
| N/A | N/A | C:\Lossless.Scaling.Build.13165770\Lossless.Scaling.exe | N/A |
| N/A | N/A | C:\Lossless.Scaling.Build.13165770\Lossless.Scaling.exe | N/A |
| N/A | N/A | C:\Lossless.Scaling.Build.13165770\Lossless.Scaling.exe | N/A |
| N/A | N/A | C:\Lossless.Scaling.Build.13165770\Lossless.Scaling.exe | N/A |
| N/A | N/A | C:\Lossless.Scaling.Build.13165770\Shaders\LS1.2_S3_2.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | camo.githubusercontent.com | N/A | N/A |
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133619265221658103" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Windows\system32\cmd.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\0\1\0\NodeSlot = "7" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1092616257" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\NodeSlot = "6" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\MRUListEx = ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\LogicalViewMode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1092616257" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\IconSize = "48" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupView = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByKey:PID = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\CLSID\{018D5C66-4533-4307-9B53-224DE2ED1FE6}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:PID = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\Shell\SniffedFolderType = "Generic" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (str) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\0\1\MRUListEx = 00000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\FFlags = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\GroupByDirection = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\0\1\0\MRUListEx = ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\IconSize = "16" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupView = "0" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\LogicalViewMode = "3" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 010000000200000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\0\MRUListEx = 0100000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\0\1\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\0\1 = 4e00310000000000c35813b2100054656d7000003a0009000400efbe9a586b64c35813b22e0000008be1010000000100000000000000000000000000000078422300540065006d007000000014000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Mode = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a000000a000000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 = 3a001f44471a0359723fa74489c55595fe6b30ee260001002600efbe10000000b453dc33d697da01da5818ebdc97da019008b4b603b6da0114000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 020000000100000000000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg\{CD0FC69B-71E2-46E5-9690-5BCD9F57AAB3} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Mode = "4" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 0202020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\6\ComDlg | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\0\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0\0\0\1\0 = 8c003100000000004558efba10004c4f53534c457e312e3133310000700009000400efbec358d5b1c358d5b12e000000f3d9010000000800000000000000000000000000000038c215004c006f00730073006c006500730073002e005300630061006c0069006e0067002e004200750069006c0064002e003100330031003600350037003700300000001c000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\1\1\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\Sort = 000000000000000000000000000000000100000030f125b7ef471a10a5f102608c9eebac0a00000001000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{4336a54d-038b-4685-ab02-99bb52d3fb8b}\Instance\ | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\ColInfo = 00000000000000000000000000000000fddfdffd100000000000000000000000040000001800000030f125b7ef471a10a5f102608c9eebac0a0000001001000030f125b7ef471a10a5f102608c9eebac0e0000009000000030f125b7ef471a10a5f102608c9eebac040000007800000030f125b7ef471a10a5f102608c9eebac0c00000050000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-711569230-3659488422-571408806-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\7\ComDlg\{5C4F28B5-F869-4E84-8E60-F11DB97C5CC7}\GroupByDirection = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\Lossless.Scaling.Build.13165770.rar
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\7-Zip\7zG.exe
"C:\Program Files\7-Zip\7zG.exe" x -o"C:\Users\Admin\AppData\Local\Temp\" -an -ai#7zMap9642:142:7zEvent26981
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffa1861ab58,0x7ffa1861ab68,0x7ffa1861ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1792 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2308 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3136 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3156 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4392 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4512 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4684 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4720 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4872 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5044 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4636 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5112 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3152 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4472 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4376 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5248 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5308 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4952 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5356 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=2380 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3636 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4980 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=244 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4612 --field-trial-handle=1956,i,8741397276220984205,830664443899948286,131072 /prefetch:8
C:\Lossless.Scaling.Build.13165770\Lossless.Scaling.exe
"C:\Lossless.Scaling.Build.13165770\Lossless.Scaling.exe"
C:\Lossless.Scaling.Build.13165770\Lossless.Scaling.exe
"C:\Lossless.Scaling.Build.13165770\Lossless.Scaling.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://www.youtube.com/channel/UCMsvzmiaTinASbUvDTSZ2Rw?sub_confirmation=1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x118,0x11c,0x120,0xf4,0x124,0x7ffa18b346f8,0x7ffa18b34708,0x7ffa18b34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1984,5534384409494808408,7678754253900149473,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2016 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1984,5534384409494808408,7678754253900149473,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2256 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1984,5534384409494808408,7678754253900149473,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2852 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,5534384409494808408,7678754253900149473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3408 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,5534384409494808408,7678754253900149473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3416 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,5534384409494808408,7678754253900149473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4732 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1984,5534384409494808408,7678754253900149473,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4772 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=1984,5534384409494808408,7678754253900149473,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5248 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x494 0x468
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Lossless.Scaling.Build.13165770\Shaders\LS1.2_S3_2.exe
C:\Lossless.Scaling.Build.13165770\Shaders\LS1.2_S3_2.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s CaptureService
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s CaptureService
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.86.106.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.123.68.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | tcp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 216.58.204.67:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.200.46:443 | www.youtube.com | udp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.169.217.172.in-addr.arpa | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | tcp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.201.98:443 | googleads.g.doubleclick.net | udp |
| GB | 172.217.169.10:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| GB | 142.250.179.238:443 | www.youtube.com | udp |
| GB | 216.58.204.67:443 | id.google.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 185.199.108.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 185.199.108.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.108.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.108.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.114.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | camo.githubusercontent.com | udp |
| US | 8.8.8.8:53 | pyinstxtractor-web.netlify.app | udp |
| DE | 3.72.140.173:443 | pyinstxtractor-web.netlify.app | tcp |
| DE | 3.72.140.173:443 | pyinstxtractor-web.netlify.app | tcp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.14:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| US | 8.8.8.8:53 | d33wubrfki0l68.cloudfront.net | udp |
| US | 8.8.8.8:53 | badgen.net | udp |
| US | 8.8.8.8:53 | img.shields.io | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | tcp |
| US | 151.101.1.229:443 | cdn.jsdelivr.net | tcp |
| GB | 18.245.150.194:443 | d33wubrfki0l68.cloudfront.net | tcp |
| GB | 18.245.150.194:443 | d33wubrfki0l68.cloudfront.net | tcp |
| US | 76.76.21.9:443 | badgen.net | tcp |
| US | 76.76.21.9:443 | badgen.net | tcp |
| US | 76.76.21.9:443 | badgen.net | tcp |
| US | 76.76.21.9:443 | badgen.net | tcp |
| US | 104.21.80.27:443 | img.shields.io | tcp |
| US | 8.8.8.8:53 | 173.140.72.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.1.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.150.245.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.21.76.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 27.80.21.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.49.178.192.in-addr.arpa | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| US | 192.178.49.195:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 142.250.200.46:443 | www.youtube.com | tcp |
| GB | 142.250.200.46:443 | www.youtube.com | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.169.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | accounts.google.com | udp |
| NL | 142.250.27.84:443 | accounts.google.com | tcp |
| NL | 142.250.27.84:443 | accounts.google.com | udp |
| US | 8.8.8.8:53 | 136.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.204.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 84.27.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | rr5---sn-t0a7ln7d.googlevideo.com | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | youtube.com | udp |
| GB | 142.250.200.46:443 | youtube.com | tcp |
| US | 8.8.8.8:53 | 66.204.58.216.in-addr.arpa | udp |
| GB | 216.58.204.66:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | yt3.googleusercontent.com | udp |
| GB | 142.250.179.225:443 | yt3.googleusercontent.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.179.225:443 | yt3.googleusercontent.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 225.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | rr4---sn-aigl6nsr.googlevideo.com | udp |
| US | 8.8.8.8:53 | i1.ytimg.com | udp |
| GB | 172.217.16.238:443 | i1.ytimg.com | tcp |
| GB | 74.125.105.137:443 | rr4---sn-aigl6nsr.googlevideo.com | tcp |
| GB | 172.217.169.54:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | tcp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 172.217.16.234:443 | jnn-pa.googleapis.com | udp |
| US | 8.8.8.8:53 | 137.105.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 238.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| GB | 74.125.105.137:443 | rr4---sn-aigl6nsr.googlevideo.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
Files
\??\pipe\crashpad_4680_XOLYSRXTUMUSJPNQ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\83779ac6-359f-4700-86c5-56342f4e6d7e.tmp
| MD5 | 1679222730e6819c489befc874e92fa5 |
| SHA1 | 0fc2c1d85964dc59aefc077ff1c8ea747d11cbeb |
| SHA256 | 24cdfdc87b8f14a3d720eb92bd7a0199c57a746a138bade4d6f2218d3f72a921 |
| SHA512 | 9e203f12f430286d318cac1093f044b6bee4ea5b05d530b49bc96afc0b01243c863bc2abeeb339a0a595429796b49adce409ede992bc24de3de680e0ce204288 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\af88a4c4-e78d-422b-bfac-d1140a47ac68.tmp
| MD5 | 13e9f9e36298d7e61f220ebab9590d2f |
| SHA1 | 485b85894020f4a68775ed8d43d42b44d39dc777 |
| SHA256 | e5a2d8c8c97236d5500d1887698249e6e4715cb2758e54806214afac9129d385 |
| SHA512 | 7379860356327ad1c5095aa691e4ec84ac3895057fa6af5edc313f0998b4c9a0fe153ef95f281b021c22541562814e76a42a540691f47e159e67cf9be41bbed9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4e9123241ad02bc3217ed0b790a3faa4 |
| SHA1 | 5ceaf645cb091e7b34aa4f841efe44317bf6c3fa |
| SHA256 | 3f9ed1306432bd8c86ecd500192ab61dd99fb6bb0cde57cb18f744449f359501 |
| SHA512 | 5143ef47cfa1ab0e4e890da5a7363cc402773989b1dfea9efde767ce28d9e6f9f2f9bf5d3b2ab4ec7b635a0ba772bafc57d740f130b03bce820dd2b13dbfa211 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 8ba427c7843469d0a9d08be477af7cc4 |
| SHA1 | e51f7d6c4d00d4036f05941e321ebadad206416a |
| SHA256 | deea1d53650066c390187cdf8984f9abad3665f4088ddb490395a7d06d599e13 |
| SHA512 | 6e9d87ef4d3ff164381b09237effc37d3681bf79bda8c0bc0cfbd99393ce301d32ff660d3efc48a587dba45ffe09b1b817dcc2f928c1cdf5c00679c018f003b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 94275bde03760c160b707ba8806ef545 |
| SHA1 | aad8d87b0796de7baca00ab000b2b12a26427859 |
| SHA256 | c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968 |
| SHA512 | 2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe58f8c3.TMP
| MD5 | f9cbf2baaef4c8b501102ee46234873d |
| SHA1 | 395bf996bb7e3c9e9e968788718e50fc4733b61e |
| SHA256 | 35b873fdeaf9964e3359c7490eb1bed47f818914984009e8f995d792f4ac9d6e |
| SHA512 | d70dc6f4d2e32ecefe8589381ced3a026891ab1a040e483b79a5ae44ce0731fb6738c32d33706e34128923010ebbd96fb67186e6c8922f923dc80ec89b090d39 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | d052f9c40413ed1a236f3ca6a0d0c936 |
| SHA1 | cf1ad0f3f8c93843d33051621f6e7a185781abf7 |
| SHA256 | 8136000cf51a1ad5832f0c6e608a5a9e40e921f7e6c22287a7bd96819eb264db |
| SHA512 | d30f0842ece907d61479aa8248ddcbb8be812a9e084399d7c177afef086cb90f5b99f71fcb39b77756c848426f14bbcbf24719f1dddd30a5acfcbb0e2677fd0b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a838babf16548169d4131e2921805820 |
| SHA1 | 67e40b81f5ce8e3ba90b28510ca1b9f79df57965 |
| SHA256 | f36b328f7827420ecfe309eec98b90567310ee31ebd4f28491f928b53bd4e377 |
| SHA512 | f299d1f4d881a230265ef15bd4f4a8cb17c56dcd90d737fa95e827acfeba12deeb4571041f9b832532883572686bbf394f7ef3d5403c829b8da6727c06046e75 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 5f657408162b9b34496ff8b48c26a758 |
| SHA1 | 8ced24f2e0876e7ca5ffd148bfa3f70f64120316 |
| SHA256 | 09ab162f1b7aefeaaf744f23591ecf5c1a263877a5023d4c153d372872d87f00 |
| SHA512 | 6e7e1b04869e6c91292f0047d5fb5533038e8614a1cbb6e3cabd9e8b3322db25b4b9c83372d05c5fa7f2a82c0c4895af3de885eb73e7a8ed0428b5f85ac1bd8b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6bfa531d1884ab308eded02c39ece8a2 |
| SHA1 | 2eb84f6d19e205055c954f77a0caa6c77612fb8c |
| SHA256 | fd399cf310b4eab2382efd1b9b695058353278c0959928fa9c97bef1b74dfda5 |
| SHA512 | 340a0141fab8824f702efd989eea3a4d726466f78f81d63e6dcccd79a748b11424f555aedbfaf32a933ece16b571b2808991f362ea73c20b18e44d61406a941a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 49b820b0626e1439918237c3bd78c76f |
| SHA1 | 6c2f9c14443a468d86fe29a03d9bec4ab8756d50 |
| SHA256 | 3abed1206f763ef44c9214097c69b2165e6d2e1fb4b34c0bf4619a99a1e8a80d |
| SHA512 | f14a23a6bd63e280d0ed68cddc74a403f5636b567ece95a46a1c592cd2b7e8b1253c42d8cd23170e264afac5129fab7eca95409d2622f45c293342dad6ef1a3a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a21e2d017b18e38756acc535b2254b2a |
| SHA1 | bcc269d9bd0fc06c22e90fb782943e49a6a683d4 |
| SHA256 | 7b22306f95c1da56b557a76a446b2da3246af1dcc27dcd351ad50cb7814988b5 |
| SHA512 | 9d31960fd23a97aaa11f9b3edbb4d1ec5bbd1c129614765188fe45c0b1f052214a2d3836033c7380876f9c38d85e2ecfe924052e00b943901a6dd159a291e95d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | ceb4624992b2590d94be6986c729e87f |
| SHA1 | 08cd26fdb4bfe03a63c5ab96ee96f7739931396c |
| SHA256 | 17a0c01279b7400e751afa29b71941fcc77a043bbc4d0f21d9c4fb15f4909eca |
| SHA512 | 461a15ef36a0f4c21196ae7bc4c414b9b1e331e831384a685d00c97f4e07f380ba3135c40cbb29564dd08cec2b508dd35cf48e2f22c2a81578a8ac4b78570551 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | fda8aa6e636f56124e783ca3de3ba693 |
| SHA1 | 5f3b8cce6ce5832cdc0e87dbabe0d6f76ac8ba75 |
| SHA256 | 22cbf4a16a64c6e674f0c9467fce77879dccc6783a9d309e38ecc4fe0d9b5a9c |
| SHA512 | 797ce27c86f091879491325853508e27338425992f910bd7ab0e499b1da26eea44c7dbb77cfca938f91619edf13428f3af3d27271ea03ae536cb3a3d6e1b7b4c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 47a3e049a0887acbaca51f31165c99e3 |
| SHA1 | c8292c0f2e0b5525fb4769b19678541754b4e460 |
| SHA256 | b0385d2850c543808f7681048b1a6ebff7482841ad0ec9ba8618f0739f94c674 |
| SHA512 | 735e2db0bbe6e4fa8618d40040124eb887792eb1867fd27caabc29087c39060cb795bed8815da23c442bc04c49ca2260cd770f4f60eccd2104ae45ed3493b746 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ae996dac-0324-4639-8725-5f358ed36f06.tmp
| MD5 | f8b9e0d49881c20d51bba1ba5a6767d0 |
| SHA1 | 8ec3a448086a0897a0aa7f0d34d66d50777f509b |
| SHA256 | 94f9522ac63ae58f0f44a8f427603cdf4d517f5cbfa370285a6bbac32949dd97 |
| SHA512 | 87a616e895f81fff09f433462054373e3ad45f1f6510fc0b657a8a0411953c2b050d983c0a3a8b388eba179d315baac68af5fe56a7298b9e4b105e973f4d2de1 |
C:\Users\Admin\AppData\Local\Temp\Lossless.Scaling.Build.13165770\Lossless.Scaling.exe
| MD5 | 02d862d95d0128b0ac29720219f769d2 |
| SHA1 | 3f92888fd213771f28e088dfaa1f6a82a86d2a8e |
| SHA256 | fbd89c8ff6293241de93e12705bdc65701198ec437a5010874d0e004eed9a548 |
| SHA512 | 55932f62aee3d62008da31ec18c4c00abe1733247e151f882aca3a5f4cd8c3deb1c773c20a56f996596346722b2ebc4502a90149901e3527419f8af4a22ce0a0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0a66e23a521797c47bae7baf3761e26e |
| SHA1 | d1d90c938e8ed7fe3eaab6758ca0956a4efdc935 |
| SHA256 | c24dffe94a2eba4614c29d3e86848031c9107fa58c4cbe16bef7e91aeb3c9230 |
| SHA512 | d90098f106e21f3d2beded3529bf34b28d6d274c2fcc22d79cdc79ce2dacdedcca7dcb06a881730fed976788a736f3b4a7fac25c9ff001ccc6dad4e52145cf3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | f6358cb93948f3ce8666141c1464397b |
| SHA1 | 2b8549911db04549ea87179316dc6a387efd7f15 |
| SHA256 | c9377b5f33e20210a0ba6614327de278dc96c6267ff99c7a60fd9541bc93fb3c |
| SHA512 | 98efb896e77c6679e24245eb0e475a7cbef10076b05af48ef55e8a70e0b474091d553b9ca29373525afbf89b2c6002a358a645f31018ce1211f7711f31994fd0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 93aff94230b64076690bd98b6dd3f74b |
| SHA1 | bbbce6dcbaa7fd594d1480395d65c9f88fbbae84 |
| SHA256 | 5cf3da73832ac0b155657ae8b0b4a221d46b32dab5e8684570a1029fecc457eb |
| SHA512 | 524e8c92a58dcb8bf2a5d7b9d999fd2f5ba8c03776066014fa5c824d8632ee37c8d54027854fdc9040bb512564810790b5256d6580611ea2e3bcf88da28a382e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 7eabf9f6ef169a10156336773acbaf58 |
| SHA1 | fb3d06cc463772e20bb3c7221f98d3c10226428f |
| SHA256 | 6cd2a1dbe23d4cf8e0bb27460b7f4c142300309dde63d80ae13b6a488d635b39 |
| SHA512 | 3c07c986eeceaa17d34ea2f400016a918d12ecdbf57442341b8fae85bafee456bacd3b583c4d496b841bc7608d3752c76fc8f0831abb32493447bd50469f7514 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5a106c.TMP
| MD5 | aa2f1acd1f99237e0cb89ec121fb391c |
| SHA1 | 8b24eb88c783fccc5d57bd2fbe3f371282b136e4 |
| SHA256 | 2619f0ba5d17ff7e6eaf0bea874153ed0e44a695839d214242cc6d9efb8b4d9e |
| SHA512 | f4776b2a5643d57ca4a2a45ab306afcd33d76c03d8873fd910033c31ee8c0ff92126c0a9004115c59b43924f6631b4a5e14693becf61a7b4a7d7f122b40a31ba |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9433a0a16b1c7cd14331c6654169bedb |
| SHA1 | 9fdbb41a7b294becbdd1f3b7cc030a36359a913e |
| SHA256 | 26ef41d92a2b2382f7848f1f1c75f2dde8d219ba15ddd8f40443d648bcf85f34 |
| SHA512 | bdbdab973540a3158c47cf927b3ddcc8045d597ee83b78e3fc9fd5aab3810147cf243a8c9df1c1ab40817e29bed42acd68226bb7a5c2e4073fa38814d9420439 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\ef5d5120-6f55-4817-9cca-4ec045b72611.tmp
| MD5 | 4ac2f7e58c7edf868ca1eec2da835f60 |
| SHA1 | c80eb597c836f88b36a2a73f583ac4d5e6a5f19c |
| SHA256 | ec80db259020024a7c8f2b7a210429dbacfba2396ca0843fb7d033930e70861d |
| SHA512 | 0f7e91991c3bd4ceb727ad915ecb59af98a8751a77795b8410dc3cca8139afb0b21d6f9b0a08562ad8c0b07a9ea9c560cc589c765a4ed657c6b77ec108a8235c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 003565b583a2b341be6b808a1441bc37 |
| SHA1 | e40170c176da0322fddf386efa38e0ad0913ffeb |
| SHA256 | 056075a35042bc7a79eb4154a7e09097685066308fdf7683e789594055f03c57 |
| SHA512 | 61b4287741a5c7a1b764441639df2c1b00b0092ccf6199fc7eb54f417673cf9378590306dfa23403e05109275840d93a42b0c4350a60c4eaad0ce9b634ab732d |
C:\Users\Admin\Downloads\Lossless.Scaling.exe_extracted.zip
| MD5 | 59e33b94c1f906b86f115ab238583532 |
| SHA1 | 66f39cc2188f983a98a28cbe31b788b22afec8e8 |
| SHA256 | 6d973332a60d33748293a13a1cecceb6125fa4b0369bdc32510c93e8518c303b |
| SHA512 | 91cfba675a59374d8b49ba6d3b85fcf7b9116edfebbc7b0a677706d0560ce979bef853aeaa785d3478fc32a417465f711607a63dd1373da12854f6c9a8d5d609 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | d41475e1e3f4346a63664513ccd769ca |
| SHA1 | 2b5d9859d7c4ac7e7cc003257b33aeba447cdbaf |
| SHA256 | ef202564c776062506a61512537f2680d1160ecbbf6c4dd766cd8d667a5fa950 |
| SHA512 | 0fdaddac762d3415c8a37dd5a789114cd3286b04adefa95e3013d24e31280bd6a64f949d041dd2e516dee2f61d3cf51e14520c39fc781c2c93f999865b15c14b |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\ucrtbase.dll
| MD5 | 0e0bac3d1dcc1833eae4e3e4cf83c4ef |
| SHA1 | 4189f4459c54e69c6d3155a82524bda7549a75a6 |
| SHA256 | 8a91052ef261b5fbf3223ae9ce789af73dfe1e9b0ba5bdbc4d564870a24f2bae |
| SHA512 | a45946e3971816f66dd7ea3788aacc384a9e95011500b458212dc104741315b85659e0d56a41570731d338bdf182141c093d3ced222c007038583ceb808e26fd |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\python311.dll
| MD5 | a72993488cecd88b3e19487d646f88f6 |
| SHA1 | 5d359f4121e0be04a483f9ad1d8203ffc958f9a0 |
| SHA256 | aa1e959dcff75a343b448a797d8a5a041eb03b27565a30f70fd081df7a285038 |
| SHA512 | c895176784b9ac89c9b996c02ec0d0a3f7cd6ebf653a277c20dec104da6a11db084c53dd47c7b6653a448d877ad8e5e79c27db4ea6365ebb8ca2a78aa9c61b38 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\VCRUNTIME140.dll
| MD5 | 870fea4e961e2fbd00110d3783e529be |
| SHA1 | a948e65c6f73d7da4ffde4e8533c098a00cc7311 |
| SHA256 | 76fdb83fde238226b5bebaf3392ee562e2cb7ca8d3ef75983bf5f9d6c7119644 |
| SHA512 | 0b636a3cdefa343eb4cb228b391bb657b5b4c20df62889cd1be44c7bee94ffad6ec82dc4db79949edef576bff57867e0d084e0a597bf7bf5c8e4ed1268477e88 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\libffi-8.dll
| MD5 | d86a9d75380fab7640bb950aeb05e50e |
| SHA1 | 1c61aaf9022cd1f09a959f7b2a65fb1372d187d7 |
| SHA256 | 68fba9dd89bfad35f8fd657b9af22a8aebda31bffda35058a7f5ae376136e89b |
| SHA512 | 18437e64061221be411a1587f634b4b8efa60e661dbc35fd96a6d0e7eff812752de0ada755c01f286efefc47fb5f2daf07953b4cfc4119121b6bee7756c88d0f |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-util-l1-1-0.dll
| MD5 | 427f0e19148d98012968564e4b7e622a |
| SHA1 | 488873eb98133e20acd106b39f99e3ebdfaca386 |
| SHA256 | 0cbacaccedaf9b6921e6c1346de4c0b80b4607dacb0f7e306a94c2f15fa6d63d |
| SHA512 | 03fa49bdadb65b65efed5c58107912e8d1fccfa13e9adc9df4441e482d4b0edd6fa1bd8c8739ce09654b9d6a176e749a400418f01d83e7ae50fa6114d6aead2b |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-timezone-l1-1-0.dll
| MD5 | 2554060f26e548a089cab427990aacdf |
| SHA1 | 8cc7a44a16d6b0a6b7ed444e68990ff296d712fe |
| SHA256 | 5ab003e899270b04abc7f67be953eaccf980d5bbe80904c47f9aaf5d401bb044 |
| SHA512 | fd4d5a7fe4da77b0222b040dc38e53f48f7a3379f69e2199639b9f330b2e55939d89ce8361d2135182b607ad75e58ee8e34b90225143927b15dcc116b994c506 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-sysinfo-l1-1-0.dll
| MD5 | 9ca65d4fe9b76374b08c4a0a12db8d2f |
| SHA1 | a8550d6d04da33baa7d88af0b4472ba28e14e0af |
| SHA256 | 8a1e56bd740806777bc467579bdc070bcb4d1798df6a2460b9fe36f1592189b8 |
| SHA512 | 19e0d2065f1ca0142b26b1f5efdd55f874f7dde7b5712dd9dfd4988a24e2fcd20d4934bdda1c2d04b95e253aa1bee7f1e7809672d7825cd741d0f6480787f3b3 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-synch-l1-2-0.dll
| MD5 | dd6f223b4f9b84c6e9b2a7cf49b84fc7 |
| SHA1 | 2ee75d635d21d628e8083346246709a71b085710 |
| SHA256 | 8356f71c5526808af2896b2d296ce14e812e4585f4d0c50d7648bc851b598bef |
| SHA512 | 9c12912daea5549a3477baa2cd05180702cf24dd185be9f1fca636db6fbd25950c8c2b83f18d093845d9283c982c0255d6402e3cdea0907590838e0acb8cc8c1 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-synch-l1-1-0.dll
| MD5 | 6ea31229d13a2a4b723d446f4242425b |
| SHA1 | 036e888b35281e73b89da1b0807ea8e89b139791 |
| SHA256 | 8eccaba9321df69182ee3fdb8fc7d0e7615ae9ad3b8ca53806ed47f4867395ae |
| SHA512 | fa834e0e54f65d9a42ad1f4fb1086d26edfa182c069b81cff514feb13cfcb7cb5876508f1289efbc2d413b1047d20bab93ced3e5830bf4a6bb85468decd87cb6 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-string-l1-1-0.dll
| MD5 | 84b1347e681e7c8883c3dc0069d6d6fa |
| SHA1 | 9e62148a2368724ca68dfa5d146a7b95c710c2f2 |
| SHA256 | 1cb48031891b967e2f93fdd416b0324d481abde3838198e76bc2d0ca99c4fd09 |
| SHA512 | 093097a49080aec187500e2a9e9c8ccd01f134a3d8dc8ab982e9981b9de400dae657222c20fb250368ecddc73b764b2f4453ab84756b908fcb16df690d3f4479 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-rtlsupport-l1-1-0.dll
| MD5 | 772f1b596a7338f8ea9ddff9aba9447d |
| SHA1 | cda9f4b9808e9cef2aeac2ac6e7cdf0e8687c4c5 |
| SHA256 | cc1bfce8fe6f9973cca15d7dfcf339918538c629e6524f10f1931ae8e1cd63b4 |
| SHA512 | 8c94890c8f0e0a8e716c777431022c2f77b69ebfaa495d541e2d3312ae1da307361d172efce94590963d17fe3fcac8599dcabe32ab56e01b4d9cf9b4f0478277 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-profile-l1-1-0.dll
| MD5 | 9082d23943b0aa48d6af804a2f3609a2 |
| SHA1 | c11b4e12b743e260e8b3c22c9face83653d02efe |
| SHA256 | 7ecc2e3fe61f9166ff53c28d7cb172a243d94c148d3ef13545bc077748f39267 |
| SHA512 | 88434a2b996ed156d5effbb7960b10401831e9b2c9421a0029d2d8fa651b9411f973e988565221894633e9ffcd6512f687afbb302efe2273d4d1282335ee361d |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-processthreads-l1-1-1.dll
| MD5 | 4380d56a3b83ca19ea269747c9b8302b |
| SHA1 | 0c4427f6f0f367d180d37fc10ecbe6534ef6469c |
| SHA256 | a79c7f86462d8ab8a7b73a3f9e469514f57f9fe456326be3727352b092b6b14a |
| SHA512 | 1c29c335c55f5f896526c8ee0f7160211fd457c1f1b98915bcc141112f8a730e1a92391ab96688cbb7287e81e6814cc86e3b057e0a6129cbb02892108bfafaf4 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-processthreads-l1-1-0.dll
| MD5 | 8e6eb11588fa9625b68960a46a9b1391 |
| SHA1 | ff81f0b3562e846194d330fadf2ab12872be8245 |
| SHA256 | ae56e19da96204e7a9cdc0000f96a7ef15086a9fe1f686687cb2d6fbcb037cd6 |
| SHA512 | fdb97d1367852403245fc82cb1467942105e4d9db0de7cf13a73658905139bb9ae961044beb0a0870429a1e26fe00fc922fbd823bd43f30f825863cad2c22cea |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-processenvironment-l1-1-0.dll
| MD5 | 8711e4075fa47880a2cb2bb3013b801a |
| SHA1 | b7ceec13e3d943f26def4c8a93935315c8bb1ac3 |
| SHA256 | 5bcc3a2d7d651bb1ecc41aa8cd171b5f2b634745e58a8503b702e43aee7cd8c6 |
| SHA512 | 7370e4acb298b2e690ccd234bd6c95e81a5b870ae225bc0ad8fa80f4473a85e44acc6159502085fe664075afa940cff3de8363304b66a193ac970ced1ba60aae |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-namedpipe-l1-1-0.dll
| MD5 | eaf36a1ead954de087c5aa7ac4b4adad |
| SHA1 | 9dd6bc47e60ef90794a57c3a84967b3062f73c3c |
| SHA256 | cdba9dc9af63ebd38301a2e7e52391343efeb54349fc2d9b4ee7b6bf4f9cf6eb |
| SHA512 | 1af9e60bf5c186ced5877a7fa690d9690b854faa7e6b87b0365521eafb7497fb7370ac023db344a6a92db2544b5bdc6e2744c03b10c286ebbf4f57c6ca3722cf |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-memory-l1-1-0.dll
| MD5 | c4098d0e952519161f4fd4846ec2b7fc |
| SHA1 | 8138ca7eb3015fc617620f05530e4d939cafbd77 |
| SHA256 | 51b2103e0576b790d5f5fdacb42af5dac357f1fd37afbaaf4c462241c90694b4 |
| SHA512 | 95aa4c7071bc3e3fa4db80742f587a0b80a452415c816003e894d2582832cf6eac645a26408145245d4deabe71f00eccf6adb38867206bedd5aa0a6413d241f5 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-localization-l1-2-0.dll
| MD5 | 20ddf543a1abe7aee845de1ec1d3aa8e |
| SHA1 | 0eaf5de57369e1db7f275a2fffd2d2c9e5af65bf |
| SHA256 | d045a72c3e4d21165e9372f76b44ff116446c1e0c221d9cea3ab0a1134a310e8 |
| SHA512 | 96dd48df315a7eea280ca3da0965a937a649ee77a82a1049e3d09b234439f7d927d7fb749073d7af1b23dadb643978b70dcdadc6c503fe850b512b0c9c1c78dd |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-libraryloader-l1-1-0.dll
| MD5 | 8dfc224c610dd47c6ec95e80068b40c5 |
| SHA1 | 178356b790759dc9908835e567edfb67420fbaac |
| SHA256 | 7b8c7e09030df8cdc899b9162452105f8baeb03ca847e552a57f7c81197762f2 |
| SHA512 | fe5be81bfce4a0442dd1901721f36b1e2efcdcee1fdd31d7612ad5676e6c5ae5e23e9a96b2789cb42b7b26e813347f0c02614937c561016f1563f0887e69bbee |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-interlocked-l1-1-0.dll
| MD5 | 4f631924e3f102301dac36b514be7666 |
| SHA1 | b3740a0acdaf3fba60505a135b903e88acb48279 |
| SHA256 | e2406077621dce39984da779f4d436c534a31c5e863db1f65de5939d962157af |
| SHA512 | 56f9fb629675525cbe84a29d44105b9587a9359663085b62f3fbe3eea66451da829b1b6f888606bc79754b6b814ca4a1b215f04f301efe4db0d969187d6f76f1 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-heap-l1-1-0.dll
| MD5 | 6168023bdb7a9ddc69042beecadbe811 |
| SHA1 | 54ee35abae5173f7dc6dafc143ae329e79ec4b70 |
| SHA256 | 4ea8399debe9d3ae00559d82bc99e4e26f310934d3fd1d1f61177342cf526062 |
| SHA512 | f1016797f42403bb204d4b15d75d25091c5a0ab8389061420e1e126d2214190a08f02e2862a2ae564770397e677b5bcdd2779ab948e6a3e639aa77b94d0b3f6c |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-handle-l1-1-0.dll
| MD5 | d584c1e0f0a0b568fce0efd728255515 |
| SHA1 | 2e5ce6d4655c391f2b2f24fc207fdf0e6cd0cc2a |
| SHA256 | 3de40a35254e3e0e0c6db162155d5e79768a6664b33466bf603516f3743efb18 |
| SHA512 | c7d1489bf81e552c022493bb5a3cd95ccc81dbedaaa8fdc0048cacbd087913f90b366eeb4bf72bf4a56923541d978b80d7691d96dbbc845625f102c271072c42 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-file-l2-1-0.dll
| MD5 | bfffa7117fd9b1622c66d949bac3f1d7 |
| SHA1 | 402b7b8f8dcfd321b1d12fc85a1ee5137a5569b2 |
| SHA256 | 1ea267a2e6284f17dd548c6f2285e19f7edb15d6e737a55391140ce5cb95225e |
| SHA512 | b319cc7b436b1be165cdf6ffcab8a87fe29de78f7e0b14c8f562be160481fb5483289bd5956fdc1d8660da7a3f86d8eede35c6cc2b7c3d4c852decf4b2dcdb7f |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-file-l1-2-0.dll
| MD5 | bcb8b9f6606d4094270b6d9b2ed92139 |
| SHA1 | bd55e985db649eadcb444857beed397362a2ba7b |
| SHA256 | fa18d63a117153e2ace5400ed89b0806e96f0627d9db935906be9294a3038118 |
| SHA512 | 869b2b38fd528b033b3ec17a4144d818e42242b83d7be48e2e6da6992111758b302f48f52e0dd76becb526a90a2b040ce143c6d4f0e009a513017f06b9a8f2b9 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-file-l1-1-0.dll
| MD5 | ea00855213f278d9804105e5045e2882 |
| SHA1 | 07c6141e993b21c4aa27a6c2048ba0cff4a75793 |
| SHA256 | f2f74a801f05ab014d514f0f1d0b3da50396e6506196d8beccc484cd969621a6 |
| SHA512 | b23b78b7bd4138bb213b9a33120854249308bb2cf0d136676174c3d61852a0ac362271a24955939f04813cc228cd75b3e62210382a33444165c6e20b5e0a7f24 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-errorhandling-l1-1-0.dll
| MD5 | f1534c43c775d2cceb86f03df4a5657d |
| SHA1 | 9ed81e2ad243965e1090523b0c915e1d1d34b9e1 |
| SHA256 | 6e6bfdc656f0cf22fabba1a25a42b46120b1833d846f2008952fe39fe4e57ab2 |
| SHA512 | 62919d33c7225b7b7f97faf4a59791f417037704eb970cb1cb8c50610e6b2e86052480cdba771e4fad9d06454c955f83ddb4aea2a057725385460617b48f86a7 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-debug-l1-1-0.dll
| MD5 | 71f1d24c7659171eafef4774e5623113 |
| SHA1 | 8712556b19ed9f80b9d4b6687decfeb671ad3bfe |
| SHA256 | c45034620a5bb4a16e7dd0aff235cc695a5516a4194f4fec608b89eabd63eeef |
| SHA512 | 0a14c03365adb96a0ad539f8e8d8333c042668046cea63c0d11c75be0a228646ea5b3fbd6719c29580b8baaeb7a28dc027af3de10082c07e089cdda43d5c467a |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-datetime-l1-1-0.dll
| MD5 | c5e3e5df803c9a6d906f3859355298e1 |
| SHA1 | 0ecd85619ee5ce0a47ff840652a7c7ef33e73cf4 |
| SHA256 | 956773a969a6213f4685c21702b9ed5bd984e063cf8188acbb6d55b1d6ccbd4e |
| SHA512 | deedef8eaac9089f0004b6814862371b276fbcc8df45ba7f87324b2354710050d22382c601ef8b4e2c5a26c8318203e589aa4caf05eb2e80e9e8c87fd863dfc9 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\api-ms-win-core-console-l1-1-0.dll
| MD5 | 40ba4a99bf4911a3bca41f5e3412291f |
| SHA1 | c9a0e81eb698a419169d462bcd04d96eaa21d278 |
| SHA256 | af0e561bb3b2a13aa5ca9dfc9bc53c852bad85075261af6ef6825e19e71483a6 |
| SHA512 | f11b98ff588c2e8a88fdd61d267aa46dc5240d8e6e2bfeea174231eda3affc90b991ff9aae80f7cea412afc54092de5857159569496d47026f8833757c455c23 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\_ctypes.pyd
| MD5 | df6be515e183a0e4dbe9cdda17836664 |
| SHA1 | a5e8796189631c1aaca6b1c40bc5a23eb20b85db |
| SHA256 | af598ae52ddc6869f24d36a483b77988385a5bbbf4618b2e2630d89d10a107ee |
| SHA512 | b3f23530de7386cc4dcf6ad39141240e56d36322e3d4041e40d69d80dd529d1f8ef5f65b55cdca9641e378603b5252acfe5d50f39f0c6032fd4c307f73ef9253 |
C:\Users\Admin\AppData\Local\Temp\_MEI44602\base_library.zip
| MD5 | 9dc12ea9f7821873da74c772abb280f0 |
| SHA1 | 3f271c9f54bc7740b95eaa20debbd156ebd50760 |
| SHA256 | c5ec59385bfac2a0ac38abf1377360cd1fddd05c31f8a8b4e44252e0e63acb10 |
| SHA512 | a3175c170bbb28c199ab74ad3116e71f03f124d448bf0e9dd4afcacdc08a7a52284cf858cfd7e72d35bd1e68c6ba0c2a1a0025199aeb671777977ea53e1f2535 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | b2a1398f937474c51a48b347387ee36a |
| SHA1 | 922a8567f09e68a04233e84e5919043034635949 |
| SHA256 | 2dc0bf08246ddd5a32288c895d676017578d792349ca437b1b36e7b2f0ade6d6 |
| SHA512 | 4a660c0549f7a850e07d8d36dab33121af02a7bd7e9b2f0137930b4c8cd89b6c5630e408f882684e6935dcb0d5cb5e01a854950eeda252a4881458cafcc7ef7c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 1ac52e2503cc26baee4322f02f5b8d9c |
| SHA1 | 38e0cee911f5f2a24888a64780ffdf6fa72207c8 |
| SHA256 | f65058c6f1a745b37a64d4c97a8e8ee940210273130cec97a67f568088b5d4d4 |
| SHA512 | 7670d606bc5197ecb7db3ddaecd6f74a80e6decae92b94e0e8145a7f463fa099058e89f9dfa1c45b9197c36e5e21994698186a2ec970bbdb0937fe28ca46a834 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 412338546a06129505c89339a383de3c |
| SHA1 | e9d57588831acc9d2204468540396ed560f6ddc9 |
| SHA256 | dc440a5619c81013dbca3c763bebcbe51637c5542744b41772590a1a17234de1 |
| SHA512 | 3842d72a7b250944a66afeb8d380fb63272576639b5966e69b0b8ee99141f0a8f22f53443b371dd991368c7d67858fb02be651af3701291763a2675b5f3a9dd5 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 36dd4b7e7347521e2581690210bf019a |
| SHA1 | d0109030a859f6c584fc82cb8d83190fd302126f |
| SHA256 | 11615d1fd6d4bc8385a7757b58dfce522711dabd140e539d55508ea5ff68d5d6 |
| SHA512 | 970b16059b9325a7f3579a91463237bf9c4fc680ba5c88718506e00708a67f54e5a71d0d4d32934261b7ffc9b809778640493219771431460bc233fb5976a4f2 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 67d57505a73ac371dd0a2c7a71307047 |
| SHA1 | 659c70ada415b0735767ac8d7d5139628a3a8a74 |
| SHA256 | 886bd6fc6cea77e83931a44947bc355e7d5751f2f05722f5830480fcfc409779 |
| SHA512 | 33d3f139d633a290e442f990e24e811c74a5a73d50eb6eddcffc4ed4ce256889cac60c79c204ab8bfee3fbf982d6e3e2e6e9b83166462e61c9ab35877572a335 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 4a45d42bbe9880733555a4a5849a2a0e |
| SHA1 | 40e3816ab7855692dee2912a9645fb2f3c9f3130 |
| SHA256 | 28db88481e07d87d510fcea5e306c7e5cf480c425c658da117ffbaca79fdb417 |
| SHA512 | d198f2fc2984c000dfd710c77623bd58865f1f32e10c06eec531d738163711b014c91a4bde8cfe0edbc8f4298d82002cb83dd94df528ddf3c754d359c90e77ef |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index
| MD5 | 54cb446f628b2ea4a5bce5769910512e |
| SHA1 | c27ca848427fe87f5cf4d0e0e3cd57151b0d820d |
| SHA256 | fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d |
| SHA512 | 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 050590e7b73c521f0311d31de3ecea9e |
| SHA1 | dcd2dac1cb1301927283ded7bea6d6faa9e41708 |
| SHA256 | 9f0a027811832d12dce7b02dcaf4ab0bfd4f9613afaf8d3f5984b684cac1070e |
| SHA512 | 851d3b1f8f4a4e129c00bb9605b5c0d260616bfde6e6a600120137d1fa71ee610d3579e730badeeeb15882a5de09909fb703bcf754b3f3b0f1039bdefa2dcbb8 |
memory/2232-1067-0x00000221CCCC0000-0x00000221CCDB4000-memory.dmp
memory/2232-1068-0x00000221E7260000-0x00000221E7346000-memory.dmp
memory/2232-1069-0x00000221CEB50000-0x00000221CEB76000-memory.dmp
memory/2232-1071-0x00000221CD240000-0x00000221CD24A000-memory.dmp
memory/2232-1070-0x00000221CD210000-0x00000221CD218000-memory.dmp
memory/2232-1072-0x00000221E76E0000-0x00000221E7792000-memory.dmp
memory/2232-1088-0x00000221E7850000-0x00000221E790A000-memory.dmp
memory/2232-1225-0x00000221E77D0000-0x00000221E7808000-memory.dmp
memory/2232-1226-0x00000221EAA80000-0x00000221EAA88000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 639ee2665d94785396e59a212ca4567b |
| SHA1 | 1a9c04c93f799d121a7f8447a16635b94ae48905 |
| SHA256 | 8ee15e4ad1571f730128cf492442c4f5ec2e5b644e99e7052619e1f54ccf999e |
| SHA512 | b167bb390e9b51370de08654579240b9e46c075ba97d2255b0f2ea5e2faaf1d97e62b46c893255c0a40b8e7d3780648f77ba0028c26ae9ebf415c50669d231a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 094dba976ead3e0d4b1bba2a16c22a47 |
| SHA1 | 2e56a3347096f645ff6bfef987db725d34763a0c |
| SHA256 | 24818848a5ad7e6e97eb5abb6d7cca1d3c00759db3630e74f57987429b621463 |
| SHA512 | 03af6d66459a59c54c0bcac5bc9c93262ca0597f61d9592e0553ea154d6f2b49e92744139bab3a9c8468f31733ef37499dd8d5f00bb7a39fe5463f78a400170a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\49d6c7e0-eee9-4a62-85c6-146ffc067300\index-dir\the-real-index~RFe5eea4e.TMP
| MD5 | 1821f2488df0fd88342fa6389c724ba0 |
| SHA1 | 9fcd1859b00d6b7cb8e2079c409e94c1009ec041 |
| SHA256 | e234a56bc76d4ea98e618846dc8121e5ec3f72e03af32c6bb4a0f6e2dce75a52 |
| SHA512 | fd728200cdc40cf471463e65820f5d7d7a001eea462ef88ea0908b67177e859f8b910b6dab3966358b8dabfcaac58d9ddd78f5193a8bfef738c38298f20eae0e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 339e121ed48a0a92ee964f04e10586f6 |
| SHA1 | 918bfa7b9936c53f7e7250859f3804e9df9bed9a |
| SHA256 | b0f438f66351716ca331e20c807bd4d2156cb7ede3e2b945c1094e80394d63a4 |
| SHA512 | a15a92f76146b74735026ba1d63d245244642d0ca334a21f3bf8fe6d9b13110e20c46c845aa91da957ab0af34bdd8b406963df2941963aa89f566abfb0b9b84c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5eea2f.TMP
| MD5 | e423961f9b17a381b208102cb72effad |
| SHA1 | adfa8001acd794493b39300a47fe2c729dc50b37 |
| SHA256 | ddc47e13741d72a2363182930ac3aaded8f1c4a97370520ee5db5d0efe25bec1 |
| SHA512 | efd819605ae70994fb68e1ce21c7fe2e5b3a55afbd5cc8197da9254eba01fc0487e0815a3e72821c662d90caf6a550f7db6932fdbce7f4f265e4dd763baf54a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\49d6c7e0-eee9-4a62-85c6-146ffc067300\index-dir\the-real-index
| MD5 | 27277088b8d7dd1b3b20a3703e3f20bf |
| SHA1 | 7dea23f7dd1e0e687b9026c4ea0a49dd914b41ac |
| SHA256 | 534bd29c8117a57cf66324bb05c66da97540f5a0f0fd26bd1429c98659821ac4 |
| SHA512 | 17cf25ed8624cbcf6e2a021bf0172bdda4a7af521f03456057303aea1f383d6562faa1e0fcc4e581535ca6e6b1f2f12e9b0321a22d5178f705fe01427d56805c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\69a4e7ad-d92a-42d4-9563-6a48468d63f3\index-dir\the-real-index
| MD5 | 8cd6872f06ec6493b4a05d8d3a3a8c7e |
| SHA1 | e9140593af0f208668230080f1c5a38ca8552a48 |
| SHA256 | fc15dc1d4a9b21a11e46d68ee6f0014d7fa8a31deaf012f22d008c2cfaf83c39 |
| SHA512 | fb4538085a878c6dd0ffdb33e6c62677a41d53588ad4f8642df5174858df2b1a9a00540551fbf4e0ac65edc52b386d685aac239357b627d0820c07ce3b6f092b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\69a4e7ad-d92a-42d4-9563-6a48468d63f3\index-dir\the-real-index~RFe5eea4e.TMP
| MD5 | f5ffd6ee8680ba0788ba437f5637c8ce |
| SHA1 | 48db19ad4e39295d70a7ea8ed59047b4ea7c55fb |
| SHA256 | 04e285fac127358865284c06d6fee83315159d62e013d11799741f125c539ed0 |
| SHA512 | e07d1d721e74de709fd05dddac6154ded571bd4c2a289cce2d12ccd1312148d1f2d7268d85d80833739e6a2dd261cb25103da777b6f9a7f6a7b895d2c483bc4a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | b617f9418d7b9c535a5f2fba97acd5f6 |
| SHA1 | 69ae72f96c66a6a18877f91b699ca90ea7522525 |
| SHA256 | d4c18c031015a115fc35cd3e6654ddfc49c3353780e66f7ce0a0184965ecfa7f |
| SHA512 | e9f1ca41ef9ad02a150d327f55c6bfadf4ca474a393da1bd1403a41bf51c87c259193e1866bab61496c5fa9eed754e415e60dcd493f2d78b1e6cbf60b4434a6f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 77e6beb865f6e771cd6c0b6a408bcd9f |
| SHA1 | 7489769fdc19542cde221b59024f80c6df1b7cf7 |
| SHA256 | 0ba76b6f0bc0ff859d936e78b8c3cc49d6d2f148e3cbbecd77b10eba14f5e24b |
| SHA512 | 4c088b86863561bebc1205557238f8d095bfec9cebc64b5eabfa5fb926deee19462892223d60995a838e74fb2cb874070ab993717ef4c0abce94e1fb0d25725d |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 79cc0f6e7871704fb4d9cb20ce8bf382 |
| SHA1 | 6c8a1bd6cc6142cb97ca55a54ee1031de668f563 |
| SHA256 | 4c03c89aed589a4de6bd4de3d0bef6f594fb735cca39b51dd7ce3e65188b035b |
| SHA512 | 792a0f7fc134c35efb1382d1316c25e8622e9c7ba5ff461934e61199baca2d7ed5644f1aef00d5ed5c5af3121f71b0ecdae097167eee30bc90da2b8b1a1b241a |
memory/2232-1372-0x00000221EA9A0000-0x00000221EA9AE000-memory.dmp
C:\Users\Admin\AppData\Local\Lossless Scaling\Settings.xml
| MD5 | d166d7472c7d0bfd76fc0bcd61dd43f1 |
| SHA1 | 493173eaba2d1a45a7e1364df9c310f227c3bb51 |
| SHA256 | bde0959d6507748cf0fd6ecae2a9d7d0e2cdb123f223958cda7f1778939fceef |
| SHA512 | 41887a6ad94f491d8dc7d749a89b8443a8aa79452819898aaeff628c92f7369d43bf4224daccf5fa8a020161179f747c1fccec6d82b2eec6dab6f68c0a442669 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | 158310041466dd2cfaa3877741689eef |
| SHA1 | 09c722fe9ac70131f1198532fd0ff89ff99900b7 |
| SHA256 | b8352d989d2d0da983c4792ca84b93227d3c6e012e65314f29ade7a7b7f7be60 |
| SHA512 | ad72b117704a932cf69cfd408643b0e0f40b10c1d546f6fd2f9b7be649b0108d13ffc51a92cb9eef998417cdaff543bd922b5fb73ed642f35e9dbed417e05cc8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3c6cc3962b03490bf07840dd30b3ef69 |
| SHA1 | 9bde053857ecb08b59389abb6cf9fb7bdc2acb91 |
| SHA256 | 6e128be5c2d41b68289d51fc2ec6a35bbc9bffdcd20ad03b16499fc95b2714a6 |
| SHA512 | ccf4cadf267eb734a4c323b4a6f565c533a20a9009412157b5f49b292489f6870d4c71e4914148c558874f98d4763763cb866b7ecb80113b29c5a2b6a5a85ac1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f99fdc7781ef9c60cd120e6288da880b |
| SHA1 | d296bf359885b8392643db08584eae4d8a39a8af |
| SHA256 | f9452d7d1dd5d528ef3314653356c100dbdd86b274fd8ddcec0278b042db1ec2 |
| SHA512 | 28b5809ca74a4e6ce346dc8b25c25289e098d231ad5f36bc3264fe80ee7c426961fd0518aff2e22a9ae5d875c7f3fe0fe0be75e2a37511dc2e5e9ad951f6426d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | d19f86d166e0d309dd12b680f9312d95 |
| SHA1 | fbf81140860779d47920bc869425899d916969bd |
| SHA256 | a16ebcd82a4bc3a4ee08681e7976e0260eadbb00a3d245958aa28f8f06940d73 |
| SHA512 | 058bf004c834f8ef13957c4feb311d80110adfd327562818cefd6386301775b68a0743a4c26445d6d73dad273c5e9bca8e4bc0d2cd55280164bc828d33a0b8cd |