Malware Analysis Report

2025-01-17 21:38

Sample ID 240603-qceksagg87
Target https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fhoteliers.topgroupexpress.com%2flogin%3fsignature%3deyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6Imd1ZXN0LnBhcmsub3Nsb0ByYWRpc3NvbmJsdS5jb20iLCJ1c2VyIjo1ODM3MywidmFsaWRhdGVkIjpmYWxzZSwidmVyaWZpZWQiOmZhbHNlLCJob3RlbCI6bnVsbCwiaG90ZWxfZ3JvdXAiOm51bGwsImxhbmciOiJlbiIsImV4cGlyZXMiOjE3MTgwMTI5MjIuMTU2Njg5fQ.sU9xtV9MrGMXi5xOAojngL5CCGk7y2%5flssm%2dxxZtZxo&umid=4449e05f-c09a-46b0-8c62-08040841188c&auth=84247b409afe2128671efe0c5790aaffcd4c1d5f-3a40a74568b0819042f64b6360b63296ed48a747
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

Threat Level: No (potentially) malicious behavior was detected

The file https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fhoteliers.topgroupexpress.com%2flogin%3fsignature%3deyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6Imd1ZXN0LnBhcmsub3Nsb0ByYWRpc3NvbmJsdS5jb20iLCJ1c2VyIjo1ODM3MywidmFsaWRhdGVkIjpmYWxzZSwidmVyaWZpZWQiOmZhbHNlLCJob3RlbCI6bnVsbCwiaG90ZWxfZ3JvdXAiOm51bGwsImxhbmciOiJlbiIsImV4cGlyZXMiOjE3MTgwMTI5MjIuMTU2Njg5fQ.sU9xtV9MrGMXi5xOAojngL5CCGk7y2%5flssm%2dxxZtZxo&umid=4449e05f-c09a-46b0-8c62-08040841188c&auth=84247b409afe2128671efe0c5790aaffcd4c1d5f-3a40a74568b0819042f64b6360b63296ed48a747 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Modifies data under HKEY_USERS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-03 13:06

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-03 13:06

Reported

2024-06-03 13:09

Platform

win10v2004-20240508-en

Max time kernel

149s

Max time network

149s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fhoteliers.topgroupexpress.com%2flogin%3fsignature%3deyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6Imd1ZXN0LnBhcmsub3Nsb0ByYWRpc3NvbmJsdS5jb20iLCJ1c2VyIjo1ODM3MywidmFsaWRhdGVkIjpmYWxzZSwidmVyaWZpZWQiOmZhbHNlLCJob3RlbCI6bnVsbCwiaG90ZWxfZ3JvdXAiOm51bGwsImxhbmciOiJlbiIsImV4cGlyZXMiOjE3MTgwMTI5MjIuMTU2Njg5fQ.sU9xtV9MrGMXi5xOAojngL5CCGk7y2%5flssm%2dxxZtZxo&umid=4449e05f-c09a-46b0-8c62-08040841188c&auth=84247b409afe2128671efe0c5790aaffcd4c1d5f-3a40a74568b0819042f64b6360b63296ed48a747

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133618936195889689" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3032 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4372 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 588 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 1480 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3032 wrote to memory of 4540 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://ddec1-0-en-ctp.trendmicro.com/wis/clicktime/v1/query?url=https%3a%2f%2fhoteliers.topgroupexpress.com%2flogin%3fsignature%3deyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJlbWFpbCI6Imd1ZXN0LnBhcmsub3Nsb0ByYWRpc3NvbmJsdS5jb20iLCJ1c2VyIjo1ODM3MywidmFsaWRhdGVkIjpmYWxzZSwidmVyaWZpZWQiOmZhbHNlLCJob3RlbCI6bnVsbCwiaG90ZWxfZ3JvdXAiOm51bGwsImxhbmciOiJlbiIsImV4cGlyZXMiOjE3MTgwMTI5MjIuMTU2Njg5fQ.sU9xtV9MrGMXi5xOAojngL5CCGk7y2%5flssm%2dxxZtZxo&umid=4449e05f-c09a-46b0-8c62-08040841188c&auth=84247b409afe2128671efe0c5790aaffcd4c1d5f-3a40a74568b0819042f64b6360b63296ed48a747

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc074eab58,0x7ffc074eab68,0x7ffc074eab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1684 --field-trial-handle=1912,i,7900679080592652195,13475339440573662545,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1988 --field-trial-handle=1912,i,7900679080592652195,13475339440573662545,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2260 --field-trial-handle=1912,i,7900679080592652195,13475339440573662545,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2968 --field-trial-handle=1912,i,7900679080592652195,13475339440573662545,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2988 --field-trial-handle=1912,i,7900679080592652195,13475339440573662545,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4564 --field-trial-handle=1912,i,7900679080592652195,13475339440573662545,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4332 --field-trial-handle=1912,i,7900679080592652195,13475339440573662545,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4204 --field-trial-handle=1912,i,7900679080592652195,13475339440573662545,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4692 --field-trial-handle=1912,i,7900679080592652195,13475339440573662545,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 232.168.11.51.in-addr.arpa udp
US 8.8.8.8:53 152.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 ddec1-0-en-ctp.trendmicro.com udp
US 44.227.172.200:443 ddec1-0-en-ctp.trendmicro.com tcp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 200.172.227.44.in-addr.arpa udp
US 8.8.8.8:53 14.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
NL 23.62.61.75:443 www.bing.com tcp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 75.61.62.23.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 217.106.137.52.in-addr.arpa udp
US 8.8.8.8:53 ctp.trendmicro.com udp
US 8.8.8.8:53 hoteliers.topgroupexpress.com udp
DE 51.195.5.38:443 hoteliers.topgroupexpress.com tcp
DE 51.195.5.38:443 hoteliers.topgroupexpress.com udp
US 8.8.8.8:53 38.5.195.51.in-addr.arpa udp
DE 51.195.5.38:443 hoteliers.topgroupexpress.com udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 backend.topgroups.travel udp
DE 51.195.5.38:443 backend.topgroups.travel tcp
DE 51.195.5.38:443 backend.topgroups.travel udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 52.111.227.11:443 tcp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp

Files

\??\pipe\crashpad_3032_USGGAYKCWAAJLVPB

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9128698f09dab3f2c032b1360d1ec279
SHA1 d8d3c02defeebfde312eb9d2d8f01cb4d95e2b21
SHA256 a2913ce4b49228cf2e78f0c92400a5e4efbda90bbee89af538dc1db69f38a968
SHA512 7f5ab53a19570284744af73eaac9590de40a7176ed7fb59405892a1b537cd7406e5b73c7ea602c1c8dba41f414f9637b397e7e6ea34cbd5113b0e3f5a6af44ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ac9cf1990283082be984c44e648f967b
SHA1 bc0565cfd6624e72a31a289986a468aad288df3c
SHA256 f793a3f1a8643c09070eb64e5b6ac54ffc8033b3f4a2bdf6cb4d64e47145cc52
SHA512 7fd3bc656dd279d0e916a56c72b682b0bf6212e67e7cb91e004f8f1bfe41418082324c0440e6ad9c5582aff546b90b1d570bc5a6b0a7fda4125c4d5e6040c148

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3538a887392581dc05067e709bdf99d9
SHA1 af3661afd9d6b4b3a9742b8980c5a17c677f5a7b
SHA256 6ae8edfc1ca1963c1064f9b057cc4441d0eab4f9730b310ebbec38961feacb22
SHA512 b04baf1541c55576eccb947230db074a46949b2edcbfe97b6cd358929b34b92b280365921cffb7657dfc33a188d115d30f7670d61fa6168afde499724e935d16

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 fdd0a33efb69746a96bc92b0c237130d
SHA1 5f314a982ab3580307e1ad27fb7589b5001d675e
SHA256 7dc91534ca8c3ba7a43420f7fb8e8769a186954d8b8ce22fa3537a2e74005200
SHA512 dee7f2f791f7732be4997cfc41eb105f0d4435ebd2b72b8e8d6276d2a23a9e1cabe3fc75b00d42d74b67a9e17a7f64121baa40d1c6cfe51b25227ab65f7a93a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\index.txt~RFe5772ee.TMP

MD5 39566f96639688f4b5ed9b0ac0b2230e
SHA1 afb923760372d44cca3fd7a0a8831210b748bd86
SHA256 0e8393a572513ee7b4ae1ec5e553e1b5b742b395ffe3b8d85fadfc8f0da38d70
SHA512 d5e1d09f1ec8a1a4dcaba50fe8d5a12f1cfe17377b92e4d77680e825708903f76abbcc2c43a82c750dc5b629e8e2c94ce7e8f54227172023493284b898914fad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\index.txt

MD5 52e63aaa3b31911b1220933e7e8d4dae
SHA1 f7f96d7f4e36d0270f18268d9b81a1f16794caed
SHA256 43edffe11824d0148d767dc79e8fca20689a88a9b92787432b01545770c780cf
SHA512 c43316c8c6f71382ec62ae083aeda8be22ca36067b8d55696253b9979d3fbf870138022725769486ff7fff4c136524273ce7f50e494675366c4ee2896d6d9093

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\index.txt

MD5 138297b7fb84da026166ff36e8846991
SHA1 f455499e7a1b290ed02027d6cc8fc61fed5fdb89
SHA256 1e3d1075653b1c2b3ec74e3512960e212081f2675c0f0edd30e88f5c39b2c587
SHA512 bb92e14044dfec740d231bd64acefc022e3c837e4beb60ce22141cfe2c9f87022bd070841cc54fdf8ef63b84e481db3217537b7fcd3e0ba96b55f179103e53d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\index.txt

MD5 27682f1a6291717da469087c382ea1c9
SHA1 c4af4c64a297eec1cb49f34539ace77833ab75c8
SHA256 13a363099534f671a2e1158354aedd93896901989446b03269b01174ee0d6ef1
SHA512 12f1c28804cae6b43e2c412b19db76092a459cd9b6a3ba9ae019d5d77726b28d220d45a71f95ec7fa01d63e64b78ce608b16b63c291e328f47795cc293b69726

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\404aaeb0-4f7d-4aaa-b3c8-36116cab1748\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\index.txt

MD5 93d500d8c949d4e11a63f82d695dfe53
SHA1 843ab581e03ae72574c5ea9b3b7ce64bc5328b94
SHA256 e1380c692e983a6590f75bf7567cc594442d4bb6e1342cd489fd1926ea8332c7
SHA512 719a78f41f1d0933f7624f7fdfbad7611030043344e516fad773ad704912e2852e594a0f7bc8367562d8fa20fd5479a8a4971d50e71db4d73e4779bae4e3e033

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\index.txt

MD5 b01c09ee9e7797e02fcf869967722a0d
SHA1 32aad74207705059208609a41f939fde5dcbdf29
SHA256 8a0419811333cc14f58c5e9ebb27fa8547a16071ff9cc3f5ccd9523859617d5c
SHA512 d2ae4e94da10396df330e031b7d0e7262f3bbe590a33fff14a53c0bc070c8e11f79d0ba4af552483aeea2b2c28c0c52bc1efca0a36f264ad80d5c77514e7b79d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\404aaeb0-4f7d-4aaa-b3c8-36116cab1748\4e5acf41a05cf10f_0

MD5 a0870b67a7fda23da38ca8256794ace4
SHA1 84ade12ce594b1a92f9bd92bf2366fe8a99679c6
SHA256 e49b51b15c4179a602bc5410206da47d6f56fbe7d769267a00020b31b73917c5
SHA512 4699e36ac5109cf1923033bdde6e0f5a4683b1d73c8aa4ed32cf57ba16387c09bed46c152742d61603bcaa95b1ded330bdc9adf4fcbe5edc21f29c0004edd2e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\404aaeb0-4f7d-4aaa-b3c8-36116cab1748\7b4534860d9f3f21_0

MD5 bc5213f008e062b66c74c5033e0adede
SHA1 52d108798c07210ad4c6c305e73fc6425a898d80
SHA256 fb3e3eeee517824eef631f39c5ba2404a92f6fd5fe4e30990dc668d76214e1f0
SHA512 7066f16c216222263f06b68ea2d72b7a97fccc95e0cdc80e26aee67bcdf33cc93cabe8b5e98b1f32d03dc23ac2de3dc469f8b4c6f10d195b86d6eacc665aa29b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3fe781d191eb5d571ac418de41537a4d
SHA1 84b688a63a8e866717439c3d709b99bb0b7f6369
SHA256 447ae2dde820f7d89161a79cd82323699aa504e3d28f5674f881e5e568ba2903
SHA512 e3970c615615f9f6857e7cb4e26a3fd5e1895ebd4cc0a31cb18d93a9b8ab14b6fecdffc9f4b8c61ad1a1737386ef4c2d4596c2907413b1e294c98ad5eaaf4cdd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 7bcf84d6dce17d59d1f53ceb8110fa82
SHA1 cef4a3f1f8c0e83037943244c596a88512f7cbfe
SHA256 64a1e56c73bdb498ae6d1a433ff73aab6ca80a97c8452cbcb4e62a17c5aca140
SHA512 4bab6797ac5f815070ddee345c851601c61cde33833bd745798b0f7e6a083bc88149e5a477aa21fa33a756b8035d2eb40a01c4bb08c400f867dca7564ee6aaf5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe57b97c.TMP

MD5 4f594cb4a00fd87ef96ed23f0aba7934
SHA1 5b7f0716a6e9a0a17a99681a9cba79b1b9102f0d
SHA256 05feb032e5e797a46888eeb73c83bfd74de683a5a9628eeee35d8b29a74186c1
SHA512 eefad37b8b8bdffb9db228228eacbb90ba7121e46462151bc0fce4171a06aeb1f98fc5eb48ef68c59cd00550b12621bd3d5592e670e47f45283dca27fc17cb24

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\7ff771d3-e6ac-4b5c-94cf-7114b55b07a3\index-dir\the-real-index

MD5 9f2488f6d48d3c1b5fd6e693b68079b3
SHA1 33aed1fa01fc9541f3723ee16c80c039517b1056
SHA256 cfec1edb80f8b171918a9254d32c200748f81e374c1fb2071fdccdfe20418ac7
SHA512 0f400b386d532a2ce55f4182ff88ab8bbab4f5ebb8c187d96ed37a827b897d0358342c78728a1ff1755e13be1c3bec33e26ac196434b34c4da59e485c35fa6e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\7ff771d3-e6ac-4b5c-94cf-7114b55b07a3\index-dir\the-real-index~RFe57c10e.TMP

MD5 bbb3cb375d29ba849dffc87cf1485fc9
SHA1 5a4ab7e303a840bedfc25e2090b4187e4cd16b75
SHA256 fd6b4c877d8372a57590bd13810fcb8c267b9cc37d5b3fc2d121b2504b427abf
SHA512 eb61a20eed025df250061111faa82ad7ccd8a2b198e7daad7c9ad5ec9fdc887c6d75d879fec6ca7e28132c343e0c0f269f40f759d635f74c43d747b9edd83781

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\eafdc15f-96ac-413e-a7c5-818585b23b81\index-dir\the-real-index

MD5 255d2595823104217202887813855ddd
SHA1 430e98b49dba404fe0df7b713c6e4576fe2606b4
SHA256 6b92d9c17657ee37bd009d4a326c2a9cb46706e0437313d30d22039a93b0e0fc
SHA512 62e874f903812163d3f56f4ff89751a5be16377d6fb005fe78df0fde3ec8a31cf2385462daef45800345e08425e5f62f9f0d0bff5972f4aba803a36a274542bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\eafdc15f-96ac-413e-a7c5-818585b23b81\index-dir\the-real-index~RFe57c18b.TMP

MD5 af0fdee721221ba27d7426f8a23596a1
SHA1 f64508335642905ed51f63a0efcdda3f6499bab8
SHA256 ba1af8482c84781f4d96ecc1446cbab1c82d614046f843d1a7cfc69de2a4096f
SHA512 c6b517951b56b7ea2cfe7fd1f1e18003b9b0e5ebd75db7cff45fe3af7c4c4b176349e6427bda35a500fe97108347d6c5e26a9ab88a0cdfe5a628c6f342cbaa00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5fdecfa4abb2bb6ea3548146161e01df
SHA1 31580ab89e014a99baaf136defa8e07d2d45782a
SHA256 bf6e92437149d18560144fb4d8e13561610288a707692f03868e7f3a76e0428a
SHA512 e143b2b1fee001bf20f7cfe82962dbaeb1306f02bad6d85dccc89bffc21086ca3542855641e25411b62545faa77acd170b3ce3a61a0be84ab0d1ffd2719a2d9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\404aaeb0-4f7d-4aaa-b3c8-36116cab1748\index-dir\the-real-index

MD5 e69bc0c06951c29c4d30c69e331e88ca
SHA1 33d0b263c81eded9527493709178a16df4564382
SHA256 00f68b482e8c51cdd5e3e04e85bae7ea6ac20ebbc86e935543473ca80d58302f
SHA512 545110348d8222e3aa0c72d0fe70a9670ca69a784b76a13039198d85bbda8720e270bd9368ed23d3dc12d24eb216c75e804623e5e92e382e37b59f3540e61b92

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\404aaeb0-4f7d-4aaa-b3c8-36116cab1748\index-dir\the-real-index~RFe57ccc6.TMP

MD5 0d6cc8d2b4437abce244ed003501c03a
SHA1 5ca6843e6f282a76ce5047b86b98427c33c71397
SHA256 e1d8b2b79f1699af096122df01854faf65b9b63fef0df3d67d5c9ece4ba44cc0
SHA512 b067b56f1a777e3081edf89dfe802d3fab6d2ba6a5c209ad9f93df37caf016ca1f8b34cf14af6d429c789e1265481c114582d59eadaee3b1e074e9d8605b8523

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c714282c8045b936d9e42fbffa18d7104d3921e0\index.txt

MD5 2191f4ed87ca464faec2ea7b507c4914
SHA1 4e3d04f2102e32e20c82f83ee789ab918c8de8c1
SHA256 325d1fef8886938ff13f8b06d9ecba7da16d7ea37759f6851d30241d33b7f6a0
SHA512 be132e6db72377ef2cf0d61084922ba474439e68cce3b5c3015bbc28f9a1d79de3930d456f8cf842eafb301aa2fc3c65745fc1b0727492e8c26a8f6a39f8c77f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\wasm\index-dir\the-real-index

MD5 2bbbd0055850d517f9d4a78686eec350
SHA1 f54b67a81161872e29e2d691383a681ba0d8c150
SHA256 1b050e77c13c6f84967ee737a59d57c6936b83f9c5d83434f8d5a3f0dbca6c08
SHA512 2417be4315d4c2cfcd9fbb2966e238bc2c26cf59d9f937fd32e82735c76347244f791d47aae7fe3eb629a15bd78e5102e77eba96bd7b466e87154d1785bc6aa3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a7acbc6ac7c77dd9b26d989dce2a02a8
SHA1 a2c6b0a6a23d277fb5e51f2c5535430a416f0d86
SHA256 f9f25d10712971667186a6177a36d9f83adcc1e817c69843a9d77635728d9c71
SHA512 bf0ecfd04bac6cfd0e7449d9f86c3252fcdf1b9f11301d90102489fcb357553bcc349b604ff9c8ea28815c18e76a97bae433cd31f9b3f5b0be6d96c3c532f930