Malware Analysis Report

2024-11-13 13:29

Sample ID 240604-a12gfsfh32
Target http://google.com
Tags
discovery evasion persistence spyware stealer trojan
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file http://google.com was found to be: Likely malicious.

Malicious Activity Summary

discovery evasion persistence spyware stealer trojan

Modifies Installed Components in the registry

Checks computer location settings

Loads dropped DLL

Reads user/profile data of web browsers

Registers COM server for autorun

Executes dropped EXE

Checks installed software on the system

Checks whether UAC is enabled

Checks system information in the registry

Drops file in System32 directory

Drops file in Windows directory

Drops file in Program Files directory

Enumerates physical storage devices

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies Internet Explorer settings

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious behavior: LoadsDriver

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Modifies data under HKEY_USERS

Suspicious behavior: AddClipboardFormatListener

Enumerates system info in registry

Checks processor information in registry

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-04 00:41

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-04 00:41

Reported

2024-06-04 01:03

Platform

win10v2004-20240426-en

Max time kernel

770s

Max time network

752s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com

Signatures

Modifies Installed Components in the registry

persistence
Description Indicator Process Target
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\IsInstalled = "1" C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Version = "43,0,0,0" C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\ = "Google Chrome" C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\StubPath = "\"C:\\Program Files\\Google\\Chrome\\Application\\125.0.6422.142\\Installer\\chrmstp.exe\" --configure-user-settings --verbose-logging --system-level --channel=stable" C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Localized Name = "Google Chrome" C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\ChromeSetup.exe N/A
N/A N/A C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\125.0.6422.142_chrome_installer.exe N/A
N/A N/A C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\125.0.6422.142\elevation_service.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Reads user/profile data of web browsers

spyware stealer

Registers COM server for autorun

persistence
Description Indicator Process Target
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32 C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32 C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32\ = "\"C:\\Program Files\\Google\\Chrome\\Application\\125.0.6422.142\\notification_helper.exe\"" C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD}\LocalServer32\ServerExecutable = "C:\\Program Files\\Google\\Chrome\\Application\\125.0.6422.142\\notification_helper.exe" C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A

Checks installed software on the system

discovery

Checks whether UAC is enabled

evasion trojan
Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key value queried \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\EnableLUA C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A

Checks system information in the registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\SystemInformation\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\config\systemprofile\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\default_apps\external_extensions.json C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\hi.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\hr.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\chrome_proxy.exe C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\updater.log.old C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\sv.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping5324_1667279637\Filtering Rules C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\prefs.json C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\en-GB.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\VisualElements\SmallLogoCanary.png C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\el.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\id.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\it.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Application\new_chrome.exe C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\updater.log.old C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\updater.log.old C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\chrome_100_percent.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\d3dcompiler_47.dll C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\GoogleUpdater\72b1733a-4eb3-43f1-b430-119473909c8b.tmp C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping5324_1125106605\_metadata\verified_contents.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad\metadata C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\ca.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\fa.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\uninstall.cmd C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
File created C:\Program Files (x86)\Google5168_1133182337\updater.7z C:\Users\Admin\Downloads\ChromeSetup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\notification_helper.exe C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad\settings.dat C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\vk_swiftshader.dll C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping5324_2005249213\manifest.fingerprint C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\125.0.6422.142.manifest C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\bn.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad\settings.dat C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\44262556-0d80-4531-9b63-18619b0d48c2.tmp C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\prefs.json C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\VisualElements\LogoBeta.png C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\hu.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\updater.log C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad\metadata C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping5324_1125106605\commerce_global_heuristics.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\125.0.6422.142_chrome_installer.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\da.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\chrome_Unpacker_BeginUnzipping5324_2005249213\crl-set C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\updater.log C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Program Files (x86)\Google\GoogleUpdater\prefs.json~RFe5ccf8c.TMP C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\ml.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\mr.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\pt-BR.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\WidevineCdm\_platform_specific\win_x64\widevinecdm.dll C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\125.0.6422.142_chrome_installer.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad\metadata C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Program Files (x86)\Google5168_1133182337\bin\uninstall.cmd C:\Users\Admin\Downloads\ChromeSetup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\pl.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\sk.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File opened for modification C:\Program Files\Crashpad\metadata C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\et.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\72b1733a-4eb3-43f1-b430-119473909c8b.tmp C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Program Files (x86)\Google\GoogleUpdater\prefs.json~RFe5cf7e4.TMP C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\WidevineCdm\LICENSE C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad\metadata C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\981bb90d-c41c-44ab-aef1-cbf4d625c6d7.tmp C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\125.0.6422.142_chrome_installer.exe C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\ms.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source4140_829094191\Chrome-bin\125.0.6422.142\Locales\ru.pak C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Debug\WIA\wiatrace.log C:\Windows\system32\mspaint.exe N/A
File opened for modification C:\Windows\Debug\WIA\wiatrace.log C:\Windows\system32\mspaint.exe N/A
File opened for modification C:\Windows\Debug\WIA\wiatrace.log C:\Windows\system32\mspaint.exe N/A

Enumerates physical storage devices

Checks processor information in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3906287020-2915474608-1755617787-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133619358713024005" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Google C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\NGC\SoftLockoutVolatileKey C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Google\Chrome C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Google\Chrome\InstallerPinned = "0" C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19 C:\Windows\system32\svchost.exe N/A
Key created \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\NGC C:\Windows\system32\svchost.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{85AE4AE3-8530-516B-8BE4-A456BF2637D3}\1.0 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{F258BE54-7C5F-44A0-AAE0-730620A31D23}\1.0\0 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F258BE54-7C5F-44A0-AAE0-730620A31D23}\1.0\0\win64\ = "C:\\Program Files (x86)\\Google\\GoogleUpdater\\127.0.6490.0\\updater.exe\\6" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1F1289FD-DD10-4579-81F6-1C59AAF2E1A9}\TypeLib\ = "{1F1289FD-DD10-4579-81F6-1C59AAF2E1A9}" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{F966A529-43C6-4710-8FF4-0B456324C8F4}\1.0\0\win64 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B16B5A0E-3B72-5223-8DF0-9117CD64DE77}\ = "IUpdaterObserverSystem" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F258BE54-7C5F-44A0-AAE0-730620A31D23}\TypeLib\Version = "1.0" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{6430040A-5EBD-4E63-A56F-C71D5990F827} C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{B7FD5390-D593-5A8B-9AE2-23CE39822FD4} C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{699F07AD-304C-5F71-A2DA-ABD765965B54} C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{F258BE54-7C5F-44A0-AAE0-730620A31D23}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{4DC034A8-4BFC-4D43-9250-914163356BB0}\TypeLib\Version = "1.0" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1F1289FD-DD10-4579-81F6-1C59AAF2E1A9}\ = "IAppCommandWebSystem" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{18D0F672-18B4-48E6-AD36-6E6BF01DBBC4}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{18D0F672-18B4-48E6-AD36-6E6BF01DBBC4}\1.0\0\win64 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{F4334319-8210-469B-8262-DD03623FEB5B} C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{0CD01D1E-4A1C-489D-93B9-9B6672877C57}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{ACAB122B-29C0-56A9-8145-AFA2F82A547C}\TypeLib C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{F966A529-43C6-4710-8FF4-0B456324C8F4}\1.0\ = "GoogleUpdater TypeLib for IPolicyStatus4System" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{34527502-D3DB-4205-A69B-789B27EE0414}\1.0\0 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{27634814-8E41-4C35-8577-980134A96544}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{27634814-8E41-4C35-8577-980134A96544}\1.0 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{1F1289FD-DD10-4579-81F6-1C59AAF2E1A9} C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{F4334319-8210-469B-8262-DD03623FEB5B}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F63F6F8B-ACD5-413C-A44B-0409136D26CB}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{B4168B26-4DAC-5948-8F80-84C2235AD469}\1.0 C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5F793925-C903-4E92-9AE3-77CA5EAB1716}\TypeLib\ = "{5F793925-C903-4E92-9AE3-77CA5EAB1716}" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{494B20CF-282E-4BDD-9F5D-B70CB09D351E}\TypeLib\ = "{494B20CF-282E-4BDD-9F5D-B70CB09D351E}" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{F63F6F8B-ACD5-413C-A44B-0409136D26CB}\1.0\0\win64 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4DC034A8-4BFC-4D43-9250-914163356BB0}\TypeLib\ = "{4DC034A8-4BFC-4D43-9250-914163356BB0}" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{8476CE12-AE1F-4198-805C-BA0F9B783F57}\1.0\0\win64 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{05A30352-EB25-45B6-8449-BCA7B0542CE5}\1.0\ = "GoogleUpdater TypeLib for IPolicyStatus3" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{85AE4AE3-8530-516B-8BE4-A456BF2637D3}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{05A30352-EB25-45B6-8449-BCA7B0542CE5}\1.0\0\win32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{1588C1A8-27D9-563E-9641-8D20767FB258}\TypeLib C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{0486745C-8D9B-5377-A54C-A61FFAA0BBE4}\1.0\0 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{6430040A-5EBD-4E63-A56F-C71D5990F827}\TypeLib\Version = "1.0" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{F966A529-43C6-4710-8FF4-0B456324C8F4}\1.0\0\win32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{F4FE76BC-62B9-49FC-972F-C81FC3A926DB}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{494B20CF-282E-4BDD-9F5D-B70CB09D351E} C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{ACAB122B-29C0-56A9-8145-AFA2F82A547C}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{E9CD91E3-A00C-4B9E-BD63-7F34EB815D98}\ = "ICurrentStateSystem" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{F4FE76BC-62B9-49FC-972F-C81FC3A926DB}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{D106AB5F-A70E-400E-A21B-96208C1D8DBB}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6430040A-5EBD-4E63-A56F-C71D5990F827}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{6430040A-5EBD-4E63-A56F-C71D5990F827}\1.0\0\win64 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{699F07AD-304C-5F71-A2DA-ABD765965B54}\1.0\0\win64\ = "C:\\Program Files (x86)\\Google\\GoogleUpdater\\127.0.6490.0\\updater.exe\\4" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{D106AB5F-A70E-400E-A21B-96208C1D8DBB}\1.0 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{463ABECF-410D-407F-8AF5-0DF35A005CC8}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{B4168B26-4DAC-5948-8F80-84C2235AD469}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{534F5323-3569-4F42-919D-1E1CF93E5BF6}\AppID = "{534F5323-3569-4F42-919D-1E1CF93E5BF6}" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{ABC01078-F197-4B0B-ADBC-CFE684B39C82}\ServiceParameters = "--com-service" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{C4622B28-A747-44C7-96AF-319BE5C3B261}\1.0\0\win32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DD42475D-6D46-496A-924E-BD5630B4CBBA}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\WOW6432Node\Interface\{F63F6F8B-ACD5-413C-A44B-0409136D26CB}\TypeLib C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Interface\{128C2DA6-2BC0-44C0-B3F6-4EC22E647964}\ProxyStubClsid32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{27634814-8E41-4C35-8577-980134A96544}\1.0\0\win64 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{ACAB122B-29C0-56A9-8145-AFA2F82A547C}\1.0\0 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B16B5A0E-3B72-5223-8DF0-9117CD64DE77}\TypeLib\ = "{B16B5A0E-3B72-5223-8DF0-9117CD64DE77}" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{699F07AD-304C-5F71-A2DA-ABD765965B54}\ProxyStubClsid32\ = "{00020424-0000-0000-C000-000000000046}" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\TypeLib\{5F793925-C903-4E92-9AE3-77CA5EAB1716}\1.0\0\win32 C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\TypeLib\{B685B009-DBC4-4F24-9542-A162C3793E77}\1.0\0\win64\ = "C:\\Program Files (x86)\\Google\\GoogleUpdater\\127.0.6490.0\\updater.exe\\6" C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A
N/A N/A C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeSecurityPrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeRestorePrivilege N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: 35 N/A C:\Program Files\7-Zip\7zFM.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\SystemSettingsAdminFlows.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Windows\system32\mspaint.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A
N/A N/A C:\Windows\system32\osk.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4584 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 4512 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 1652 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 3900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4584 wrote to memory of 2984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://google.com

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffee95dab58,0x7ffee95dab68,0x7ffee95dab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1660 --field-trial-handle=1912,i,11055041670851608890,15486095822711149146,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2116 --field-trial-handle=1912,i,11055041670851608890,15486095822711149146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2220 --field-trial-handle=1912,i,11055041670851608890,15486095822711149146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1912,i,11055041670851608890,15486095822711149146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2988 --field-trial-handle=1912,i,11055041670851608890,15486095822711149146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3988 --field-trial-handle=1912,i,11055041670851608890,15486095822711149146,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4464 --field-trial-handle=1912,i,11055041670851608890,15486095822711149146,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4624 --field-trial-handle=1912,i,11055041670851608890,15486095822711149146,131072 /prefetch:8

C:\Windows\system32\SystemSettingsAdminFlows.exe

"C:\Windows\system32\SystemSettingsAdminFlows.exe" TroubleshootActivation

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Program Files\7-Zip\7-zip.chm"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\7zO8A38B7AA\start.htm

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffedad546f8,0x7ffedad54708,0x7ffedad54718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,2753143702404383264,11697115709657226737,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1960 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,2753143702404383264,11697115709657226737,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2156 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2060,2753143702404383264,11697115709657226737,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2628 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2753143702404383264,11697115709657226737,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,2753143702404383264,11697115709657226737,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\mspaint.exe

"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\AppData\Local\Temp\7zOCCDF813B\117.bmp"

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DeviceAssociationService

C:\Windows\system32\mspaint.exe

"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\AppData\Local\Temp\7zOCCDB990B\116.bmp"

C:\Windows\system32\mspaint.exe

"C:\Windows\system32\mspaint.exe" "C:\Users\Admin\AppData\Local\Temp\7zOCCD1136B\118.bmp"

C:\Program Files\VideoLAN\VLC\vlc.exe

"C:\Program Files\VideoLAN\VLC\vlc.exe" -Iskins

C:\Program Files\VideoLAN\VLC\vlc.exe

"C:\Program Files\VideoLAN\VLC\vlc.exe"

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe"

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe"

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=FFE3F88052F6B19FF41D5432AD4B1961 --mojo-platform-channel-handle=1752 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=3BC08128602C1DAB11E8F7F7CF797702 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=3BC08128602C1DAB11E8F7F7CF797702 --renderer-client-id=2 --mojo-platform-channel-handle=1764 --allow-no-sandbox-job /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=B331421BCCB95C0B244FFE9940DBB94C --mojo-platform-channel-handle=2324 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=826C35BF4E9A81D78BE2EC715F7C2854 --mojo-platform-channel-handle=1780 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=E6B2C624A6B06E7C14A9340A73864DAA --mojo-platform-channel-handle=2344 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x128,0x12c,0x130,0x104,0x134,0x7ffee95dab58,0x7ffee95dab68,0x7ffee95dab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1692 --field-trial-handle=1952,i,7557626865235343476,1096499017782395809,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2000 --field-trial-handle=1952,i,7557626865235343476,1096499017782395809,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2296 --field-trial-handle=1952,i,7557626865235343476,1096499017782395809,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3108 --field-trial-handle=1952,i,7557626865235343476,1096499017782395809,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3140 --field-trial-handle=1952,i,7557626865235343476,1096499017782395809,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4472 --field-trial-handle=1952,i,7557626865235343476,1096499017782395809,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4556 --field-trial-handle=1952,i,7557626865235343476,1096499017782395809,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4704 --field-trial-handle=1952,i,7557626865235343476,1096499017782395809,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4936 --field-trial-handle=1952,i,7557626865235343476,1096499017782395809,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4996 --field-trial-handle=1952,i,7557626865235343476,1096499017782395809,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4744 --field-trial-handle=1952,i,7557626865235343476,1096499017782395809,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x258,0x25c,0x260,0x234,0x264,0x7ff7b4d3ae48,0x7ff7b4d3ae58,0x7ff7b4d3ae68

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4992 --field-trial-handle=1952,i,7557626865235343476,1096499017782395809,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffee95dab58,0x7ffee95dab68,0x7ffee95dab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1704 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2232 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3080 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3096 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4360 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4492 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4512 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4212 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4876 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5032 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4964 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4856 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5080 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5528 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5704 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5040 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5252 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5056 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5200 --field-trial-handle=1948,i,18414451282750820202,11324816270158412764,131072 /prefetch:8

C:\Users\Admin\Downloads\ChromeSetup.exe

"C:\Users\Admin\Downloads\ChromeSetup.exe"

C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe

"C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe" --install=appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={0746E5A0-DDD9-A2C2-CEEF-C6BD5D321287}&lang=en&browser=4&usagestats=1&appname=Google%20Chrome&needsadmin=prefers&ap=x64-statsdef_1&installdataindex=empty --enable-logging --vmodule=*/components/winhttp/*=1,*/components/update_client/*=2,*/chrome/updater/*=2

C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe

"C:\Program Files (x86)\Google5168_1133182337\bin\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6490.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x27c,0x280,0x284,0xc8,0x288,0x131758c,0x1317598,0x13175a4

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --system --windows-service --service=update-internal

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6490.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x280,0x284,0x288,0x25c,0x28c,0xa2758c,0xa27598,0xa275a4

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --system --windows-service --service=update

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6490.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x278,0x27c,0x280,0x254,0x284,0xa2758c,0xa27598,0xa275a4

C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\125.0.6422.142_chrome_installer.exe

"C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\125.0.6422.142_chrome_installer.exe" --verbose-logging --do-not-launch-chrome --channel=stable --installerdata="C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\642f3e2f-38f8-42e2-a160-a4a71dde418e.tmp"

C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe

"C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe" --install-archive="C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\CHROME.PACKED.7Z" --verbose-logging --do-not-launch-chrome --channel=stable --installerdata="C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\642f3e2f-38f8-42e2-a160-a4a71dde418e.tmp"

C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe

"C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=125.0.6422.142 --initial-client-data=0x278,0x27c,0x280,0x274,0x270,0x7ff623342698,0x7ff6233426a4,0x7ff6233426b0

C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe

"C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe" --channel=stable --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe

"C:\Program Files (x86)\chrome_Unpacker_BeginUnzipping5020_1494455147\CR_1060F.tmp\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=125.0.6422.142 --initial-client-data=0x270,0x274,0x278,0x24c,0x27c,0x7ff623342698,0x7ff6233426a4,0x7ff6233426b0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffee95dab58,0x7ffee95dab68,0x7ffee95dab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1712 --field-trial-handle=1888,i,3235886145249372304,18183224778469999480,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2168 --field-trial-handle=1888,i,3235886145249372304,18183224778469999480,131072 /prefetch:8

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --system --windows-service --service=update

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6490.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x278,0x27c,0x280,0x254,0x284,0xa2758c,0xa27598,0xa275a4

C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe" --rename-chrome-exe --system-level --verbose-logging --channel=stable

C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=125.0.6422.142 --initial-client-data=0x290,0x294,0x298,0x26c,0x29c,0x7ff61e272698,0x7ff61e2726a4,0x7ff61e2726b0

C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe" --channel=stable --delete-old-versions --system-level --verbose-logging

C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe" --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Program Files\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=125.0.6422.142 --initial-client-data=0x270,0x274,0x278,0x24c,0x27c,0x7ff61e272698,0x7ff61e2726a4,0x7ff61e2726b0

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --flag-switches-begin --flag-switches-end

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=125.0.6422.142 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ffed4761c70,0x7ffed4761c7c,0x7ffed4761c88

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=2036,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=2028 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=1956,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=2196 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=2300,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=2780 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=2932,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=3124 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=2944,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=3240 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4572,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=4592 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --enable-chrome-cart --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4816,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=4788 /prefetch:1

C:\Program Files\Google\Chrome\Application\125.0.6422.142\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\125.0.6422.142\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=3728,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=3716 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4912,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=4804 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --field-trial-handle=4948,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=5056 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc

C:\Windows\system32\osk.exe

"C:\Windows\system32\osk.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=208,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=4632 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=4280,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=5036 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=5284,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=3228 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=5056,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=5100 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --field-trial-handle=3316,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=5052 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3244,i,4186967344657110796,1583820461011681209,262144 --variations-seed-version=20240603-050140.191000 --mojo-platform-channel-handle=5196 /prefetch:8

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --wake --system

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6490.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x278,0x27c,0x280,0x254,0x284,0xa2758c,0xa27598,0xa275a4

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --system --windows-service --service=update-internal

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6490.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x27c,0x280,0x284,0x258,0x288,0xa2758c,0xa27598,0xa275a4

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --system --windows-service --service=update

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe

"C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\updater.exe" --crash-handler --system "--database=C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad" --url=https://clients2.google.com/cr/report --annotation=prod=Update4 --annotation=ver=127.0.6490.0 "--attachment=C:\Program Files (x86)\Google\GoogleUpdater\updater.log" --initial-client-data=0x280,0x284,0x288,0x25c,0x28c,0xa2758c,0xa27598,0xa275a4

Network

Country Destination Domain Proto
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:80 google.com tcp
GB 142.250.178.14:80 google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 83.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 ogs.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.187.238:443 ogs.google.com tcp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 216.58.213.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 71.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 68.32.126.40.in-addr.arpa udp
GB 142.250.187.238:443 ogs.google.com udp
US 8.8.8.8:53 cxcs.microsoft.net udp
BE 104.68.66.114:443 cxcs.microsoft.net tcp
NL 23.62.61.129:443 www.bing.com tcp
US 8.8.8.8:53 114.66.68.104.in-addr.arpa udp
US 8.8.8.8:53 129.61.62.23.in-addr.arpa udp
US 8.8.8.8:53 103.169.127.40.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 67.32.209.4.in-addr.arpa udp
US 8.8.8.8:53 249.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 14.227.111.52.in-addr.arpa udp
US 8.8.8.8:53 16.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 164.189.21.2.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.238:443 clients2.google.com tcp
US 8.8.8.8:53 ogs.google.com udp
GB 142.250.187.238:443 ogs.google.com udp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 216.58.213.3:443 ssl.gstatic.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 216.58.213.3:443 ssl.gstatic.com udp
GB 142.250.187.238:443 ogs.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com tcp
US 8.8.8.8:53 tools.google.com udp
US 8.8.8.8:53 s.ytimg.com udp
GB 172.217.169.46:443 tools.google.com tcp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.178.10:443 content-autofill.googleapis.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 10.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 142.250.179.226:443 googleads.g.doubleclick.net tcp
US 8.8.8.8:53 2542116.fls.doubleclick.net udp
GB 216.58.204.70:443 2542116.fls.doubleclick.net tcp
GB 216.58.204.70:443 2542116.fls.doubleclick.net udp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 70.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 2.178.250.142.in-addr.arpa udp
GB 142.250.179.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 2.180.250.142.in-addr.arpa udp
GB 172.217.169.46:443 tools.google.com udp
US 8.8.8.8:53 csp.withgoogle.com udp
GB 172.217.169.81:443 csp.withgoogle.com tcp
US 8.8.8.8:53 81.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 update.googleapis.com udp
GB 216.58.204.67:443 update.googleapis.com tcp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 123.35.104.34.in-addr.arpa udp
GB 216.58.204.67:443 update.googleapis.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.200.14:443 www.youtube.com tcp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 update.googleapis.com udp
GB 216.58.204.67:443 update.googleapis.com tcp
GB 216.58.204.67:443 update.googleapis.com tcp
GB 216.58.204.67:443 update.googleapis.com udp
US 8.8.8.8:53 chromewebstore.googleapis.com udp
GB 172.217.169.74:443 chromewebstore.googleapis.com tcp
US 8.8.8.8:53 74.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 update.googleapis.com udp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 522e3bbbd136056436595dc46ab01df9
SHA1 8ec14b84e8a240f207a6dc9e21106d9d7f0c8b9a
SHA256 2c78586fadda611133983012f486266e27ceb527a3285e47c8fdfcc9bb8042e4
SHA512 2d614e848dd3c9d2c2f93f384c41e2fe2435401ba148561150309b7680625b5c299e6c3709d66577c8915ca33c3904f5df8e319a6146ff37d3213639b5a2124d

\??\pipe\crashpad_4584_KLZYQKVBHQZOIKRC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f1b2863171e2c1468344978d3221068d
SHA1 e94986091a19d5ffb50ac53ab19aa4c2fe74b172
SHA256 721a8cfddfebffab7fe6514e20e5b6434cdf43ea49e5c5d7deebf355b5b0b48c
SHA512 3d536dcbbb956915f7a4d19732cada71ecb89bb8ae12b74083112c273aad7119ae1372499ace02a2032f102acb8d368cbced3ff9406bbfcbcf8b2fb322fbd2dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d287618d791a4578e40045e77cd514bf
SHA1 74833de88384c369766c6b1c71daebd176338696
SHA256 78d247678412bebb0a46713ab0026fa1885ad5d5a6d1f97e783cd087e32e5455
SHA512 34c495cf59c8886dda96ea5f6e5fffe1b5ead08fa8f19d99af23ec4ffad428d7b2e75e24aaa79711ad90a638fa90c466edc61d02274d25aae39367528c42b44d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dcbdd42a777f4263e00b13a2e6277af1
SHA1 a6abfbff754ba1801f20c7e462ef9e8ecdd4b985
SHA256 92cd875d2651e413f64aaaecc340d552de6b951648f406606961c81f0a9fdc61
SHA512 96c7f8e237e3bf152a14145e19fb3ad4b5b4238427dfb1b892519d174f5180d8f661683423174c8719f9444ba67b0a12db553a8c2792fcb3b55810bc38121f6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7a1de3540dd58ecd8a88bb16f90af5c3
SHA1 579cc14c07a625f9b3f1f5f52e365f4a5ebfe9b9
SHA256 6896d9bd721ea2afd67cb30fedbe9eac489b5f6860361e985dbe0c1001d0c74e
SHA512 d3da8d931117c483377ffa2df58eb336943a796f3efda5200441cec952d04aa5657faa80ce8aca49868065c158a33a508b85c58fd789a89cc4bb3c69eeb9424b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7111b0888560a3fb103d87f501cda535
SHA1 cc7eb6040a956e4afbaa6d78eaf1aeee341920f7
SHA256 daa1bbcbdb21a2e71876e3c2323fa10716d8983ea7e5f2f26eb64d45be223703
SHA512 0f1b133331dad83193312122b4af5de800e986a022654c9682bca7bee91f8a45e74c9c177dc3dc36201fc4b7435a7ba822358898a68555e07746e646a11bb45e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 dfdddb746d894882efe7a192f893d172
SHA1 86849c184581a2a5debcee09ff46e54a0f045eeb
SHA256 d2509626b315491ee09716609067794531d3ebeec997bdc00a10b4ea26541b6f
SHA512 e1ae178c424bedc06936b2fb96d46931d962f603902f1806a806ed8a6caaa107b7b4df78113dcbaa7571f07705435ea42486f26a90c76999ee5c7bf5bd84faa4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 28a1581a4af6e85a79c305b5b506eb23
SHA1 0d6829ef4e8dc6a545bc0cf4a7a0ddf432999756
SHA256 b13df0177849b96f8f007607a6683c2b8a40aaca912a28b899da32e5ea4d8116
SHA512 76e189ed662cae01d314cab0620a7a822a4a486381cce04fbb4f0ce43e8a91696aad0f78f0b37c4b97456277af805dca9086bbf7b9733bc63e5cb3d7335facd9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c62e90b070a4ec4fd32051817a465201
SHA1 a141ceb60c3ad341160677ce83b665c4e63f5c32
SHA256 60b6d128911fda26435b38386377a3e7ef245285b66c452f16768e6d21a37944
SHA512 2ff2a3fa119583f140478b262698121c5cd8a9702a21aa1b03b74144c7a043065017a4cf58ad774afcb750caf47e85b1c25b44ee730ccac5a21e87c1379569e7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 f53207a5ca2ef5c7e976cbb3cb26d870
SHA1 49a8cc44f53da77bb3dfb36fc7676ed54675db43
SHA256 19ab4e3c9da6d9cedda7461efdba9a2085e743513ab89f1dd0fd5a8f9486ad23
SHA512 be734c7e8afda19f445912aef0d78f9941add29baebd4a812bff27f10a1d78b52aeb11c551468c8644443c86e1a2a6b2e4aead3d7f81d39925e3c20406ac1499

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ae54e9db2e89f2c54da8cc0bfcbd26bd
SHA1 a88af6c673609ecbc51a1a60dfbc8577830d2b5d
SHA256 5009d3c953de63cfd14a7d911156c514e179ff07d2b94382d9caac6040cb72af
SHA512 e3b70e5eb7321b9deca6f6a17424a15b9fd5c4008bd3789bd01099fd13cb2f4a2f37fe4b920fb51c50517745b576c1f94df83efd1a7e75949551163985599998

C:\Users\Admin\AppData\Local\Temp\7zO8A38B7AA\start.htm

MD5 e9ecc143374c617dbd7c94d0c79bbab2
SHA1 68d1e74faff81a06c9d59248591a35482efd16b4
SHA256 be9500078f65ec4ae59d92c4acba4abcf90427b4951878a48ac5bf221bf2e2d2
SHA512 eaf4badcca5c7da17a0f38881426a0ed955f7903a7f25de2d65a1a513d62c7e733f77f31f6adeb0844ac31be4bdc717ec0c006ce74fafe59709e01ad482f25ac

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 26a0e13d522ce3f09ff7e69de8a9a65d
SHA1 45fac661067542f35ee02c7832215384ae4fd199
SHA256 ce5ac63e7c5d88545beb12412ebcf60529db6dc118e43593be965376966d2ce8
SHA512 340a2f25707ad0b3918b24717142d369964f5bf418bccbb306bab771a7696b1ce375e61babacdafc12138fc23f74a41fefcb5e4365b690d9f5ba5e1c0a9bbc10

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0055725a6e7cad8d851d2fe203b346ad
SHA1 c2622936e228b54d3cb621b8641e1fab838fa551
SHA256 3a76969726717b7dd3e99e12c47c237c1321fac46b01197871778ade100bb022
SHA512 a5e646a4389b35dd7a85310bd319bafb6dcae3bba9c8638204234f4e08e26c3d57cc78e9e6a2ef92c9e80e699d9df465a87a96d9b6383f6b62b477e36b93be3c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a8e8e3041da9c664898627b7d2bd026e
SHA1 a480bc1da2213f714e7625ac5c31579406b5cb16
SHA256 7bfe0abe53b1205ed81abfc0b1e002f21022da392cffec61abb78cbaff767e41
SHA512 08f6a85b20dc104237c300b958abffc5a43678699cf424bf2b4183f67537e2d65fb2338f09b9dfd67ddc5f8eccddefc67059f9f699f208f5974813b85aa18b65

C:\Users\Admin\AppData\Local\Temp\7zOCCDF813B\117.bmp

MD5 447a6a61d8c932dbd3a3c3217b664943
SHA1 d90af4a989eba0b573ed75df35d3aed6cb5972f3
SHA256 4348bf27d2b5b8a6dc097314376dd7e62b4867f316aa03f78a4e3967166db313
SHA512 4cf2fae3ef8ba26afe42efe9633f07061c7789c5258d51e98f4a9281417234f18d798b889ac5d6b2ff7b823f1a1e8ce367799f359cfcaf060b50203ff67c95c4

C:\Users\Admin\AppData\Local\Temp\7zOCCDB990B\116.bmp

MD5 72a00d7d30beb50094845dcfc6c2a4d8
SHA1 064076f981e94113e77225f253eb20ce64cb1a1c
SHA256 af2419c9cfe6420a0ead03a29b5a2415d964949bffad4c9db3f2329cd4749d06
SHA512 467d35339aa917f5754004f3531cc172ad3ee4336aff440c7ae60db849e051b28d3ff63bf9b7b0294a19b487da87e52b43653e09348f090c19538df16f4a3edf

C:\Windows\Debug\WIA\wiatrace.log

MD5 45e3a37797d171c634db963152685bc4
SHA1 c8bb2d8d53496f4393739730ba6d8df426aa00f7
SHA256 ad0493ab47d300fe80cce7a115fff43e1333c071023aea8ff180c23ee8ebef7e
SHA512 241a623d34961111a2986c98418bab3dd0a2d9231b64cc1f3ddbf277265dcabad367df3f0dde99aeb82154de86b53abaf64d6398041860fceacf6838b76d1abf

C:\Users\Admin\AppData\Local\Temp\7zOCCD1136B\118.bmp

MD5 20405690d2910d5313526c6c3c190c52
SHA1 cd24b34a76b7fb40819bf058921d64f583d72069
SHA256 41efc4e06f2e16a1e1157896ef0310af0c54f75376e09b16ee43caef1998a8fe
SHA512 26907491a2797581c5e2b3e9d8094132c175decfec82115084ab784a9dabb49a6599e8051f5e7c57d1fa760f2526cfb773d44fff45e7b0c110bf4d9f107429b7

C:\Windows\Debug\WIA\wiatrace.log

MD5 1d4db1a6c768aaac1e4fe4936e110ee9
SHA1 bbd8c26402f31f6f111b07ddc2a68725b2923838
SHA256 6f19ea8baa7b5224eed3c5bd12218c4b7f1e5096829af1136d1069fc0977d48b
SHA512 20fd51a586110b97179171595e0cabf82ea9dd2db13f58ee463742ae4a5cc69c81c810a0268f0d1f7f83309d2e4351fc6f99ae9ef6d1f431d3be8a18bf1f737e

memory/1992-365-0x00007FFEEA0B0000-0x00007FFEEA0E4000-memory.dmp

memory/1992-364-0x00007FF7634F0000-0x00007FF7635E8000-memory.dmp

memory/1992-370-0x00007FFEEA050000-0x00007FFEEA067000-memory.dmp

memory/1992-371-0x00007FFEE9A20000-0x00007FFEE9A3D000-memory.dmp

memory/1992-372-0x00007FFEE5850000-0x00007FFEE5861000-memory.dmp

memory/1992-366-0x00007FFEDA560000-0x00007FFEDA816000-memory.dmp

memory/1992-369-0x00007FFEEA3B0000-0x00007FFEEA3C1000-memory.dmp

memory/1992-368-0x00007FFEEADE0000-0x00007FFEEADF7000-memory.dmp

memory/1992-367-0x00007FFEEDB20000-0x00007FFEEDB38000-memory.dmp

memory/1992-373-0x00007FFED9960000-0x00007FFED9BA5000-memory.dmp

memory/1992-375-0x00007FFEDBC60000-0x00007FFEDBC81000-memory.dmp

memory/1992-380-0x00007FFEDAC00000-0x00007FFEDAC1B000-memory.dmp

memory/1992-379-0x00007FFEDAEF0000-0x00007FFEDAF01000-memory.dmp

memory/1992-378-0x00007FFEDAF10000-0x00007FFEDAF21000-memory.dmp

memory/1992-377-0x00007FFEE0E30000-0x00007FFEE0E41000-memory.dmp

memory/1992-376-0x00007FFEE5830000-0x00007FFEE5848000-memory.dmp

memory/1992-374-0x00007FFED88B0000-0x00007FFED9960000-memory.dmp

memory/688-383-0x00007FFEDA560000-0x00007FFEDA816000-memory.dmp

memory/688-389-0x00007FFEE5850000-0x00007FFEE5861000-memory.dmp

memory/688-388-0x00007FFEE9A20000-0x00007FFEE9A3D000-memory.dmp

memory/688-387-0x00007FFEEA050000-0x00007FFEEA067000-memory.dmp

memory/688-386-0x00007FFEEA3B0000-0x00007FFEEA3C1000-memory.dmp

memory/688-385-0x00007FFEEADE0000-0x00007FFEEADF7000-memory.dmp

memory/688-391-0x00007FFEDAB20000-0x00007FFEDAB87000-memory.dmp

memory/688-384-0x00007FFEEDB20000-0x00007FFEEDB38000-memory.dmp

memory/688-382-0x00007FFEEA0B0000-0x00007FFEEA0E4000-memory.dmp

memory/688-381-0x00007FF7634F0000-0x00007FF7635E8000-memory.dmp

memory/688-390-0x00007FFED88B0000-0x00007FFED9960000-memory.dmp

memory/688-418-0x00007FFED88B0000-0x00007FFED9960000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\CrashpadMetrics-active.pma

MD5 d9a49a7d6d5ca840cf0f0e937007e278
SHA1 90197e483cc1bf8970cb6012997b1968f43d8e78
SHA256 183acf4a52e283da352ac2e3d51d43dbdd1534325f4585b6763a4ef38151b876
SHA512 142acbf150500db5f703b3e56c42895cb4374927f6e26adb02f090cf18e9797b8f4e34b7e621de6daf03093cc0a7df73cb4328525ac7a1a4f36e2b61dfde0642

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 772424160a740ab46f10d75ee3f72e87
SHA1 ce1d08ca4145f6a14ce3727642af5a997f73d1e5
SHA256 00ee43ab7fd127a5e0b86cb4db053f67544834eac165db5b54f4b1d406952b84
SHA512 920600c6e67f96b735a40de5e0c4bc1c585f49dc7e92bb07295bc0fed6b1ec3814f5813690d169d574b7184a6cad67cbf97718c224b0cd95cf7df239ab536d88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 bc6142469cd7dadf107be9ad87ea4753
SHA1 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c
SHA256 b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557
SHA512 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

MD5 e7bafc5323d5ac3da56242eb984c9ce3
SHA1 cc85b42c3240d2699174afa61405db0214e1460e
SHA256 09325f797a2ca83f3f39bbc52b28414f9936b4b800de9d3ecf9d6c46027ea5a7
SHA512 cee93634dc6042e1b8c67de035e59817a5607be35fc2464a24167266172268b59496a2a77e8f13065cf5bd7c6de15abbcfb50f4d90e31139e3dde746ccd1d3af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

MD5 666fbb4bcb5e0cc2ab42cdb1c868a081
SHA1 ce136ca705dee89f0adaa033f1aacd1caf11e494
SHA256 b4596cf14185521ffc4f70877c31ddec6c60826faabdaf5703fcbbf189ce399f
SHA512 81dae2b48c9d229838b6d83daa9b79674a3129ebaa51118624712d7e4e1064aa3dfaf48ec3210c29f8abcaa01070be478b202b83da5df9d190e17da96d06b3c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

MD5 77875c51fc04bd8d7ee84fa71462f7a5
SHA1 17419ca497658d8f5b55016c0a59f96f7754945d
SHA256 058ac1b620f7752eec87fb7fed627011b91961e47e2c468c10bcc8773ab4e79f
SHA512 926ec34554b834ee4d082bf74f783a1e5d83abb3bf225aca6fb8735e23b9de2e7ab47a8e979885bf37e3ef3f1906efcb7255af9069035829a45bbe7ad536ce4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

MD5 7ea3e1c883e29e83d2cdc966c8c60567
SHA1 2d4491e56542594f7f355d686967d30dfea249a4
SHA256 dce309a6818a96aaca24e60c1c7a8411af0ac2ac69b9e0bee75067fe01cf99e1
SHA512 4a220859e39850ad70a8bee8a45c5cba78d10294aeb5abb989e816556357f59d118257e298a58e3309e4ad6b35b910a4f42dfb3ec3c93ba48b1841a317989308

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 387ed93f42803b1ec6697e3b57fbcef0
SHA1 2ea8a5bfbf99144bd0ebaebe60ac35406a8b613e
SHA256 982aac952e2c938bd55550d0409ece5f4430d38f370161d8318678fa25316587
SHA512 7c90f69a53e49bad03c4cefd9868b4c4ba145e5738218e8c445ff6ae5347153e3a2f2b918cbe184b0366afd53b984634d2894fea6f31a4603e58ccb6bfa5c625

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 854d8f1456d7644fb9d898c7ebe2cbec
SHA1 8fad7662e6472463678d1a7370a7d4f8b09be151
SHA256 f78af03c74ad4f4c395e256a2d55a9ac74e333a1b2eedeb6272d78c00f740609
SHA512 7d0c6ba19dd54aeaee0b5a9a00e5a8c2b08656e159805410d42b6833df899bd0133d74441a8b2fa30353b9d99647369909135f59b4e4b804c242b6b0b24245c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 d2df18f45ffe5acc8b33bc57a9b367ef
SHA1 235afec7a50d5eb9b81dcc65e5fa420ae4183807
SHA256 a95f1c92e3b251c3dac8c8893a16ae6e1bd0a179b3a289e100172b1f642e6709
SHA512 87e9c3554538d0a79476f944fea1b0ef304ce626ed32c2276d3191cfd7c5aef8b8de3f864bca85feeca1c363bdb1c0431b80d0e4b5c2936dc6643cefcccb4308

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13361935880801286

MD5 0ca9c08fc7eca3253b0a2591cd97e77b
SHA1 6a8e4f2866cf6f805c7edd772f52adafd0278b7f
SHA256 72cd547bd8f777905ecb0fb3add53432a2c5849e57c2742c455228e2f5799ca9
SHA512 5aba08365700174bb012465a5c369292438b2ef5b6e9c16ea575546721366ff4bd33e4ced472993f8c4395a8283635aeb88b9ef8dd80824a5054d419445042d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\4042436d-d3ae-4437-b3cc-3fae8e1178fd.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 f61f0d4d0f968d5bba39a84c76277e1a
SHA1 aa3693ea140eca418b4b2a30f6a68f6f43b4beb2
SHA256 57147f08949ababe7deef611435ae418475a693e3823769a25c2a39b6ead9ccc
SHA512 6c3bd90f709bcf9151c9ed9ffea55c4f6883e7fda2a4e26bf018c83fe1cfbe4f4aa0db080d6d024070d53b2257472c399c8ac44eefd38b9445640efa85d5c487

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 2b68c982da9bea2c6e8c7a1f9534d8f1
SHA1 1a33cfba68287b56f18f26805a895b4af3fad310
SHA256 40818a21e518f94b06593f7045c723d87e499f6d20f0a8f60e02ae298a030f11
SHA512 bc2d20f8257ccdb029bb5c4cf0c6614cf9db19bd92f93b2d65f70647a9462f951ee659d801068296829da62ef26ee6cd4e5944ae04d51d6a8adba287174850ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

MD5 14bc767f279792048ed22cd63efefbca
SHA1 ec083c4294edec9da7a8e6bcc2d30de3b213445e
SHA256 85e66cc9854b3fc728ab313e9a26169af166dd5090359c62c4124b28798a425d
SHA512 32fedf788e737ed9b301348198d5c5469133ed5d70842953d18d38ada5d4d899cb6ffa2044110ea1aa37af1e91930f0af44adc4bf5627a7d98eba899c74b3e93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 aa12ea792026e66caab5841d4d0b9bab
SHA1 47beeba1239050999e8c98ded40f02ce82a78d3f
SHA256 65fe153a832452e97f5d484440a7047e314d3a83cb61ad2508fed48a820e1de1
SHA512 0b2b1bb8851c60c9d4ab1d039b990a4de5799c97c50b45f64e36a21849c14e785f69196f674ac225b1419d7f501338054074cab6203d041361a4fa1ed8802b27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 4ead63dcda1331716b5d0c1ca60541b0
SHA1 8f9163c21cb4296f343f96ca863133f022255543
SHA256 b47ee7cbaee45e9cce7f0d85a4a5011cbd7206b3537bd62e63163b00b353cb9c
SHA512 4be304bd66aa222d40f371ec317a6c66eec99ae07309047914219fbf93a37df9584c978d02cd28b2a3783d8b6bb51243b6727b61e6f89c518523558498d2c185

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 8116519b65af175365536dd468fb590d
SHA1 c75b2427080ce5dc70a14f28726fd0f26749748f
SHA256 4513fb27899af4b57fa0bd0b58f150d3d01e242cc743bcee1a75da6104e5ce37
SHA512 7e23948c09f8c032e20255ff3d2686ccfce1f8faa2de2a0679f33276270c6e9a741f52ce1f2236f471b7f272c69779a10c6b3b30e13361dceaee10d6b1dd23e9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 6c8d369d2ffedff48a3d8318acb1405a
SHA1 2b48a268cf848b935f488636dc1a6b2a1a7e9def
SHA256 d2bbbfe8aec5a067e0cd7de9ed8c429f2dd2010c0b6bcf49b8a6786e13453617
SHA512 43889a21a7cdd096d329314f4ca9b1efe27adf6006bbf870bcd9aa0e6e8df455962e8f4afd69893a70e15450cd6fd991d2e4e24878ae890f6b079ea3bc35200b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

MD5 4bdd116daf58074c4135118a6e5b2a9d
SHA1 05bf92ff508dfe96a4b3fcc276b33768b6bab8aa
SHA256 41878e7ffb48c96805cabac703da69fac0d35783c68b7278049bc1d5b7176ff3
SHA512 617160d87df69dea8c6cd174e72589b1b426a8fefe88d17c2b4394d56efde24ad070d7500ff47388dd9fae293c64d77a1688a70c432635b9f85347a4d87085c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

MD5 ebfbcfd0157d4845fc28817c724e76a7
SHA1 666f78490b41546eaa9d2d3c52b5953879e7f52a
SHA256 952b18c157bf4d11b0623b3157d2e1e42b879281aed75a6fdf0d14e908569d0b
SHA512 e7e390d1fbf25407099cfa502dd2716dd93bc92df4cf6da2399ac8637f19d1d663874fd479d21f2a326b67564ecca2f63473d783e6d4b6f74caebb7739d66bf0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 a518d0b8f2004f6303cacf30c2b16f54
SHA1 2c658d53f4af24b64e1031bdc8a64bc27a01a1f3
SHA256 a6daba108a4622f7ad9265ce0de6058cba9d051be71a2b8704c275c5f42df6c1
SHA512 30616ce254cf851e91f2203d04c49fc97b2f47e5cfe3d0f18d5644848f34294d9a0b26aef71a51daf0dddccfd6ba9423788b0b7f1c643b298f91f7ef8bb501ce

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 4a0990269b4c4f4ef75971d7dbbab491
SHA1 81c88b1b4692c1bec785ef0e189d1f90db3ca0bd
SHA256 a149d55509184d3be20b23d1099b861bd9151f38d2ba2e190cc8923890d94dea
SHA512 8b555e3724e3306a744f8c76eb6e2fbf78de6fed2151e8f6f8104962163c01efa5731716241a65104543b05dba7a03992151be5f43a64fcfa33983ce19831dc8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons

MD5 5c79901dae138eceb868f824d91f600c
SHA1 f648f1186f208155cd3d2508490bda01ed1ebc33
SHA256 44182884dc32f0cf93f6ba291bef309c1dffac574b1f75c7587a197781525dd1
SHA512 70c52308f1dfe2a1a6d58f210e3ba3518c0d26fc3715d4a66a64a13a086b0d5d609d8885cd86dc847249e77f069c3b39348e9255c3694cec3beda974edb71e6e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 be45951d47104d4a5c657c4f98dcb80d
SHA1 c945305d2d83ede1d4f41054add150c3a6c582ca
SHA256 e3a9182487f87a6297c02861a5304614857e32650246d332b9944132d74390fa
SHA512 43cc45f57462f914dfaf8d36f89d629fe3278aa3f5cf01255c05ca04c30eb6bc6f0e9747b4849f961b8a4f2eda359a371671ff3459991d57afb7648bed7186b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 69a50cc77356138e6877841f19ea15cb
SHA1 3ce98e3fbe5a2a5020eb309ebef515e6be2da3fb
SHA256 8d4fa2b482d43beea8393fa50698047191f4f93979f1389332af2c82830f091d
SHA512 86bae82ecacb360ebc2cd00dcb38d1ef78b54af7125b4eaaffe12a61366bd06b0af0ddd9a2c4ddeb8087ac6616dbafe41a8953cd20cdc731febea21761bd1306

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 b28e18f506fc0caff65698a4ad617fdd
SHA1 0ad5d8fec38818f73d93707a770deaf6e0cfed1f
SHA256 79c6eec336793431a2351a3a1133322d87dcc7691daa8811bc8266525c3af33d
SHA512 ea972b84bf88b9ba1d13c2baf8a95e3ce7674e86c07d67ed3fedc16af21395e8b2611c13633c342a991c23c865e2eda0be7071db2c86c8bb33d5a440fbee6497

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 67ece1031085b23d9da1480422150fdf
SHA1 ea2ad1bd43457a9c9bf4f9f6d19bca68821135dd
SHA256 cad681f0c8b3cddcb27fffbf695ec2434b15ddfba60df2020030274ee49135a5
SHA512 89710cc4fd310d927fc1e98f94820ff647032ede0cf8c7c71ce03519dada97f400ae9314c939faa46833254776dddcd617b983017a3a986bdacc2941dc3d8daf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 b7e93ca5989e305ce62e282720238c68
SHA1 919b2eb909cde642396381cc6fa9d3caa1c213e1
SHA256 66ae3714e0ecee0d11b24505ce4128568713d5efc250dbc5deb57472337d1c6d
SHA512 91085328914ca0409085c42921dfe4706c546e6c27782630e0afb7712ebfc4616a1e23e249aed7e82d2b81365e3ed9dec8038bef106d618ec4864838c7b1d385

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 0e21a8a871f0a7bfa201d96a245662a2
SHA1 d154460d14af640b8dbfb192bb0c173fdd5cf396
SHA256 8d7f61922511738fc1e1da016ae372125d1fcedd900e603ff4636f83174381c4
SHA512 fc238ed5163e5b0f2d254a57eb30744f871c87da003201ef794c7ae9118febb32559eb69df7f1b5dc17a40f959e68f7435ee4dcf842815e184f936f1f2d390d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 009b9a2ee7afbf6dd0b9617fc8f8ecba
SHA1 c97ed0652e731fc412e3b7bdfca2994b7cc206a7
SHA256 de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915
SHA512 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 02a836c04d2468d6db051667227858a3
SHA1 ab0a6193cc015670b5c45a7261f09535182bf917
SHA256 b77645700978582deba72e6687dbabb82e8b6cacff8b3cd996e6e111dfdd62cb
SHA512 c22c3af20ef3996c89b0a2f447652b3f7c5386bd87c38037e782b71b3d7efe36502aee954d09349376a211751287f6596663332fe60a6fa388e31f150f6388d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f7cb0fe6815fb51b4fcc717e5791acdc
SHA1 cf1ee37ffde33f6e116813001a2a866ec0eefffb
SHA256 2e49524d4e54d440677486e02e395e2beebff49630805958c263b8133128d3a4
SHA512 6014d6b34585ea35fdfc7e4e2da1389f56a367f222f6c448abbc75534d909c2444d9eeb2edaed4127f958bd02c094f97b740ca64042f786f2643899e2b08acf7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 40eae2799fe6f32d072022dee316afb2
SHA1 60343bd50b314a57282450fcc213d97b41d6269c
SHA256 826df61eae10211b02890955114abe12d88ac6f1635d394705ec7b966a3cbdf1
SHA512 ce3bb01168cb91d013093c7d3da95b61d8eeec66d02c981db2dece4de6ea4f7ce5f26df7d69ba3a258d5d50514d69f3dae71cc6f526f9ea492d0d3de91990b0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4025baab55e9cd3d2e20a5de82db7b62
SHA1 376e6d80db195076357661ad10ee22237e0731cd
SHA256 2a27d2fa77208e2667d9c053e89d806435e0703857637f518428fde94d351984
SHA512 e72cabe92a274ebded51bbc07b39f7fcd8260a728d08d3b6486498590cae6071c7dc1a65362d7cb790a91ad52d65fa24fdc0e676ff9f567d36465064297627c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9297f4239ba62eb9183bc81f5104d1bc
SHA1 f7f973648aa2f8d0ac0e89fcdb127e24e7d28b37
SHA256 5b77c45fd3c055ff6ba48680aad15f3f5dbf46adf1cc7e29f6da05f2d36f30ff
SHA512 323611c62086e2e638756bf45c6a5f669be9bf0d0e6777bd4132796b048d05825a1959d9c6622f1bf7521a6dde37648e004dd2f01c41508d440e3c9cf524c763

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e47c5f52f7a36d1d5536eee43baf473c
SHA1 83b5b2bad4252cb6b825bcffc53a92b225b35c12
SHA256 911e5f795666dee4d409a244801ea7caed5fa7442bb868a85db155f2bc98ace8
SHA512 8a41a722bef9e3fe8879b051d79ace9a7871ec5ca21ce3db860b5b55c9b99d6b62f9c001b4df361a20db9b6d287cdb9a6c4b713e872bb06e03512827b0a16263

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e044106583e26e8f8dab7bba83cd3ae0
SHA1 fe1c7dc1d7d69f32564893c988ced00c8e57386d
SHA256 94445b84ef4889e0d9e7c7694a9f83b4f916928904fe01ea7ea7fd0f7598398f
SHA512 6bc09d5e8e33557dd3a17f97f5879d861dcf67648d3a9b91874bf7e807ab07234491f18fe924e4e547c95d7c99b78affc58671b82e666fed5e8eca74958d669d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ac2e01b5a778c8a27604d5055d8e5e0b
SHA1 431082566180c6b9c5a3b061b883f3253356fd27
SHA256 6221d90a6941bb697537c9cf84eb2366e81d18a152d85bcad166c5f34fe0ca36
SHA512 f94481b9f0f9affdc3831d3f42ba679030192da4503be327e087f942911c8365fcd0fed8e742f5552dfdd1aa063a70c2f2f65089917413ee86f0ffbbfd9cf2aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 52f5210c50ece8bec7a7bc75fdac95d0
SHA1 094ecb254665accd92d9802296d7e2e2bb0d96a5
SHA256 f767e3d53a5a57e66b75558f000bc438f214395670e2dd9210d4533732daac83
SHA512 fba650f1f41d3cfdcc9459b3bfaeca46e49b18f08e89a8cac107a4aeafc5bd00d1d69b59bb1c985de30bdb92fb5fa6bdf8ed250abc16f5e25e9af10a929105eb

C:\Users\Admin\Downloads\ChromeSetup.exe

MD5 45efcf3723becfe0f96edb9c31ed75c3
SHA1 32a94aaed0cb1c0c1923ab5428c1b81eb5217cfb
SHA256 936fb1ac247274dc6b22f48d8531a43d8d5d571e80b6f4591c002e46a1412954
SHA512 3bd7bdc9d479a63fd741184b230575d90de4c2ffdd7355b4abc4cb424ade1b27822a696308f8c15fe4e688e78347235c0f4abb232c2358b43058272a10afdbde

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 7136b45ffcac6b52d6873f2864471ea9
SHA1 7afb956fccbfa48ec7fcac07cde0f6059a51a534
SHA256 78f60448736dd9d298a2bc503571a91a8f0c342e95ff8cc589d546e84e7384c2
SHA512 66755a95e16371a527df8b702ba8d686a08678aa0d3257ec4775c5fef8c81d422d7a6ce8aa1fa1c150ebe02f14a0df23776dabc42b6da5ed83b79be956fc2ac7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a3216c8abcd4c8c12ddbbb671bc15da3
SHA1 b9249167dfb68b6dd2d44b5affb98b3c2cd0c0c3
SHA256 4878949ee5d33bf7ee4d72434e94feb2a7fa20840fde096e16668c70f011e89e
SHA512 b8601901865c675d2cbb1de92c2726b271c9c9f6e21100f5e187c3a684a1e053d1dfe60df349b4acb2a569d1ddaa9489065d67bd45f3bff789bbd75870c63e09

C:\Program Files (x86)\Google\GoogleUpdater\127.0.6490.0\Crashpad\settings.dat

MD5 6bb05f90b585e080deafdaed7ee22cfb
SHA1 b7f6470da1e5cc7c17c013fc40553a5e955cee07
SHA256 7c9056df02b671e8bce7668d2ec0f591d93bbed6ca9ecae1b6bfd977c17455c7
SHA512 d1461512c8e6e44912c95301f2b3135935daf6e74bc67cbd4fd5fbc935322053870c778d52c49cfe33d679ab7052e2cc298ad9ba28d1b0caef87a6c88f4096a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\574bd6cc-4ed6-4720-bf33-5c6669dea4d4.tmp

MD5 277fb3fc4e01fa3998237bf5fcd2209c
SHA1 1aa40c71110405baa2d5d0639ece51a6dd6e2a58
SHA256 23167015a41771da42fd700fb809a1487ad34c8816cf8ffb5269c53102e5408b
SHA512 0752f87705bc98bdf5e95c0d824b650fb8cc02061c4150899a99f64520c85db56ceb6dd256020ec7dc9ac2c79a15d1ddd3eb4df09ab594a229d490a6cc405aac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f5de9b2c344e3e22f0852be3c7483468
SHA1 5e510f85c10e586b8aac8b98388bf60979611652
SHA256 4f1f11190011fe74a802b57e2a0375aa1ef9238a3eb2fbe32044aa426f60caaa
SHA512 f5b9702fc70e0375c253e2acb212e3dc61cefdb16ecb172b5829622390ba0465213053e41edd642bfe99634de7ddcc6f5094d81f2e9c7848dfa63e9deb2afc6f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\655f5c3f-9ade-4029-84b6-1cf4c17bac89.tmp

MD5 6f868c486312d7435e0b6c0b8e4781ad
SHA1 b10033b0394f256d23c02f5628efec02cce3bac0
SHA256 39c13277fd57a07464b4c1bc21d9fb69feb84513e41781fdaa18acdb62fea66b
SHA512 6bec068e2508540ebc2dc7a23a546fd546bdb5300d271f129d23437a7bcc446797e9ce49f746743830ccca1e5241da5e42e5abe8241c7ce6d4656c68f163b8ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c7df7724f75e0dadfe33fcd24cda093e
SHA1 b42a1b8c247763e31d832c10085bcc40cf617ff4
SHA256 5526d88530ff39cc6983fdbf525059ff381809227893c5647a15d80462de2f79
SHA512 afbcf998a6eb9767ad97fce3f4aa9ea41bb6948f78ce0da25022dfe17c8211cc8c10e5445a83d7a729b98a6a057bcfa31a68304daecf055f9375e162c3272a26

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 453fef88f788ee4182a31266eb80b02c
SHA1 fe6f74404cd81828a0267b0f172e1dd8cbe31a30
SHA256 50b2e74205472ece3c9d8c63e7cfed77f300b3a233bd7c5f84d0ee39cc461a98
SHA512 9877a62b7817d50735433316d2e01925f39018d0eccc70a6da58cbc156943d94396b127006add4fb19922caa2ea257e6fc15f6a2eaa5da107b9925028498562e

C:\Program Files\Google\Chrome\Application\125.0.6422.142\Installer\setup.exe

MD5 782b0870300882f2977bed8dd60130dc
SHA1 7d081e093c8b1ab6a35e0afdf7fa265dccd7bd3c
SHA256 997e3f4f45950f00532b7cb8b3d9f4a5305a4dfee3bbc426de7b5ebf82774be8
SHA512 149d4fab0e8d110e477f38995d792f401ea4c66894d33488d6249a7b83137b9f08341ed77a3e1f755be034448c0caa8018e6d19572085d0a648c0e538664440d

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 94940952c13b3a3de6494c3d52a2ec7f
SHA1 166942994b0c9d5004d7c878209461ab8d7bd589
SHA256 e97614e250241e8aa1f428f8fcecd57743e9bc8c06f60e726cd91a284793af30
SHA512 07acf3d960a901f98904a05251cb957c2002f311d4508ae731e392fe26ded5388873f9015cacaf9a1d2fd0b987c4b1df38a7f6611493ba0cd6f5e388a76b530f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1e04c76ddd408f4ed36127c31d0bac46
SHA1 89fab3c6495ae29de00c8a51a806c8702c301b26
SHA256 18ed4d25c944af620dc9c1cd98a932243993831313cd6ebcdc56d7ea45f846b1
SHA512 d78fd287d9819372984f4dbea05eb9fb517502041bcd6309e5d2e94207865820d0b61050e2d1c8712442cfe1497af1eafadc3ea4f141e2b4422280e304a058a0

C:\Program Files\Crashpad\settings.dat

MD5 f93c2a5eaa2013ad8d52d1337cb2b0c5
SHA1 4f61840e8d37f4932816cad0fb37c464a9f75cbc
SHA256 a154e031ee4c5e5ec65a2a9cc026547304252508c84f0360726f27595401a2f5
SHA512 7da370a01d22a789b0c0623e15f11d49afb9f44440a2bf7f0760b22b3ddb1bac0f7e4c46d8a49ea003b5c53d7aedf18561c0777fd65f02abf5176a9f9c9976ad

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 2e63ce1a148e768a11aa9b53e1b898aa
SHA1 cbbd7d9d67ab160cdb36134c6d3ceadabb70f818
SHA256 8c3ca2eb7bf40150a9cd75d83fd4e5a4c44283a580a0aa0e66c4e3c0f70987a0
SHA512 b4ed17f06aedf281e9648f3e7fc0d052788bd0f79a7787722b6a6bf3921e217eff1379c0dfe9eab21dfd3cdfec7d725a0e564f02d8b5dcfa938c1c629c885f4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 150a30fbecb01592a81df2a98313a2af
SHA1 f04ab34f9b755684afa6483441e603b3a59bba16
SHA256 2aca602f66c41def412a3940566110f19cfe33936ddae585b43fc0b70d5646c6
SHA512 23ddbba23efb0ef98cb46e43b128c9bc7fafbe4b2a6a6e1e064547a8d9e227c41537d654585214397d33f16d5226e52c3b3103c0950c0bb3e414a9a6054769d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e5a8d3561589293d77441a2a205e1129
SHA1 6b2f3136b954e0ce551b9327abfdb7f45c9fafac
SHA256 032e8087a1eeb906e705b4fb226a81d236ee6fa6a9209beb6f9596e182434a08
SHA512 87392ad4f7a6c8200ac2d9d95e726f2d019026a9b767f86fb6848eb1624407683ca52dc078fe20c88a8e6a0a9114a2c844755fbe817c6a370b91f0b4ab337606

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Google Profile.ico

MD5 505a174e740b3c0e7065c45a78b5cf42
SHA1 38911944f14a8b5717245c8e6bd1d48e58c7df12
SHA256 024ae694ba44ccd2e0914c5e8ee140e6cc7d25b3428d6380102ba09254b0857d
SHA512 7891e12c5ec14b16979f94da0c27ac4629bae45e31d9d1f58be300c4b2bbaee6c77585e534be531367f16826ecbaf8ec70fc13a02beaf36473c448248e4eb911

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\trusted_vault.pb

MD5 3433ccf3e03fc35b634cd0627833b0ad
SHA1 789a43382e88905d6eb739ada3a8ba8c479ede02
SHA256 f7d5893372edaa08377cb270a99842a9c758b447b7b57c52a7b1158c0c202e6d
SHA512 21a29f0ef89fec310701dcad191ea4ab670edc0fc161496f7542f707b5b9ce619eb8b709a52073052b0f705d657e03a45be7560c80909e92ae7d5939ce688e9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 738ab9f92f4c6267be5ce65fb668db4e
SHA1 854f7ffc6fe152975a07339a36fde7ba1d3d7a21
SHA256 e83e736c2c3ce86820a71448f71c7fbc876055bd18a8ec5652cd8d61eeb4b41c
SHA512 c0734f269572bf913c9227691d6d14d4d6c80cc53a3991d6dc0bec9e8e7fad639fcdf453a25c491de2103944fa1f8208e338d47ad613994a411206b4543d1f56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0ce2557acf23a5c4b14f3533ea7dea48
SHA1 6f25cf65075d95a12c03ec64546469c91cb19529
SHA256 15457deb516c7910b8207d02a1479b4f38a51fc682fa072750eaaba12853fec3
SHA512 c8e55e487cfffa51d59e2837976f2ec4f96305da3d108c8c9ebc3fc8d908a0af786b81920e98060aa3cdc92f62ccf178ff1f9573874f0b057aa658d97c85c51f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 5316fa0c20f9b3db80136df5cf5bf378
SHA1 d54a2b822e3b526dbb4ffd174c3a0e7830dc0bb5
SHA256 ab54add312ba918da097e3f04c91aa9e27d8615d2b9ae8834e7282502918e668
SHA512 451502fb4170ffdedacd94888250bb7bf89316d39356260398973c3ed98a7c795930fe483e397473ab725ece1c15e286f5bcf39e4297ab4387622e8733e12c0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2612283197e4e1319ebdaa85d99f57a6
SHA1 27c7df5e94712215a490015ac67b17690554872a
SHA256 df557af825534c38a52a129d4747601607f28b15640e2ae6e305f6d510b0ae61
SHA512 32143ca4caa21d02c519b148044bdc37063cbf023c040b8c2f9564ab90d0eec28cb82d4cd908b371df991dec2b03675dadeb0a702884094dbf87dfe4ce1877b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0876fcd14fb6cf2827a39c992d0ccaf9
SHA1 1f9a3a1954e6f4fb964b3859a5f6b1c563e7edae
SHA256 9eb5ed5b1c5c9a33825604056be5de500834959c0a65282c6716ce08a7fac4e7
SHA512 752dc8c18c8e3e1132f9c2d3f1cfc62424f69162ae8bf030e53703e5a26f4212de739f2d8afd96607fdf7c1eaf6fee6c51d64ea2f3400d3d59ef24d0844ca194

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9669c92ae2656ea7526690380324e452
SHA1 0ba8065241c9950db77d995b80adc9c4fb66a651
SHA256 1f1b378b9c7a7dd4dc1c52f4b20ded230b7bb9c02e22e0a26f29616a9d397c8b
SHA512 d93739273a1a1f96b27c1c52b012c17013dc571114ab449aa6019244678edbaaac7957255070aa832248ddd9efbb9a45376261e34d769d27714096b8d951643e

C:\Program Files\chrome_Unpacker_BeginUnzipping5324_1667279637\manifest.json

MD5 4c30f6704085b87b66dce75a22809259
SHA1 8953ee0f49416c23caa82cdd0acdacc750d1d713
SHA256 0152e17e94788e5c3ff124f2906d1d95dc6f8b894cc27ec114b0e73bf6da54f9
SHA512 51e2101bcad1cb1820c98b93a0fb860e4c46172ca2f4e6627520eb066692b3957c0d979894e6e0190877b8ae3c97cb041782bf5d8d0bb0bf2814d8c9bb7c37f3

C:\Program Files\chrome_Unpacker_BeginUnzipping5324_1667279637\Filtering Rules

MD5 6274a7426421914c19502cbe0fe28ca0
SHA1 e4d1c702ca1b5497a3abcdd9495a5d0758f19ffc
SHA256 ae2fd01d2908591e0f39343a5b4a78baa8e7d6cac9d78ba79c502fe0a15ce3ee
SHA512 bf1287f502013308cdd906f6e42998c422ef1e272b348e66122dc4a4e471d01333b418f48d1bb2198c72845bdc950612597e179e612aaa1ba6cf8d48fb8f0cf5

C:\Program Files\chrome_Unpacker_BeginUnzipping5324_1125106605\manifest.json

MD5 30844450890033feb8081780a6b4f24a
SHA1 eee93e581418758a8b487befb62975aecdac28d3
SHA256 f1d384b36014b3d3012ec1a6f54a59c8c6183fb28d9b7625c0c89dd812fda576
SHA512 32c57589d6e2b29f38b01bac88dae7cf37e8be2e8e945692a818c93abd64949a60a0c1155e7052e7a6d753898990f07cccbf33e4d772ba08a223c7ce2493a477

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\CommerceHeuristics\2023.3.30.1305\commerce_global_heuristics.json

MD5 536209da6de083160d042e5b67b8fd4e
SHA1 5a7469ec8be89f291f8e778aa5151f9e7e825338
SHA256 1f1358bd32de4cc06a90c0781c62a2476d1c90dd4812187a2acc4794c881f133
SHA512 abe8004cb81bb2816f61372acea16290fcf01703ca2a8c3512447a996a2560fb01ab23713e39a53c926d6bef40382338e1b398c8d5e189e56ffb2c5cccb4c9e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\CommerceHeuristics\2023.3.30.1305\commerce_hint_heuristics.json

MD5 032bfe220ae2cf2d9a7fa6de45eac2dc
SHA1 9f0f5b637f9344e5624f64dd226fa7ab3054d043
SHA256 47b416f0208bc1293e9c529e15ff00d1bfe5b817867b1de2cbdfca4755db105b
SHA512 33e5d41861207b8e372e459c366c105758bb08ff0dab4607715462d7975f7fe066caf94c58e3551778712c586b8d13013c576bb3dd74689860476044e1417cb2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\CommerceHeuristics\2023.3.30.1305\commerce_product_id_heuristics.json

MD5 24713efdf323c9d8e80df802373aed4f
SHA1 29aee155b1dbac2c43903b6fbca198d629608e97
SHA256 09bc2b1be8537d0f40428576a907c7d12d995a80db516ae9a7c6a19d95a7f3af
SHA512 c55a4bf833e816e2c641ad7e1ecd10e78a2bcfbbeff7246c31a80f12f0cb124cf10638b2381c70baabb9813e1678e9eb33c2f63092e674088c1e686bfc610fc4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9007a69a2cc6b136cb9441ad2896e726
SHA1 dd2b634a07c1d6813e34719d0c6006b1a718399b
SHA256 41b6729eb6bbc508625b29100417c319213055c5931df2ef5a4754bf72786383
SHA512 9ac0ec547a44512a4fcdf5b975e39dc4e5f4d355dfc3a1991227502c34ab3e6ad626f7d38ab9d8fd100311a34bf79a12a62756ff262d2878da7ef1cd990f78fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f0cd9457b8a6f52d48864613eb05dde7
SHA1 b1acb810e5fa40c0f354e23d849ac2d5cd39e72c
SHA256 146c128421cf251f47c2d7e35e6de55ea419f35599b77727370bd06ec10e3739
SHA512 524456181d24487abebf464b90fce81e294124e677bf52496c8c4f0332d42b8e39a082ac307d908908b583f72fbdfdd02993928f1d5a1df2e81e76111d95ddb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 0b5e239af3d0e9605face50d5b213ea4
SHA1 cbf6d6192f00e2073ea4b078d4b40d03198f5ff4
SHA256 f996f6f14d567cbdde6c1123c2bc6875fccea9c696ebface3cb11611153cc714
SHA512 a1b418f7a118f95a1e01282118d454ab91a599b7e1d2e6cd892027fbe375d6d511f4dc3c6831b37eb88bb0875be5a1fcf93e25338e086cca7410f452436af910

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 995de43e25f159fe8222e3735a52b697
SHA1 52496508bfb443cac9868dcca6a08e30fc3dc431
SHA256 3303e4ea8eb28308c5767fcbd2c88e7faf8ef6bfd741e9a54c643dec81c0a83a
SHA512 d023f6608800c5e9ce24e83fd9ebeeaf73ee300e27ed2b020ee1f4b182a6aa74cf8b832227da2f0fd385b842e9848b80dcd8bc2e8b42d445539c80fd26572e27

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 ac785ccc4d0c183a5300df9f2b4af6c9
SHA1 47d42745fb67d22e148354071be0c27bde2f4d45
SHA256 cd64eaed1e3e3d5f07d144b43c3aab15b74685ede561b9063f9f5a584e364bea
SHA512 12d13388599e58cc5e138e731ddd67b1b42c433c27d9768572e54b862e4d7d9316998204494ca600e6ca86d97ecb81c360418ffcfc2707b72dccf2639a4fbbfa

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 75963a085aba734b2af5ec197e216b46
SHA1 8d8ed22843ac2ec41a4f1dd1573f515e3f2122cc
SHA256 0929becbc998fa3068324c723fe53cf71966820659e099dccf774d01e650c581
SHA512 d42b7b6e912b87f263913cdf88edba402504de517f4f5dc2a2fd7116d113702201971df8824919fd4bfa4392494e4ab6267e3a2419d0aaa9f4817f52cc85304d

C:\Program Files (x86)\Google\GoogleUpdater\prefs.json

MD5 40db7994ceb24e107f4cafd70d7076ac
SHA1 fc21c3bfedb420eb6216fe66b85f49c2186b74a9
SHA256 ea184e5b047e0d2debf4aa7ba0664b5fc6aef9f673c4f32279129a6116c93ec5
SHA512 fb88f293cd95b00c09b53aa2ca5771cc814ba4f45b0d60a3ad7c562bdc3204ac77e27424ed9c06b98551f1702f10c77e6b61bec4645bfd1be3bac138b6ce485d