Malware Analysis Report

2024-11-30 13:31

Sample ID 240604-tgwlmscc6x
Target https://github.com/garrydevpro/versatools/releases/download/exe/Versatools.exe
Tags
pyinstaller
score
8/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
8/10

Threat Level: Likely malicious

The file https://github.com/garrydevpro/versatools/releases/download/exe/Versatools.exe was found to be: Likely malicious.

Malicious Activity Summary

pyinstaller

Downloads MZ/PE file

Executes dropped EXE

Loads dropped DLL

Legitimate hosting services abused for malware hosting/C2

Detects Pyinstaller

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

NTFS ADS

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: GetForegroundWindowSpam

Enumerates system info in registry

Modifies registry class

Suspicious behavior: EnumeratesProcesses

Suspicious use of SetWindowsHookEx

Modifies data under HKEY_USERS

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-04 16:02

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-04 16:02

Reported

2024-06-04 16:14

Platform

win10v2004-20240508-en

Max time kernel

735s

Max time network

733s

Command Line

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/garrydevpro/versatools/releases/download/exe/Versatools.exe

Signatures

Downloads MZ/PE file

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A
N/A N/A C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A

Detects Pyinstaller

pyinstaller
Description Indicator Process Target
N/A N/A N/A N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133619906998559630" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\὞⢼⼀谀耋 C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\py_auto_file\shell\edit C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\py_auto_file\shell\edit\command C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\py_auto_file C:\Windows\system32\OpenWith.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\.py\ = "py_auto_file" C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\py_auto_file\shell\open\command C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\.py C:\Windows\system32\OpenWith.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\py_auto_file\shell\open\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1" C:\Windows\system32\OpenWith.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\py_auto_file\shell\edit\command\ = "%SystemRoot%\\system32\\NOTEPAD.EXE %1" C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\py_auto_file\shell\open C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\὞⢼⼀谀耋\ = "py_auto_file" C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000_Classes\py_auto_file\shell C:\Windows\system32\OpenWith.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Unconfirmed 228208.crdownload:SmartScreen C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\Downloads\Versatools.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2328 wrote to memory of 372 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 372 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4824 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 2012 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 2012 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
PID 2328 wrote to memory of 4920 N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Processes

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://github.com/garrydevpro/versatools/releases/download/exe/Versatools.exe

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffa05d646f8,0x7ffa05d64708,0x7ffa05d64718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2112 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2880 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3376 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5432 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5432 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --lang=en-US --service-sandbox-type=collections --mojo-platform-channel-handle=5076 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5024 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5772 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5756 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6268 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --field-trial-handle=2108,4618370274106298014,5544650113981574205,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5788 /prefetch:8

C:\Users\Admin\Downloads\Versatools.exe

"C:\Users\Admin\Downloads\Versatools.exe"

C:\Users\Admin\Downloads\Versatools.exe

"C:\Users\Admin\Downloads\Versatools.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "ver"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe shell32.dll,SHCreateLocalServerRunDll {c82192ee-6cb5-4bc0-9ef0-fb818773790a} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff9f641ab58,0x7ff9f641ab68,0x7ff9f641ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1644 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2172 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2240 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3120 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3128 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4320 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4004 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4620 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0x7ff6d97cae48,0x7ff6d97cae58,0x7ff6d97cae68

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4888 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4928 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4660 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4844 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5040 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3352 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4540 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=2788 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3412 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5324 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=3372 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4976 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4356 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5536 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5496 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=5564 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=2392 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=3456 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5696 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5336 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1604 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3132 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3372 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4860 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\versatools-main\versatools-main\run.bat" "

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\versatools-main\versatools-main\run.bat" "

C:\Windows\System32\NOTEPAD.EXE

"C:\Windows\System32\NOTEPAD.EXE" C:\Users\Admin\Downloads\versatools-main\versatools-main\run.bat

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\versatools-main\versatools-main\.vscode\launch.json

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\versatools-main\versatools-main\src\tools\DiscordNitroGen.py

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\versatools-main\versatools-main\src\data\config.py

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1836 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5560 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3308 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=1076 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5816 --field-trial-handle=1904,i,17905056909363737831,4994173772113140482,131072 /prefetch:8

C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe

"C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe"

C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe

"C:\Users\Admin\Downloads\versatools-main\versatools-main\Versatools.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c "ver"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c cls

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\versatools-main\versatools-main\src\tools\CookieGenerator.py

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\versatools-main\versatools-main\src\Proxy.py

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\versatools-main\versatools-main\src\discordRpc.py

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 144.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 76.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 185.199.108.133:443 objects.githubusercontent.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 26.35.223.20.in-addr.arpa udp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 56.126.166.20.in-addr.arpa udp
US 8.8.8.8:53 21.121.18.2.in-addr.arpa udp
US 8.8.8.8:53 57.169.31.20.in-addr.arpa udp
US 8.8.8.8:53 88.210.23.2.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 204.79.197.200:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com udp
GB 142.250.187.206:443 clients2.google.com udp
GB 142.250.187.206:443 clients2.google.com tcp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 id.google.com udp
GB 142.250.200.3:443 id.google.com tcp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 i.ytimg.com udp
GB 142.250.179.246:443 i.ytimg.com tcp
GB 142.250.179.246:443 i.ytimg.com tcp
GB 142.250.179.246:443 i.ytimg.com tcp
GB 142.250.179.246:443 i.ytimg.com tcp
US 8.8.8.8:53 img.youtube.com udp
GB 142.250.187.206:443 img.youtube.com tcp
GB 142.250.187.206:443 img.youtube.com tcp
US 8.8.8.8:53 www.youtube.com udp
US 8.8.8.8:53 246.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
GB 216.58.212.238:443 www.youtube.com tcp
GB 142.250.179.246:443 i.ytimg.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
GB 142.250.200.34:443 googleads.g.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 142.250.200.34:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 238.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 waa-pa.clients6.google.com udp
GB 216.58.201.106:443 waa-pa.clients6.google.com tcp
GB 216.58.201.106:443 waa-pa.clients6.google.com udp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com tcp
US 8.8.8.8:53 106.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
GB 142.250.200.3:443 id.google.com udp
GB 142.250.179.238:443 www.youtube.com udp
GB 142.250.179.238:443 www.youtube.com tcp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 www.reddit.com udp
US 151.101.1.140:443 www.reddit.com tcp
US 151.101.1.140:443 www.reddit.com tcp
US 8.8.8.8:53 w3-reporting-nel.reddit.com udp
US 151.101.1.140:443 w3-reporting-nel.reddit.com tcp
US 8.8.8.8:53 www.redditstatic.com udp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 151.101.1.140:443 www.redditstatic.com tcp
US 8.8.8.8:53 140.1.101.151.in-addr.arpa udp
US 151.101.1.140:443 www.redditstatic.com tcp
US 8.8.8.8:53 w3-reporting.reddit.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 styles.redditmedia.com udp
US 151.101.1.140:443 styles.redditmedia.com tcp
US 151.101.1.140:443 styles.redditmedia.com tcp
US 8.8.8.8:53 ad-delivery.net udp
US 104.26.3.70:443 ad-delivery.net tcp
US 8.8.8.8:53 emoji.redditmedia.com udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 external-preview.redd.it udp
US 151.101.1.140:443 external-preview.redd.it tcp
US 8.8.8.8:53 b.thumbs.redditmedia.com udp
US 151.101.1.140:443 b.thumbs.redditmedia.com tcp
US 151.101.1.140:443 b.thumbs.redditmedia.com tcp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 8.8.8.8:53 github.githubassets.com udp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 accounts.google.com udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 154.108.199.185.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.113.21:443 collector.github.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.113.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 21.113.82.140.in-addr.arpa udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 e2c74.gcp.gvt2.com udp
FR 34.1.15.89:443 e2c74.gcp.gvt2.com tcp
US 8.8.8.8:53 beacons.gvt2.com udp
GB 172.217.169.3:443 beacons.gvt2.com tcp
US 8.8.8.8:53 89.15.1.34.in-addr.arpa udp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
GB 216.58.212.238:443 www.youtube.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
US 216.239.34.117:443 beacons2.gvt2.com tcp
US 216.239.34.117:443 beacons2.gvt2.com udp
US 8.8.8.8:53 117.34.239.216.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.238:443 www.youtube.com udp
US 8.8.8.8:53 capbypass.com udp
US 104.21.46.168:443 capbypass.com tcp
US 104.21.46.168:443 capbypass.com tcp
US 104.21.46.168:443 capbypass.com udp
US 8.8.8.8:53 challenges.cloudflare.com udp
US 104.17.2.184:443 challenges.cloudflare.com tcp
US 104.17.2.184:443 challenges.cloudflare.com udp
US 8.8.8.8:53 184.2.17.104.in-addr.arpa udp
US 8.8.8.8:53 168.46.21.104.in-addr.arpa udp
US 8.8.8.8:53 cdn.discordapp.com udp
US 8.8.8.8:53 pbs.twimg.com udp
US 162.159.135.233:443 cdn.discordapp.com tcp
US 162.159.135.233:443 cdn.discordapp.com tcp
NL 192.229.233.50:443 pbs.twimg.com tcp
US 8.8.8.8:53 233.135.159.162.in-addr.arpa udp
US 8.8.8.8:53 50.233.229.192.in-addr.arpa udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 172.217.169.34:443 googleads.g.doubleclick.net udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 34.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.179.234:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 a.nel.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 8.8.8.8:53 234.179.250.142.in-addr.arpa udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 8.8.8.8:53 1.80.190.35.in-addr.arpa udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 216.58.212.238:443 www.youtube.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.200.42:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 42.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 codeload.github.com udp
GB 20.26.156.216:443 codeload.github.com tcp
US 8.8.8.8:53 216.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 collector.github.com udp
US 140.82.112.22:443 collector.github.com tcp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 22.112.82.140.in-addr.arpa udp
GB 142.250.200.42:443 content-autofill.googleapis.com udp

Files

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 4158365912175436289496136e7912c2
SHA1 813d11f772b1cfe9ceac2bf37f4f741e5e8fbe59
SHA256 354de4b033ba6e4d85f94d91230cb8501f62e0a4e302cd4076c7e0ad73bedbd1
SHA512 74b4f7b24ad4ea395f3a4cd8dbfae54f112a7c87bce3d286ee5161f6b63d62dfa19bb0d96bb7ed1c6d925f5697a2580c25023d5052c6a09992e6fd9dd49ea82b

\??\pipe\LOCAL\crashpad_2328_PKSNSYLJPNUYACGH

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 ce4c898f8fc7601e2fbc252fdadb5115
SHA1 01bf06badc5da353e539c7c07527d30dccc55a91
SHA256 bce2dfaa91f0d44e977e0f79c60e64954a7b9dc828b0e30fbaa67dbe82f750aa
SHA512 80fff4c722c8d3e69ec4f09510779b7e3518ae60725d2d36903e606a27ec1eaedbdbfac5b662bf2c19194c572ccf0125445f22a907b329ad256e6c00b9cf032c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0762d4b56471d854355e2dff93432761
SHA1 45926b0df33ac34f028b88eb7530ee7fc2cd05dd
SHA256 46326d9c1c0c33fb10b4a15a0d8211848f197d20ab32f7ad79834fdba4e766d5
SHA512 7353f0f9f84537de0e372893c7140adecf67219b139e0710d43312c55f8fc887e0ecb145eb0c5274ceb66c63f9a7e3008b83c4700947ea89b7b3d823738b4e6d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 c0a5c38a0f70aa4458dedc36f382b00b
SHA1 e003c6763b06cec534dedfe81bd662ed72859392
SHA256 4e922087a736baffb7e9cd54745e5a1a9a94cbeefbc19990086b69bbb61aa7df
SHA512 d8878402249f2b601154c85195438805af8ba8949f17edf2277a939c2b8581dffc55a40e155ed0f7ee8788269ce5ef54107eab12c1efe59ceb7c229708868099

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 381b7a5fdc68d3057679cd446029e4fe
SHA1 7226496881f2baca3d15eae8cb573b4e3b1668b9
SHA256 80ff3840d1583dfb2bb0a8fac7ffc9ad80f88d919fee7196dbafcf1bb2f0ce15
SHA512 76cee45557dae0fd3438e0d54b89d809b37d73293d746822c8fb96ee486144f1c19226152b2d3a7dc9cd66f1d9864d499072e7c7e6a3402ffdf74a56b4ac75b3

C:\Users\Admin\Downloads\Unconfirmed 228208.crdownload

MD5 3266fa2e2db0f6d3328ae32de4a64c0c
SHA1 8cfe11a04008c3c8ffbaae5283e5577e52c88120
SHA256 f23fd2d73cb23edfadd7c92456767d8b9310e063d6e2410b40946be4fbe58eb3
SHA512 965fe6ebcc5e5b5cb758dc1ca80faeda48e68acaf5d525c9c5722376626897687d5bf1dc671b96bb42745fe520a91240755c8dd83872ba06ff543add8b242d0a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f0deadf3f6c4bc0bc0fca543a69b75cc
SHA1 55e98fd23a8468bdc0cb799ab6d0cc1af86f67a8
SHA256 3ba2cd90b0004c2ccd3d572a07056c344ac593afccc1c1fc1b44ad3b0a7ea3f3
SHA512 0c005d6b4576e499e7833194ae63587438b33af545b53c1596eb1e352b816e440caeffe7445689d835d46578c2161525cb5efc0cb8f3245a63fd6c3e3df99c48

C:\Users\Admin\AppData\Local\Temp\_MEI58442\ucrtbase.dll

MD5 d40325e6c994228a3403f8ba8f24601f
SHA1 6266b5dc2001ffd75da3588dd7c43027a706589d
SHA256 a2ab58e44828009f6dafe54dd5ed57edfa6b09641e3c8eaa473b37e5b0e2b862
SHA512 59e712713d6492fa1b002da34bc9db82a85e19d13b694b77b57db1030681432c41705d56e9f75031ed9522d43a344d1475c745af7c8c92f70f7fc78e8b8895f9

C:\Users\Admin\AppData\Local\Temp\_MEI58442\python311.dll

MD5 5a5dd7cad8028097842b0afef45bfbcf
SHA1 e247a2e460687c607253949c52ae2801ff35dc4a
SHA256 a811c7516f531f1515d10743ae78004dd627eba0dc2d3bc0d2e033b2722043ce
SHA512 e6268e4fad2ce3ef16b68298a57498e16f0262bf3531539ad013a66f72df471569f94c6fcc48154b7c3049a3ad15cbfcbb6345dacb4f4ed7d528c74d589c9858

C:\Users\Admin\AppData\Local\Temp\_MEI58442\VCRUNTIME140.dll

MD5 4585a96cc4eef6aafd5e27ea09147dc6
SHA1 489cfff1b19abbec98fda26ac8958005e88dd0cb
SHA256 a8f950b4357ec12cfccddc9094cca56a3d5244b95e09ea6e9a746489f2d58736
SHA512 d78260c66331fe3029d2cc1b41a5d002ec651f2e3bbf55076d65839b5e3c6297955afd4d9ab8951fbdc9f929dbc65eb18b14b59bce1f2994318564eb4920f286

C:\Users\Admin\AppData\Local\Temp\_MEI58442\base_library.zip

MD5 e17ce7183e682de459eec1a5ac9cbbff
SHA1 722968ca6eb123730ebc30ff2d498f9a5dad4cc1
SHA256 ff6a37c49ee4bb07a763866d4163126165038296c1fb7b730928297c25cfbe6d
SHA512 fab76b59dcd3570695fa260f56e277f8d714048f3d89f6e9f69ea700fca7c097d0db5f5294beab4e6409570408f1d680e8220851fededb981acb129a415358d1

C:\Users\Admin\AppData\Local\Temp\_MEI58442\_ctypes.pyd

MD5 bd36f7d64660d120c6fb98c8f536d369
SHA1 6829c9ce6091cb2b085eb3d5469337ac4782f927
SHA256 ee543453ac1a2b9b52e80dc66207d3767012ca24ce2b44206804767f37443902
SHA512 bd15f6d4492ddbc89fcbadba07fc10aa6698b13030dd301340b5f1b02b74191faf9b3dcf66b72ecf96084656084b531034ea5cadc1dd333ef64afb69a1d1fd56

C:\Users\Admin\AppData\Local\Temp\_MEI58442\python3.DLL

MD5 b711598fc3ed0fe4cf2c7f3e0877979e
SHA1 299c799e5d697834aa2447d8a313588ab5c5e433
SHA256 520169aa6cf49d7ee724d1178de1be0e809e4bdcf671e06f3d422a0dd5fd294a
SHA512 b3d59eff5e38cef651c9603971bde77be7231ea8b7bdb444259390a8a9e452e107a0b6cb9cc93e37fd3b40afb2ba9e67217d648bfca52f7cdc4b60c7493b6b84

C:\Users\Admin\AppData\Local\Temp\_MEI58442\libffi-8.dll

MD5 0f8e4992ca92baaf54cc0b43aaccce21
SHA1 c7300975df267b1d6adcbac0ac93fd7b1ab49bd2
SHA256 eff52743773eb550fcc6ce3efc37c85724502233b6b002a35496d828bd7b280a
SHA512 6e1b223462dc124279bfca74fd2c66fe18b368ffbca540c84e82e0f5bcbea0e10cc243975574fa95ace437b9d8b03a446ed5ee0c9b1b094147cefaf704dfe978

C:\Users\Admin\AppData\Local\Temp\_MEI58442\_lzma.pyd

MD5 e5abc3a72996f8fde0bcf709e6577d9d
SHA1 15770bdcd06e171f0b868c803b8cf33a8581edd3
SHA256 1796038480754a680f33a4e37c8b5673cc86c49281a287dc0c5cae984d0cb4bb
SHA512 b347474dc071f2857e1e16965b43db6518e35915b8168bdeff1ead4dff710a1cc9f04ca0ced23a6de40d717eea375eedb0bf3714daf35de6a77f071db33dfae6

C:\Users\Admin\AppData\Local\Temp\_MEI58442\_bz2.pyd

MD5 3859239ced9a45399b967ebce5a6ba23
SHA1 6f8ff3df90ac833c1eb69208db462cda8ca3f8d6
SHA256 a4dd883257a7ace84f96bcc6cd59e22d843d0db080606defae32923fc712c75a
SHA512 030e5ce81e36bd55f69d55cbb8385820eb7c1f95342c1a32058f49abeabb485b1c4a30877c07a56c9d909228e45a4196872e14ded4f87adaa8b6ad97463e5c69

C:\Users\Admin\AppData\Local\Temp\_MEI58442\pyexpat.pyd

MD5 9c21a5540fc572f75901820cf97245ec
SHA1 09296f032a50de7b398018f28ee8086da915aebd
SHA256 2ff8cd82e7cc255e219e7734498d2dea0c65a5ab29dc8581240d40eb81246045
SHA512 4217268db87eec2f0a14b5881edb3fdb8efe7ea27d6dcbee7602ca4997416c1130420f11167dac7e781553f3611409fa37650b7c2b2d09f19dc190b17b410ba5

C:\Users\Admin\AppData\Local\Temp\_MEI58442\_socket.pyd

MD5 1eea9568d6fdef29b9963783827f5867
SHA1 a17760365094966220661ad87e57efe09cd85b84
SHA256 74181072392a3727049ea3681fe9e59516373809ced53e08f6da7c496b76e117
SHA512 d9443b70fcdc4d0ea1cb93a88325012d3f99db88c36393a7ded6d04f590e582f7f1640d8b153fe3c5342fa93802a8374f03f6cd37dd40cdbb5ade2e07fad1e09

C:\Users\Admin\AppData\Local\Temp\_MEI58442\select.pyd

MD5 c97a587e19227d03a85e90a04d7937f6
SHA1 463703cf1cac4e2297b442654fc6169b70cfb9bf
SHA256 c4aa9a106381835cfb5f9badfb9d77df74338bc66e69183757a5a3774ccdaccf
SHA512 97784363f3b0b794d2f9fd6a2c862d64910c71591006a34eedff989ecca669ac245b3dfe68eaa6da621209a3ab61d36e9118ebb4be4c0e72ce80fab7b43bde12

C:\Users\Admin\AppData\Local\Temp\_MEI58442\_queue.pyd

MD5 f00133f7758627a15f2d98c034cf1657
SHA1 2f5f54eda4634052f5be24c560154af6647eee05
SHA256 35609869edc57d806925ec52cca9bc5a035e30d5f40549647d4da6d7983f8659
SHA512 1c77dd811d2184beedf3c553c3f4da2144b75c6518543f98c630c59cd597fcbf6fd22cfbb0a7b9ea2fdb7983ff69d0d99e8201f4e84a0629bc5733aa09ffc201

C:\Users\Admin\AppData\Local\Temp\_MEI58442\pywin32_system32\pywintypes311.dll

MD5 90b786dc6795d8ad0870e290349b5b52
SHA1 592c54e67cf5d2d884339e7a8d7a21e003e6482f
SHA256 89f2a5c6be1e70b3d895318fdd618506b8c0e9a63b6a1a4055dff4abdc89f18a
SHA512 c6e1dbf25d260c723a26c88ec027d40d47f5e28fc9eb2dbc72a88813a1d05c7f75616b31836b68b87df45c65eef6f3eaed2a9f9767f9e2f12c45f672c2116e72

C:\Users\Admin\AppData\Local\Temp\_MEI58442\pywin32_system32\pythoncom311.dll

MD5 f98264f2dacfc8e299391ed1180ab493
SHA1 849551b6d9142bf983e816fef4c05e639d2c1018
SHA256 0fe49ec1143a0efe168809c9d48fe3e857e2ac39b19db3fd8718c56a4056696b
SHA512 6bb3dbd9f4d3e6b7bd294f3cb8b2ef4c29b9eff85c0cfd5e2d2465be909014a7b2ecd3dc06265b1b58196892bb04d3e6b0aa4b2ccbf3a716e0ff950eb28db11c

C:\Users\Admin\AppData\Local\Temp\_MEI58442\win32\win32api.pyd

MD5 1d6762b494dc9e60ca95f7238ae1fb14
SHA1 aa0397d96a0ed41b2f03352049dafe040d59ad5d
SHA256 fae5323e2119a8f678055f4244177b5806c7b6b171b1945168f685631b913664
SHA512 0b561f651161a34c37ff8d115f154c52202f573d049681f8cdd7bba2e966bb8203780c19ba824b4a693ef12ef1eeef6aeeef96eb369e4b6129f1deb6b26aaa00

C:\Users\Admin\AppData\Local\Temp\_MEI58442\VCRUNTIME140_1.dll

MD5 7e668ab8a78bd0118b94978d154c85bc
SHA1 dbac42a02a8d50639805174afd21d45f3c56e3a0
SHA256 e4b533a94e02c574780e4b333fcf0889f65ed00d39e32c0fbbda2116f185873f
SHA512 72bb41db17256141b06e2eaeb8fc65ad4abdb65e4b5f604c82b9e7e7f60050734137d602e0f853f1a38201515655b6982f2761ee0fa77c531aa58591c95f0032

C:\Users\Admin\AppData\Local\Temp\_MEI58442\tls_client\dependencies\tls-client-64.dll

MD5 6b0b5bb89d4fab802687372d828321b4
SHA1 a6681bee8702f7abbca891ac64f8c4fb7b35fbb5
SHA256 ec4f40c5f1ac709313b027c16face4d83e0dafdbc466cff2ff5d029d00600a20
SHA512 50c857f4a141ad7db8b6d519277033976bf97c9a7b490186a283403c05cb83b559a596efaf87ca46bc66bdf6b80636f4622324551c9de2c26bebfdbb02209d34

C:\Users\Admin\AppData\Local\Temp\_MEI58442\libcrypto-1_1.dll

MD5 e94733523bcd9a1fb6ac47e10a267287
SHA1 94033b405386d04c75ffe6a424b9814b75c608ac
SHA256 f20eb4efd8647b5273fdaafceb8ccb2b8ba5329665878e01986cbfc1e6832c44
SHA512 07dd0eb86498497e693da0f9dd08de5b7b09052a2d6754cfbc2aa260e7f56790e6c0a968875f7803cb735609b1e9b9c91a91b84913059c561bffed5ab2cbb29f

C:\Users\Admin\AppData\Local\Temp\_MEI58442\_hashlib.pyd

MD5 4255c44dc64f11f32c961bf275aab3a2
SHA1 c1631b2821a7e8a1783ecfe9a14db453be54c30a
SHA256 e557873d5ad59fd6bd29d0f801ad0651dbb8d9ac21545defe508089e92a15e29
SHA512 7d3a306755a123b246f31994cd812e7922943cdbbc9db5a6e4d3372ea434a635ffd3945b5d2046de669e7983ef2845bd007a441d09cfe05cf346523c12bdad52

C:\Users\Admin\AppData\Local\Temp\_MEI58442\_uuid.pyd

MD5 46e9d7b5d9668c9db5caa48782ca71ba
SHA1 6bbc83a542053991b57f431dd377940418848131
SHA256 f6063622c0a0a34468679413d1b18d1f3be67e747696ab972361faed4b8d6735
SHA512 c5b171ebdb51b1755281c3180b30e88796db8aa96073489613dab96b6959a205846711187266a0ba30782102ce14fbfa4d9f413a2c018494597600482329ebf7

C:\Users\Admin\AppData\Local\Temp\_MEI58442\libssl-1_1.dll

MD5 25bde25d332383d1228b2e66a4cb9f3e
SHA1 cd5b9c3dd6aab470d445e3956708a324e93a9160
SHA256 c8f7237e7040a73c2bea567acc9cec373aadd48654aaac6122416e160f08ca13
SHA512 ca2f2139bb456799c9f98ef8d89fd7c09d1972fa5dd8fc01b14b7af00bf8d2c2175fb2c0c41e49a6daf540e67943aad338e33c1556fd6040ef06e0f25bfa88fa

C:\Users\Admin\AppData\Local\Temp\_MEI58442\_ssl.pyd

MD5 208b0108172e59542260934a2e7cfa85
SHA1 1d7ffb1b1754b97448eb41e686c0c79194d2ab3a
SHA256 5160500474ec95d4f3af7e467cc70cb37bec1d12545f0299aab6d69cea106c69
SHA512 41abf6deab0f6c048967ca6060c337067f9f8125529925971be86681ec0d3592c72b9cc85dd8bdee5dd3e4e69e3bb629710d2d641078d5618b4f55b8a60cc69d

C:\Users\Admin\AppData\Local\Temp\_MEI58442\unicodedata.pyd

MD5 aa13ee6770452af73828b55af5cd1a32
SHA1 c01ece61c7623e36a834d8b3c660e7f28c91177e
SHA256 8fbed20e9225ff82132e97b4fefbb5ddbc10c062d9e3f920a6616ab27bb5b0fb
SHA512 b2eeb9a7d4a32e91084fdae302953aac57388a5390f9404d8dfe5c4a8f66ca2ab73253cf5ba4cc55350d8306230dd1114a61e22c23f42fbcc5c0098046e97e0f

C:\Users\Admin\AppData\Local\Temp\_MEI58442\_decimal.pyd

MD5 65b4ab77d6c6231c145d3e20e7073f51
SHA1 23d5ce68ed6aa8eaabe3366d2dd04e89d248328e
SHA256 93eb9d1859edca1c29594491863bf3d72af70b9a4240e0d9dd171f668f4f8614
SHA512 28023446e5ac90e9e618673c879ca46f598a62fbb9e69ef925db334ad9cb1544916caf81e2ecdc26b75964dcedba4ad4de1ba2c42fb838d0df504d963fcf17ee

C:\Users\Admin\AppData\Local\Temp\files\config.json

MD5 8c40f53b5ff573eaec56f527a1b1a6aa
SHA1 ed799b99370a4d803c050cc48343dfe65d38124d
SHA256 a36a289b5365df56cbd7f6f4a38a8d9a547676900b5b68b04353aac7e2186bc0
SHA512 2e7403f7d919ca91912838c10ae7806b2a9baa4c6fba92b1b0f82f53226095f245618993c911173c61facafd7ef15bacb37aa6ad37f41ff79775b17ee44147c0

memory/5460-285-0x00007FF9F1830000-0x00007FF9F27BC000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 010cd9df9347f99dd73a2c046630936f
SHA1 e2e01288d11964eb415a2ee16cba18addefa02f9
SHA256 1084c64e0340714c326ce4480c0e0fedec8b4abca1d1dc12d6c5c2a23c18607c
SHA512 fdfdd6d87bd743d78bed147ee26d85639dfb7c9f707e27824ee19ef5a828a219562531df40f00b2107317272683fd71baf753b050bc1a750bd0127b1f4cc4b43

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 f5cd008cf465804d0e6f39a8d81f9a2d
SHA1 6b2907356472ed4a719e5675cc08969f30adc855
SHA256 fcea95cc39dc6c2a925f5aed739dbedaa405ee4ce127f535fcf1c751b2b8fb5d
SHA512 dc97034546a4c94bdaa6f644b5cfd1e477209de9a03a5b02a360c254a406c1d647d6f90860f385e27387b35631c41f0886cb543ede9116436941b9af6cd3285d

memory/5460-349-0x00007FF9F1830000-0x00007FF9F27BC000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 31b7523ed98d9b65cc2755ae64110aad
SHA1 edf9f71646c96ee8493e09d405b02fc51f5a371b
SHA256 421ae3840e099c01909eb62c7223a206b7159bdc2d7fa86411a9e2bba360770b
SHA512 696a476cf2cebbc4b36f47ea7effa8d35c8b2182e9400c55c32da034dc2542c30fbf85e5d01e4bb407ec93c2219362d7891a2dd45657edc5129d4425d8996aee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7091405495009fddb23999b0e2673a5b
SHA1 a1286c9faea1cf0ef6b036252c6839ea1d2ca7b5
SHA256 3ce6613313c6ad2b28a76ce1ef51f073b1e5c0e77a724cf86afbef549addeb1b
SHA512 1fdd2abc508ba69457e1cbbbbe54a42ce6c60e51ccef8328d16ad4bf38097eb1b785054d340636ce232799962704ac7df9671228281392764fa8bb1e09288af5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 94e176971f6207c13d0cb9af2c3b78cd
SHA1 b9811be91ed5f864e4c9368616df7905edcbdbba
SHA256 240f13255d8c93ef9b7ceddaf989155abafd4ba7c32f8a8bdcd0fcb4672d0892
SHA512 844591aa6d36bad9418f380a89b7aaeaec6ed19a8fd875e83feefee5becf111dc6c0c08f4ac6bafde7f776a7dd90a819bb358e771b0c5bf63725a5ff579cfbc3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e51c9080b5d21f7f11fd01c66fe2ce2b
SHA1 8e572141fab0b05ce0b8f64d39199ae9cd88923b
SHA256 16339be9335c4dfe357683f31a8a6e0e5d657964a1cb4ae838e9cdf134351dce
SHA512 d4fd7c139bc18db15ab92194461418692253e44ca6be9c50c726f36c683ed61f3a1ca4847edefc93b0bfa89cb1e1a92c879b88376a8d050323c380aaca268ff7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a6780f6548bb4f0ce7167efb54154242
SHA1 88f3cbb6494a5c75cb9ca49b17aa5763bb4b6f22
SHA256 258fe84a0cd9a05a7d7a19478eeb4a1f491c57cabf9acb0f9c60c68edc1e8254
SHA512 50b36287154b1d7042cc9188c6e9b38265dd19eb2d7d89680d8dfe6dfe072de0077473e9027cede053ab50bb3b96d117c90a97dbf1922ca975c9accd5e9702a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ae1bccd6831ebfe5ad03b482ee266e4f
SHA1 01f4179f48f1af383b275d7ee338dd160b6f558a
SHA256 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649
SHA512 baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe59d910.TMP

MD5 d054048d18685c2a2b6a115f8b8903db
SHA1 71afb4922699500ecd0c25d048125437dd697ddb
SHA256 58a57c9b8408a759568ea85c87e9fc3520ea47ba5786c2896b3b36982f508c60
SHA512 f536b103c9189026a6befc01ccd358c2a80efd10e4d00fcf54ac8527595f2c8598308ce146e0e1889fc477b14257c8c09d1cdd203ecad297c51eaea4aa06fe85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b10e29f3b6186c7f83ff12a17e1b0924
SHA1 2f4c71ac355202239b9fcd93e6e7cb0f3d538130
SHA256 b985bba4209a9c07404820d6322ab375977262b97ecd07f92c33252d2753ec3c
SHA512 6ef7470d11f0acfb4842781025453db4dd432e22208ef2c7cf426eb01a1f22ade68c61028460c78e1c1a2f7147262da11b20527f4ac4e55d772ec4ab5b30c6e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 ab5e15d4ee9b7bb24143a09b83b65d13
SHA1 73debf1cb9395ec4a5df4537f0e196aed2b4df17
SHA256 83b6888700a21bcc7aeca5a4b878843b5e2573075c7aebea09000aa740c96373
SHA512 8b117d0899f30121f23658cbe9268e2695be7ad937edf4085ab22c8b2131ddff657b27706d4634f45055caf8fc83b577fff9a69eb27408b000a8b70be5d2b7d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 9ab7b3c017be129afd7c5552ed874cc1
SHA1 6a764dfcf976711118f3d6e4d02c8caf78c5ba07
SHA256 0a6dc4f3034b9f78a4ee4fc4133dbbf4d1438f554caff3f719bd38f4d982ab63
SHA512 8338954e06704ad98786282ec9ace9e1d998c69b833acd6f954238bf1e266169a0867581ca67f52cb7f6b5d2fbbe89f2fe7f02a33e9ac960d47013e0f9e8b6ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 055d0d51603acbb2b716ba2f83b656c2
SHA1 702d3cb61da515499074592a71176df2a1c18457
SHA256 40da0c23279a7095113014cb2944ee7d8241e125edfe869db79ee9c72196bb88
SHA512 ae9b85ae60c620ce4f9e00a4090bbdb66a21c45bef9b263d5e20909b7121ac2f920f16efb350a991dcd9cbf30ac2a0c36b275e83ae8d85b93b8f02f3a2d4209a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6dcf54fa438a5dc93df49df9f240fa8b
SHA1 05d1fd3dd0d32f74d0a7d4dbeccfc98a55477efd
SHA256 a77ecc7aadc84fc7a04c663e26a58452ae0bb7d1c47fe8c9676024249b3842b3
SHA512 46e81b112a426fc48dde2aec1f688198c62726ef5e6deb0132a57a53f503df569a90a2f489095467d7d557c296a34cd717dec69783ac1fc4211c4a5974145e8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9c797adebd2ddb83e8799872cf7f27fa
SHA1 69416fc108dd01b303edbf1650a59906a313ea92
SHA256 0f2a04991a58da6fb3fd8569ba1d60582e567448fa410329169f5c2c5626761e
SHA512 0d9d3b12caae59352f30b0d9a12fc76fbaaf39d23e9ec0d1243b8e5d4fc0c1bd717f32d93f9b7247b8b7313183fb90d0d89302a0d2146cc128b2f1c7fc4b355e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 ef9f41ab4e2e0967cc332ec699e56064
SHA1 3db9300f9b26dad9f2d148d55eeff790a8253382
SHA256 1c45110a7ae97d404296b066c8d13e97dace3f3f445a06176334bac3269f4875
SHA512 91705ce7a54abd2fb69fcc86c35e3fb90391aa1e37113915fab591d1fe5c5dee23e29b7348ff948e1cbe98562d83d0540c48ba34dcedcd0b78f8a217f73bea85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5a4ac6.TMP

MD5 95a0580659f82bac322150377b454713
SHA1 1804b11155b6546823f4e5740be993704d66accc
SHA256 d33805301d1bb57afad39a85c9f433871020e2f0a681dea290d522b510baa9db
SHA512 ceac415e6ea31d85368c01a77e8e1d7042a7c8350479472c8808806d2fcc3a5d2ffe5192d3799491c953770e54f128640bd64e661ad1c6bac54a60b40443141a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 e955953b801c04327c1e96c67dd3c618
SHA1 f9061d3780f153e863478106bf1afd85132bccb0
SHA256 e8965a2d52ef25918ebee58ab6971745d396177a7943acf1ed53a65bb4dddd45
SHA512 6318ff1eb838954dd73dab5ed891d47f4f39089fa5e899d30183c32269c5620bd09d169af4cf8303e3d5c2ebab23cfe9ae5d9fa5c3281023abb009f66a25782a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2b78961173af6618d5a4caa8e30b58c7
SHA1 c641069b6c724d74bf59d6659833b8c1934d8b9e
SHA256 5152ef49ab1f4783155647be41852cfe8d385f7c1c00c884b2e798e3126f419a
SHA512 ae2b214fbe27704bd46a218933eacadce479d14ce5f43f9a425d33d5bf28c98d5c6d54b415f514622119ca40bdf874ab1b172f0d0d3bfe78169257a9e28ce24f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a524b4a479e6220074d476ce4d382715
SHA1 24690cb755bcc3ba3478611e15f3d09f4f9be284
SHA256 c1ac37959ccc5d2c2d95ddb89dd9faee99ddd4bb735e02fd39e9e4e20cd9e700
SHA512 46a7af4175432f5071ae9c16998ec57900cee79950051d058dc3449af83a8e46b698482218428b37661ba1b8161f52744aac32ca273c83d52e3738bf11d23d2e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ac172df2e78652d015a35da89c4a5880
SHA1 817f1f7697fef98a8129fa965c78893bef239d6d
SHA256 dbed1bf4c1479d98ebbb17fd91f5481fa17a9f42e5707ae2bfb8316c2c50e8b2
SHA512 fcf6163921e73a70d419968668e25b9f2d9a325a2fc316144c2c71f34ae36365e82775dbb2f2a22a03f6275217ca00081c7ea40a3d046f0ea099d68008c55ea2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 4e8301d4bcfcbd9f2963635486a7fdf8
SHA1 0f0f6331d165f9d65c42d69fdb8b489965422433
SHA256 77a6ca42e8a858b3b5b8ffa69fe043b65018f4cf843e37546d06b54d75be1a4b
SHA512 6bfa057a5479a6e2926da506ce80244be35c46c4102a414c84980155c6f839663385b78be9f99c7e05acad07a68df8342ab1c80d01f11e0c9d7681b4170c9013

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 ec5c5e0e1e1c5b65881902c71829006f
SHA1 fed13dd2ee4ed285846fdea1aabb8e602f2d6612
SHA256 442bc352938eeb0d75e20845ca77ac1e8a76ca39c979636d36b9d0cff8fb904d
SHA512 9107efb11aecfd74af791ca6c5136420bcb99e433dcc9ae81ae2972dcd9877d03254477593917cb7ccf537cc9153f7c0a7c722482601d3f7ddfdcbd92abb89f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe5a8a5f.TMP

MD5 c4bd12b5361f134a0ad88934c3aa83c5
SHA1 731bc6f249ce184755054eada865d9521a4a2731
SHA256 dfc8f3aa0be7681cc6a2ce594688e6a4b7dcdf57029f201e96573f8a19b7acc8
SHA512 80dedc2848bddfc106257a59ffb533a9bfdd0341b87bd99e550760141bf8904887d74989ec7226b5739ae2a65619dbf00e9daaf5825422ed9ad7444a1c202853

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eb44a310771e59e0e67eb0552073d601
SHA1 281cd161a24c374e3178da5a092c3de447cd2318
SHA256 3db0cf72c1b288ea45e47308a9a161961b575257b6f2717b7b689468157a408d
SHA512 a73b291b3ab4ba4021c28507d3c4e7c00bb5c79bf04ba17cf800da19daff5dd2acf3ae1e59c3ab24c3c355ab2bc59ad4448651330f41d37e3cb61148b21b09c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d5637174eb048f75bf7f2c4575792327
SHA1 1e192bafff2fc7a5ff429fdd28f73d3385074047
SHA256 0629aff59c869b218c9e33ff3ef1e9ccf4535bc81c6bbda7534b195843e2ca25
SHA512 45b456d755048af17a8d3859bf82111f90f66d8bb73a9ec2a0c7e85db74a3a289c8ab59cb7e22897ab133a8664c56681119313b8e4486663f69b2c486d2a5279

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 85ba42bf454db26e4a668a919e112dae
SHA1 ce3a66d2de3d05303611974999584e6f84095d52
SHA256 80559b973be8c87bd61596fea9420142c3d3e3ca0faa96791ce355e374720da9
SHA512 cbe65bc9443b9ced690ab1367d3d2068caffc2b331be09a61c0ff426d7ce9c37ee3009c387b1ef020669c0a220cd25bfc29c494dc12b7d9cd2c5e4c9019fcf94

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 cd1563fec8864c90073e90bac86b23b0
SHA1 710bab5023e97323390233f20010cb925264bf10
SHA256 63b57d4254e7175743e65b38581af0ace4bfe403398a1136e6f0af8790392926
SHA512 85fcdd32c18efb3ecd40643f1ebf45ea835ba6bfbcc047f0d9f03fdc019b4bb245bec05a0dc9c7e091bde7475a4acf1c6d624e302db92e2a298a5d3e0cce6c40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\bb32354d-39a3-4c6c-859a-06e6822c04ee.tmp

MD5 fec03f43b7c94eff60d25f86cd25c3e4
SHA1 d7f1ba849c3e5de064b1d900786eb1f48d48b343
SHA256 e8a34dfccb257110a026747192018336237748290f1b110de41a162ebd6145aa
SHA512 3b4915c2e884a8182235374805115ae9731e75c92e49ed15135c91fdefe44e2443b274bbc86617fbdd7df39a4bb5d31bd6a6b6911df95d4ab48aac08ca89b7d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d67809155a4241c69d3d291d0e6a51fe
SHA1 667dabc40d79c7cdc2e66b4fb530d8c232e6978b
SHA256 e88e0fe78ab826c4086ce06077dfccdb4a8ea92f09dadc76c1ff6f56549134d1
SHA512 9dfff472a5ab607ac27e95f975c8b56e735ebf6a639aa388d96001f93617659ea5225d24a65ecdf912e829c97e527835225f6eeb440213abf9be7d7bc8a1ff1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 35bb4667e72b2d1afaa5e75f9021e69a
SHA1 78be6db75406c527b25432f8892ea67c3bca5375
SHA256 36a1cb2672688cb757e2cdd66f4bea2832071bbd3f852202c9652fd423177bc8
SHA512 2a8638c6dbcf16f7f53777c128d8f9efc43a763271d862017caf3f64203aa297ba03b4cfd0b5f5555b1d52463558b0cc8a4f125b63e1a93104f0a7757a297356

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 80884c683c5859f98f9822f24bf5b19d
SHA1 4d647abf0a57f93ad2ec188c1ca851dc9724a7f4
SHA256 6b98373a1a59ab6135e1bb35e8423613bab8b28d69778105795b10ebb642ee59
SHA512 f53cc2d051caa2d3b60c00f295166b66f82bd91bb9572ad43322fa77e4cf61da16dac08a002368f1d722b4f9ab4bedfc67575b51ad4cbb91f4c689ab14a56470

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.reddit.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 19a7d2bb94e578fe93dbc1eb4c01a954
SHA1 697046fb764b453301ee1cef671302865804da9c
SHA256 92025ef7815871f806b87add395b143336e6e5a8a3a155be0e733575827258f9
SHA512 9a637a45fc8ad1b62ac6610141ca25b2d7713b31564a1a49a8db79cb3f3c88fbba68e6a330d0c32ef3b0214f6ee3522856bbd133198beb77572917ce1079278e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1a54f9427f15918ee6e843e32de2ab2f
SHA1 749ff673fac759a990b65957ce6dc2a1c62115a0
SHA256 e68e2673d4ca0050f0886bffcbe08dcd71ad2175278d368102a1194087c0f8f0
SHA512 41d1c9c7c0e8cd16563c3af32b43892618f363acc1a95dfcd95f4b30ffefbaf17d155eef97af1a4813c5ac3a849dfdaa80d89b52a9566362088a03eaade5dd51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 eb71478c6b47a70e14b9394143e1c2f9
SHA1 6674f17f9bd764d76092bf58c01335b26e4871be
SHA256 2558f925cf73ec798156d5be43fc7a303e0235670cb509186bb8e7a744deb2fd
SHA512 36f3cb53125ac1b83fbc30643795d2d23775c2fd5f620d6a07cb4aa79cec37c6b67084300c3a4d0c957a9b4d635c5e08bb79ceea13f228ba4163dfab2e75d2b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 8ee619979bd1c2d4f82d653f9b8d2ec0
SHA1 3a5972c0da12e5aa6984f7f7eb56b3d454324148
SHA256 628b17f1dfa0a21e66625b097636e55ffd71a1bba3e462ae21ba59e3559264fe
SHA512 5603a9c12cc62e9c1ba284a21aaf42020dced8215070dea00c2079de9b7a01926e6d40da1e6c71476574e8e2f8b9086c8b1d5ab225e62c53f32beb3981bbfc38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ef734a03b9322118c627d0f19d0c2727
SHA1 286c975b5f4af7441c7b52ff1a12d1486e47ec68
SHA256 a2bc7e480b23b5479b5279ab8ef19d13fc1c68c7299f1b582e81a42681ec4692
SHA512 ce806c5944e22d687defed3d80eadddffb3b614413079b1be5cd740f41c25ab5c8b8e510e02ddbd66139a0461092575328fc88719c5c135566bdb6b2f05dbea4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4b318c88ac9a52ea107af2bec595818e
SHA1 ee6b5f009ac924ab2b787f5f236e7328e4d9d3ac
SHA256 a299552e33a1e3c3c955d89843541a0f77b8dcff4223e393eb36e02d9c3d6446
SHA512 47adc7f03063cc1bae53edad2e1032aa1d56c2c220ae63eaf415dd24b8d50bd35a9eb67ff73926ac90191ac82c63e470881fcc95a58f701494d1cd8836f56003

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d3348883f5febe0f36aa265c5be826a2
SHA1 9249da9ef8951c43941a31757e7783f37c08c4ff
SHA256 681806152accb07701a56795f41103e8d4df106b65456977e62c08ab3a1ed0f9
SHA512 4d69777015181107ce422aad67015de58cacc8de1a73c4fda4d66c596ced8ce50447791fb40e43fb8f4ed125957481e43c8c59efa68389dee51ca1287b8ce169

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036

MD5 4bc7fdb1eed64d29f27a427feea007b5
SHA1 62b5f0e1731484517796e3d512c5529d0af2666b
SHA256 05282cd78e71a5d9d14cc9676e20900a1d802016b721a48febec7b64e63775f6
SHA512 9900aecac98f2ca3d642a153dd5a53131b23ceec71dd9d3c59e83db24796a0db854f49629449a5c9fe4b7ca3afcdd294086f6b1ba724955551b622bc50e3ba1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039

MD5 96489af7d1d710c87ccff46c75f676cd
SHA1 0d180901740af43fce7eabb98b927189bdf55772
SHA256 17dc396adaa823252c430a56c7613e86232f13e4cef83c68b8cb2842ad29a25a
SHA512 b2a1f56534d8390ad850756d4eb1e0eaa3b97e8b657bbb83128021412107301f9b227f885de0fa0bf185c43cecdb0b59b19d6dfa8dfd5e7786cee17836e25c15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037

MD5 2cb3cd4323fa9365674c6e7a82d775c7
SHA1 1b50c2182283798243b9b60535077273aea21cbe
SHA256 f5a0b1d6261441e74c38f433009eb4883b8f2f9cf6bb2c9aa49de2d4cd77fce0
SHA512 3def599ea63b7296bf242d504791390c592379f87e1a1bd3a52533c6df01e1c41b75a9ad6b012f663633f33dc8b52c5b501d34c694edc66cc9eb3b6c05404059

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000038

MD5 dea29b34367fc971967db2e75015c378
SHA1 fb0416aafd30ff8a4bf2407ec6d1fa86a05f42aa
SHA256 b3005fb75d2fa1a9dfee0c5d26f03543704d9b73c371a3d5aedf847e9d16a0c0
SHA512 be54a7f6bfa8bca479d2282b615eb791cef7880b412a8e2c392f111a7effd2c8dc2388c5bd2df1687832518e482b8bf2bd0b97b190764a1e8a379cd0260e0971

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b15f8d89674fcc168e7dd71ff528ad91
SHA1 54f9b1425dd78339f88e4224b3e91d0238449468
SHA256 9a690b683771404e03c7393f16839636cd354656853d469cf6f8a26a9edfcf83
SHA512 652fcf7c1435e603a045efabb7136d495975ef60a360f1670d0b2aea301d62fb97fedecf47556753ec49f7bd00b217d38af35826ed880f79d5b4fdc9eebfbd43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5ba9a5f15d83997c328a93dfa9a8ace3
SHA1 ed0a85bcc2048869d2e58226057467d23bedd192
SHA256 c16822b3dfaa5afe1f35f20bf5dcc4292c26233b9bfe43c455d706cf53ee8eef
SHA512 7a0e1bb0bed8c363906aca2e161bafae0263d9b313e19e85a49605db636cef0afc32ff19f4543849c550d3e44e1f74dee8729398634bcdd40533639a22671e1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1ec4b21b3a7acd2406e1b3cd9edf1cc0
SHA1 a3a593dadf1b3249db7ee46456a4ab345365032d
SHA256 967025d5219a4f026635022000c34f9b5fda226ed21e079191e213ddbeddaad0
SHA512 651a5b1ee4ee8cf2a26f07248c92524962c04fd186a604a3a48e81a8813b63ad6d6129d03e38954ed95aa0513e11c0b4f0f3abe2c3e0c5c650a93827c7b116b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 3c2776b8d40e04296cd693b0009b1a37
SHA1 a0f1cb3b29bc0dc3ca85794fa93721a06e326a38
SHA256 d12265613b95aa9c4c3d38b2ebb38e8a801aef583bbf80237bc3c922db694256
SHA512 87d69d506689b0ebecb1f4b5234c82eb562acc074b87d3f03f5be8c88f43b9e29ceb2c50e701bb386ffe3242184f31e9c512d4f25dfc2b056c40c446b2e13979

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b4be798699726bf37ab7180ae80d3813
SHA1 2f24e8f82097174791f6e367357353eb7bede59f
SHA256 29f059993b4319064d5547b58a069b1476cfa259e3c1641c93ee1b72caffc5e8
SHA512 e20ce85af8462cd1694ead6e402c56e388ba61d136d3158f9f74116597837c61009be1aab7cf31fd382b65370fdbdd1eef6e52b1ee3fb69d7f7e5fe6679de454

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 343ce9f50b9664757aa712b78853ed53
SHA1 1a1d652aa606c4e3e312b2eb36411ec4f2aca162
SHA256 524c8fa1d171dc8fc6d3ab5ceeab6f1026a58eeab4e9d9cf2d013aa178adce43
SHA512 712f5ea36703d91192ccca4e5c5cb1177bdc376a8e8bda3fce304eec4ed2c11f4341a429115a3ca595ab0a0da8b8f30a94c386c440563fbad9a0ca6eba5360a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ff103fe65bb98898fd70761f735f5fb2
SHA1 923ecc198be3bb5b52efbe3e07d46bce796a7957
SHA256 1fd16126d0e71e0d69b4003097a579c0d4ea2169d1021d64ea35310bc420480d
SHA512 923ad4b49886afe801407e9191d3f7c3e778a81cd74b7230d3f0d853cc30db1d5799037d300928bf8dd26323bfe79a93d6c2488d31e1f0b2506164476cd031ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

MD5 357b4145c3264fe69f8c412e823adeed
SHA1 5fcaf1043bb72dbc719ce56a173b3da59db7ebc9
SHA256 4bf695f9d9be4d4e815594d2b7443042ec14e4dcbaa6d35031cc0420b8009410
SHA512 974c8b0220e6490324f5eda5590d4a895d7d67b87414ca1124dd01ac92e3bec033623bec67b4441fd6b69bb9034d4ee8210ee0f92fdf0a8efb6546e62ef8f7fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

MD5 387ffb4940d5cea54966cda07a2b82a5
SHA1 7d1a337be8558a8eb66ac5a9cce8c9d88ef6569d
SHA256 772b7c4a3c0100538ebc796f22138a55853ea0bfb4c97edec54fe777c6990060
SHA512 b5d0fba043bdb3b3ad63d1c6f9d18c00bbf91351df5dc62595bd87602d120032d8ecee65b2e91b6b6c1624bfa0a46d8c5e8ee5c8eedc3f445748b433457fb360

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

MD5 47b6e3b9a667b9dbc766575634849645
SHA1 54c7e7189111bf33c933817d0a97cefe61fe9a6d
SHA256 302ed4f6c8ac4312d71205603c4c28dd2976fafe4c05533c0a08ab3bdb531aa3
SHA512 a12b74ff45f6f9e6abf459863c299e1fafe61dcf2bea8a7331ed9547de14ed29e2deba69b104c6960db93b458f83ba6a4ba454c5514105e7ffb96da96e26e612

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c

MD5 8e7b638bfec7451db22d5f6d54662360
SHA1 22c4f81a1216d4b1b48b5f66bbe6aeb7c7bee595
SHA256 9ca11ec635e88ea63b7ba633594f5323cfb61ee4499c42b90f3d9968accffc6e
SHA512 024db23141f04f898cb434c7624d23265c3c1dd702f15e40b793060f38cd4be3416bafdee02a72027e41dd2c5fba47ae8765a0e62c17665e8287eb782eed1373

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a

MD5 4dd78ef16495e0ef678c96248c1ed0fd
SHA1 1f7eddb342577a724a03be84f6a5ade727b0732b
SHA256 972c2efd93f8de7bb00c3d1c2e3f49782a68713c75c7cb6895216bb4a9a7efe1
SHA512 3b5e76446e490a8080dd463c7ac4f87c42d46b7a199deb5ae5b1f5b02c043da30f709c5a881060c215738e65c831a58f5c97506cc58f696f26ee1f1138f5d5c7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b

MD5 de94523a13e6a86b6b0edc536394d305
SHA1 29cd246f587a8ffc220a0fa804f4aa54edf3d082
SHA256 630da9aaa87dd11b5bec0230857545e6ff21e3cd878f8419942ef9b5c214d148
SHA512 c96727ecfa02bde4f09ee36fb97729a0649b1cfa548c0d854d4d2c15b54c871ba48d5f97132359688c1fde397e958d8d17713dd4a1c301de439ba79ede2873e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ea318497b2c8da22_0

MD5 564d35cad9de6d029bd0a689c009d002
SHA1 eb38a142604801926553b8505a1df268c544a0fe
SHA256 edb0da18a141128fd11f974b7576e01d119b449f5c0f05372723fb9aabf83561
SHA512 545f7c0e216058dcaf6dde5190e6e08b4ff892316c4ad20351832e6e746262888980cf53fba8a32a3e2fb03ca0d253c9e99fad0326feb7054e0ba99e28ee8744

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1e2a473e43c3d589c0e1da542f2f1858
SHA1 9386d43d6b9f1927d1f0de41a65a48a113e74782
SHA256 48991a920d9f9b8247b25941ecdd87911c88bd2a904159ed07eabd4e9847fa25
SHA512 f04ed4d8b8a044dc7f106a32d4719169a3bd78440840707d204d79cdb99be65f6990d4fa7ac63d0175013cd7da9566662573faf48419ce8afa411dc20ba203cf

C:\Users\Admin\Downloads\versatools-main.zip.crdownload

MD5 44f5d3f2f4bd8065e456803dcd2f62f2
SHA1 4493a20263c4e864b405f5f14ce138e9269c61eb
SHA256 14c661228955213aba9a7e0e463a1095539170007699fe2840a55278930048a5
SHA512 a1ecf69dbc552ef6518d12c7b80455223c894079f1f47f2b2e8f50e1528aa85a2f778219763b92b36bac2c84d034494113cda7c9d880c7ff054f51e3ab67a705

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6fba2a19ac454e428a0dd58756400596
SHA1 33ef2e0d6e3a7a35cebd32bb741d5a2b4518949d
SHA256 d0364aa2c18b90f63c30d5cf5712fcbcb13de1851b793d84670e75e07219a820
SHA512 9d60178e0bde04ceed977e6ce103728d702276613cc7721d4add8831afb2f501688bafc6732143fee03da07d8661a757bd5f76fe0f392990270f20022f1326df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 012f48d317c3d59b9707aaee79c7c2ad
SHA1 3e0588170973fff611b033a5eeb4b1f529cd8142
SHA256 5e08a3ea3a8c10a6219387dbf0ef54121b71b6823906ede16ab94d5bf6e25444
SHA512 75afaf043be6951ecc4e98a6a59ccfbc9f3c01758ada18bc259d415ad96f877742a7996d3f1ba4266f2eecc7153ad716c071fe44b61dc826614b4ec7f70b6489

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9ad745929965b5c02246902c0026299b
SHA1 02121159f3edca4cb62f5e2180fabf160cd3c7b5
SHA256 ea514becaf96552ee6dcb3f3698dc3b1057dc262d82e7d1ebc7bccd890cae888
SHA512 2428f6cf0a03ed3014da9bc407bb9b46fe2798c32bb0708e4e48a55d7bd78f718ddb88e5ddaea20b59bb898b75f3256ac54f8d03e17aeaffe4207e5c969c36fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 c0b10a2e966ff93c049c28a9f5e3aa4e
SHA1 0a49393ec88741d3be83319c05a92181f01c1538
SHA256 77368fd92157ec11c3570b32f92a024882ecf77e6c74d4c35c4f3b6cd7085cba
SHA512 3bf99217c9fb02aca4ff0b0775899bc3ab9ebee5681ffb3b63092b4425b718cf61bd6924282a7b797b86d89d5fdf0bc4ebb1c9679553a822e41b84a06618a521

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0a92d7d0f462109d_0

MD5 8d8340b11ae0dee03e56c85536c8335e
SHA1 a8790f1439efc244c54d5879e6e476bd6e2db660
SHA256 1da13017953f969ce3b494b384ed1494512c739f28e45462eacb38f02d3de7ea
SHA512 e2afba59ddad37c0f3e716ee899d79e59aef441bddef95b430c58bc2cfd7703df2cf0d762bfdf1e98b9d899879d500c9b997c24fd9948b0406a73f0bd4c123d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ec809b6e6f1ea91d_0

MD5 224412ee97fe3efe64953458bec525f8
SHA1 3fbec0ef8291f0d6920ca1418da5500bb20decb0
SHA256 69013ba3503111d8c15083d06c3cfb5dbf3721cd630793db1f1f08b6ac25b7f6
SHA512 3f886634f026af58f6c22439de8a4ead3103df0dbe631788ee2fb3ddc633859c422a2964c59286005390511bc534e2c29b1eb3131cada60b6f4a5e0a5bb2c30a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\18355b1add41d57c_0

MD5 82d9b8d1e5b449218a842373fa35e1c2
SHA1 b600db667874956929c93cddf142441020e04850
SHA256 534be21eafcd6d882413901073dfbab97d0ab60d623b76869fdd61f3d7ea86ad
SHA512 a2131da3b53a4b542a245d104502cdacfb018637ea06b225688e2536c84a8a7809d8e540447e7916d9cc991bcfb07b9abbdc9cd7f46073f1fb173738b5bca96c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000035

MD5 c355eafacb45a36e6f6d6dbd52b55b95
SHA1 2016f7f6ab53f96e21204b4dee24a9b8156f5283
SHA256 2dbe980b7a73c9d1cc2779423ae78b1e4521732934c87a29ef5141deb8e436f7
SHA512 0cc5cfcad9659b6d2bdf9f28563905acf3cce6d2a9c3ca7b07d15a2700aeabaa162ec0cf9cc04ee86983470924d5502b4d4ea0e74e00eb31e523f463ba025dee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f8d36084624bc924d88c6bf1e42f8515
SHA1 ab93f03ef71f77e9513dfa5c9b077aa28dfa2cbd
SHA256 0fba1311823f0a8688e424a6330151d08e860da3b677de68c9dbde1c82f08b5f
SHA512 7d2074643d044d4379da41d772cadc381110555d508c3cefb0e25af1c1d38e30625f6728a9caab9ac24ac30a76fb060cc6a287ce79a76b302204f509fbc549a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c93622985013877f_0

MD5 39a5912828dbb560f2f5111d13515ab2
SHA1 b6647b90123990ebf0d87e3cd56fca919233c6f6
SHA256 a378ad00b7a93c195ce94950c9a7fbd6892d6f20a43d728cc67fd374bfccef9b
SHA512 e24395497dbdf25101cb948b710b8b1d5daa390f077aa0a3f3a8dadb249b23f2edc27e8722ab5684bb6fe436f2bbc0673145141f4f25b7b31e0042201a31be0b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\07a0c4a3e1abceea_0

MD5 1f72b6c4be365f185aeddb9aff01b64d
SHA1 9818dbe9e34acbf01e66dc2db75a1a7aa23334f4
SHA256 2570de79f32025b153d4aa3af2a3ee216e16754bf750fc8d152d3da10aa5a758
SHA512 8427adffefab7a70c87b7448bf47a608baaca196edd432335da59e8901841e60b746a37fd2db956ea6af1df58c3b4d92a1387c947bdcf7615b5d90e5bfbb4f9e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\230626c44da2ff73_0

MD5 df11d27de8a66de35f090ac3dabb23c6
SHA1 787265db184360ecba39c347d405c35de3ceae83
SHA256 11dcea82f1d6017f783d2bfd185596439b7cfb71c95816eed98441298d992c49
SHA512 e6ad128653ff6dc1f7af2904ae37f65500682aec004a73d34614d66e8f860be0fc0a1a902b665e1757fb89a3e748c091aaa84223165d19fb0df61f61ade9282d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\be50df2c5420f5a4_0

MD5 517cae28d8e768b8b4a1900928fe6683
SHA1 f19e3f2dbe554dfd4932022b9f7dfe3e876b0c02
SHA256 2e9dcfe2118b0ef7f1c5d764ee3a93eb36d5c0b579e72d6936c77ab714fedf69
SHA512 4013a1772e6d3ad52b7d3b7c9f7660b8295550ab03902f9ea0203876ee155759a324c5678442af99d11c79e9b22aec822584ce79b0f5d5801297ab63c3590900

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\031e6654100ed80c_0

MD5 fcc219d7715930cc50ba74bdec744344
SHA1 57bc902bb0d836118b88afe77732a2ab3c11494e
SHA256 2ff1f98e424117ed5c8e0c459ca091befcf7e2311c2b9c057611b96296bed371
SHA512 e04661de5c5f810c4d86b70974302f9da1c0213e3afcdab49b296658c168edd2b0160febdc7e2c8fd08e598d1a06f86a4e05cf44c5fb0de08f2cbc1dfd3ab155

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\81037e226035aa29_0

MD5 d37c1095dd8c09ec75254ee6b7018bf4
SHA1 e6ce505c119b1cb728eb36eb8d5ebb0bf59e5df2
SHA256 bd8428193c81861f0eaa9960569e1d290e7ebb2e3686f1d92403b5401217942e
SHA512 ea87c9bab3dfa7b724d6bd8f2377448cf363691b359635ccf7313558ff783a92e3513174f04e800b103cfe81ba1de7db80ece00614962bc4135b6687191c9834

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cc9bdff952f292fe_0

MD5 5f030be844850bc970e12b3a55c66600
SHA1 7640e7e5c9c435f613194573561b60942eaad330
SHA256 631d832cc1bd6c2f50cdc29457c7b40d1708eecb645fada64dd8c7ecd4acff15
SHA512 eb857aae71fc969b177ada1f55a0aa7e2315b7c5dd6bcdeb409aaf8c480e6d048112848bfec6895e757a3b9ce135e39995dd7d54adbd54cab0ec82d75418df26

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d7b7cf01a7bf34ee_0

MD5 67fe72b88a07006d791da5680018bf99
SHA1 2713eefc5467d59f166e37bbc4a38532d567a13f
SHA256 d05b550974a74ce07cfc67601516998a23106434fe7595d1b3cf424d0892285d
SHA512 dab0983233b7467d6dfb68e91854f9f83701acb0239446c3e79da9a303253dc3c24941c6cefa927313fdc20bd68a915c552de14d5aa6530e7ad251bf0a34b6d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3c1b71d6c92f4ff2_0

MD5 0bfe0b8c281d6138e4f8b15278c055e8
SHA1 77cecb81270a9aee90018876a3121f143dbae234
SHA256 ad0090c56ae97b78b275a1396171006095c433d180bc83264c9df7456f736ec7
SHA512 68d5e24ecffadf9abd7b6dc021b43886a6ed063e3d26f88bd00b5003f1fb7eb0f38ce0805baf1d68292d56abe39ff3bd1adb32dd89ce7713242f8f01b2d9474f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\50e7ca177d06e22b_0

MD5 506bd4f844b5fb105a35c919381bcb36
SHA1 1bb911d81d854cc7ed89842f4f5fe423cb1a9ccc
SHA256 ce664da5e8cb9dc48f3cf5062eb1016bde445fb7609b0bff65351b0e85d06bf1
SHA512 727a532fcbee7ba98888dc7d01b05efc71b09c25b3b64c7b639f81cc3eaf0c186c9d9aa765e127465534bb386cafdd2ecde4fb4c51150e9ea7f9970052541b95

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\890341016b4cb769_0

MD5 5f16804efc2da46d9de9663b26a3c4c3
SHA1 e3cc0b1e0382cbaba4888f1d89d83fe6cc2bca5d
SHA256 cdf0ffc5c63ffed8e85e97faea65250795f9f2fa2e9c72f5ae54a762b2da2276
SHA512 ca321ad89ef6fa1521aff38081da3e988f92c950b673f7b8630e1efab3adfc49d5ed292227f20860ecd2695ebad0dc0f8c536e9f8619fd827233590a7ffc8ec8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8b0e541cef36724d_0

MD5 eba7e34902b2d20989d7f2ef86b2e679
SHA1 9d8d461dda0e0206908d1d0c0586fc19d5f6e5d2
SHA256 de1b887f8bfb7ad8d09f06f601ae4e75117cf8f9e5af0e72a71a76848f1e5951
SHA512 0d3e7b397f2f8a9aedd28a9ffd4918912f7db5f66abcf1e0ed4eb950b41db5a018b1cf1813624c0076882ff0fad149c8754462bd466fd479fbb93039400e3451

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b5c0b0d2ff0cad95_0

MD5 c29659ccfa1dfcddd214d33aa8976678
SHA1 fb1ff0cd6227350f1a074fdb5b4d90f576c572fc
SHA256 bdb929d2d0811eb9959297e4a8e5f1994c866fa3e1ff109bc496e2bb65cbe3e4
SHA512 1cb304c35a1ba7e90b8ecd7e770ffb2ea8b84b4894c83ddc47985c232264a5cd725ce1ae871c220505a59cacfb069028b212fc5db121bcfc560359c919a2fe69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8d36f7b1d35012b0_0

MD5 d4deaa78236759495e4596e46426b018
SHA1 e575c22aa3672dc4a9a876e92184294f106d5cf7
SHA256 5622ea1c00e92bf2609a9b05a801af0ad4f80560368a6fe52bffc839c004ee56
SHA512 6e2f5e94a803250e9ab5b7e7c80c3c12b912b71c57e931dd33a61de706bf3cefd87d54df0007e8d0d7de40d99ddaa557ac472f6bba7a5712d6bd6d7aa05a7472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\8866f8e5-458b-4d0c-84da-e2a89e65cfb1.tmp

MD5 baecfbb5bc298090c412ba7bda70ae79
SHA1 113871567746963164c71ae279eae85726495cc5
SHA256 92df8ebcb05e8347d2e21918f91dff4d8f6a555f6e40ffb7e361a448cd856fd2
SHA512 1ce4b5b206484d8fdd7a8bd2e3c9f41e339dd372e8d3aa3800131869e5875af71b50f2ed3ba4db1f9c099c55bfb09cea63f5a7e77c884b21ec0740dacc52f0a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e8a9f714a547c488b87750dec6faafc2
SHA1 d6a1680e8532d0ebdca71fb9fe1dc38805b238da
SHA256 f5967f26af63101b53464f37218d0d67498eba808a64f44f8b3ddbed7b13b286
SHA512 b000c9e6033f82567c398c55d9c4d2f6f8cbb4ee8872bb3c82d4706819531035c14478df09b6d3bf5109b3cf443b0c53b0f9f270a980f739b0f70982a3b1a0c0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7d343624841777def4b86fcacf5c5645
SHA1 4977d2ff65da5abddedbdabf2c6318035167eb87
SHA256 24e98125adea0cd988b1ea9069a26837fa6fc6f6bad2be3fb5bb77b8774c7d64
SHA512 1f6e485a095c4e8818d014948f4f8eed7970d6915f5afcc5869ca0b5066f51ae68e378bb3656a0c6fe6ae10756d1a529f938cd08670b6bd08c48d2ec69dbf81c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 39a62b8270db8e7029741d4285f67e8b
SHA1 e5728ea4bf3cc0e411870e27cd88bab0a9b6deab
SHA256 aa36fcd593711e13b4819699b2ded9a543729cbc6baa98ef4219d420c798ce47
SHA512 186ab3f3d746106f076aecb97392489402c829ca869800f549fc22b3aab36847f88363509510f5d6cec56a0b103839d79918244b533eae1924d2cce5f9cfb74c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f33035f077ac093c112ea8ffcdc4351e
SHA1 e4b7756c58827c9d38877b631bfe27240e5a4d4f
SHA256 6f2d85bcfc81638de852f4a7d4327302120fbedd9f8ce309414ff8607435595a
SHA512 e163ca286abac804d5505700210804c15ceb8cd228484f7a5bb63624409ccff9b85d8ffa5916b11b611c638b7afa8c69e37486c53c476d7d26f6be27c47a5711

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4ddeb9934230690fa64b414d66930bd5
SHA1 960375dc01be8794473d5433d78c0be3128fc615
SHA256 081f3c6f6825529b201f486184998c51f1786003d136a71d4581043887705e99
SHA512 1019484572ccb4ab529c4a5873df5f4f3b30c0fc1f9536e7c08982846501ac7916096bc96cf93641b04dcd938f4e0e6d3f423f883f9fea64f558468def9719ca

memory/5044-2299-0x00007FF9EAB20000-0x00007FF9EBAAC000-memory.dmp

memory/5044-2302-0x00007FF9EAB20000-0x00007FF9EBAAC000-memory.dmp