Resubmissions

09-06-2024 06:53

240609-hntvvafb5y 4

09-06-2024 06:49

240609-hljbbsfh63 8

Analysis

  • max time kernel
    143s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09-06-2024 06:49

General

  • Target

    sample.html

  • Size

    838KB

  • MD5

    738e355481dead5711c1bdb4ec771639

  • SHA1

    8ca48316dd082be155994c8e3b143135e702b8a6

  • SHA256

    7e1c175a3e4709a8bfb2ca99f32e266c237a1b7970898d3dd920cb5a561dc180

  • SHA512

    bf65ac9624596d4c19eb107daa23430fdff2cc939ea1bcc1f25d40484210cfe3f14ab66fcd32b93939bbb8e323e946d0cce170c7c30dbb2cfc2462dfa173d637

  • SSDEEP

    6144:YhLZaq4DPFgKsfS8raaRsSbRitbTeqeem7SD0LY1m7ow:FLawZTeqeemHLY1mT

Malware Config

Signatures

  • Downloads MZ/PE file
  • Sets file execution options in registry 2 TTPs 2 IoCs
  • Checks computer location settings 2 TTPs 4 IoCs

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE 15 IoCs
  • Loads dropped DLL 64 IoCs
  • Reads user/profile data of web browsers 2 TTPs

    Infostealers often target stored browser data, which can include saved credentials etc.

  • Registers COM server for autorun 1 TTPs 20 IoCs
  • Adds Run key to start application 2 TTPs 2 IoCs
  • Checks for any installed AV software in registry 1 TTPs 4 IoCs
  • Checks installed software on the system 1 TTPs

    Looks up Uninstall key entries in the registry to enumerate software on the system.

  • Looks up external IP address via web service 4 IoCs

    Uses a legitimate IP lookup service to find the infected system's external IP.

  • Writes to the Master Boot Record (MBR) 1 TTPs 2 IoCs

    Bootkits write to the MBR to gain persistence at a level below the operating system.

  • Drops file in Program Files directory 64 IoCs
  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Checks SCSI registry key(s) 3 TTPs 2 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Enumerates system info in registry 2 TTPs 6 IoCs
  • Modifies Internet Explorer settings 1 TTPs 8 IoCs
  • Modifies data under HKEY_USERS 2 IoCs
  • Modifies registry class 64 IoCs
  • Modifies system certificate store 2 TTPs 6 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 64 IoCs
  • Suspicious use of AdjustPrivilegeToken 64 IoCs
  • Suspicious use of FindShellTrayWindow 64 IoCs
  • Suspicious use of SendNotifyMessage 49 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 64 IoCs

Processes

  • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
    "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\AppData\Local\Temp\sample.html
    1⤵
    • Enumerates system info in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SendNotifyMessage
    • Suspicious use of WriteProcessMemory
    PID:4816
    • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
      "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0x40,0x108,0x7ffbf8c646f8,0x7ffbf8c64708,0x7ffbf8c64718
      2⤵
        PID:3644
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2056,13145568603763291862,12728306280498943233,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
        2⤵
          PID:3916
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2056,13145568603763291862,12728306280498943233,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2120 /prefetch:3
          2⤵
          • Suspicious behavior: EnumeratesProcesses
          PID:4744
        • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
          "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2056,13145568603763291862,12728306280498943233,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2720 /prefetch:8
          2⤵
            PID:4140
          • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
            "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,13145568603763291862,12728306280498943233,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3248 /prefetch:1
            2⤵
              PID:4948
            • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
              "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2056,13145568603763291862,12728306280498943233,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3276 /prefetch:1
              2⤵
                PID:2840
            • C:\Windows\System32\CompPkgSrv.exe
              C:\Windows\System32\CompPkgSrv.exe -Embedding
              1⤵
                PID:4592
              • C:\Windows\System32\CompPkgSrv.exe
                C:\Windows\System32\CompPkgSrv.exe -Embedding
                1⤵
                  PID:1824
                • C:\Program Files\Google\Chrome\Application\chrome.exe
                  "C:\Program Files\Google\Chrome\Application\chrome.exe"
                  1⤵
                  • Enumerates system info in registry
                  • Modifies data under HKEY_USERS
                  • Suspicious behavior: EnumeratesProcesses
                  • Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
                  • Suspicious use of AdjustPrivilegeToken
                  • Suspicious use of FindShellTrayWindow
                  • Suspicious use of SendNotifyMessage
                  PID:1356
                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbf822ab58,0x7ffbf822ab68,0x7ffbf822ab78
                    2⤵
                      PID:2600
                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:2
                      2⤵
                        PID:1560
                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1956 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                        2⤵
                          PID:4708
                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2220 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                          2⤵
                            PID:1832
                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2980 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                            2⤵
                              PID:1976
                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2988 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                              2⤵
                                PID:4212
                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4364 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                2⤵
                                  PID:3628
                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4476 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                  2⤵
                                    PID:4868
                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4220 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                    2⤵
                                      PID:1700
                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                      2⤵
                                        PID:2312
                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4872 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                        2⤵
                                          PID:3216
                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4880 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                          2⤵
                                            PID:2172
                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5068 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                            2⤵
                                              PID:2580
                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4976 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                              2⤵
                                                PID:2956
                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4100 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                2⤵
                                                  PID:4844
                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4188 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                  2⤵
                                                    PID:588
                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3080 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                    2⤵
                                                      PID:436
                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5140 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                      2⤵
                                                        PID:5032
                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4280 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                        2⤵
                                                          PID:4444
                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4108 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                          2⤵
                                                            PID:1340
                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4340 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                            2⤵
                                                              PID:2280
                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5620 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                              2⤵
                                                                PID:3504
                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4616 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                2⤵
                                                                  PID:3980
                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4472 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                  2⤵
                                                                    PID:5136
                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5516 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                    2⤵
                                                                      PID:5800
                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6124 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                      2⤵
                                                                        PID:5820
                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6152 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                        2⤵
                                                                          PID:5828
                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6284 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                          2⤵
                                                                            PID:5996
                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6164 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                            2⤵
                                                                              PID:6080
                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6120 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                              2⤵
                                                                                PID:6088
                                                                              • C:\Users\Admin\Downloads\Setup.exe
                                                                                "C:\Users\Admin\Downloads\Setup.exe"
                                                                                2⤵
                                                                                • Executes dropped EXE
                                                                                PID:1320
                                                                                • C:\Users\Admin\AppData\Local\Temp\7zS82518897\WebCompanion-Installer.exe
                                                                                  .\WebCompanion-Installer.exe --savename=Setup.exe --partner=IN240401 --nonadmin --direct --tych --campaign=18142067438 --version=12.901.4.1003
                                                                                  3⤵
                                                                                  • Checks computer location settings
                                                                                  • Executes dropped EXE
                                                                                  • Loads dropped DLL
                                                                                  • Suspicious behavior: EnumeratesProcesses
                                                                                  • Suspicious use of AdjustPrivilegeToken
                                                                                  PID:5436
                                                                                  • C:\Windows\SysWOW64\cmd.exe
                                                                                    "C:\Windows\System32\cmd.exe" /C netsh http add urlacl url=http://+:9007/ user=Everyone
                                                                                    4⤵
                                                                                      PID:2724
                                                                                      • C:\Windows\SysWOW64\netsh.exe
                                                                                        netsh http add urlacl url=http://+:9007/ user=Everyone
                                                                                        5⤵
                                                                                          PID:5404
                                                                                      • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                                                        "C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe" --install --geo=
                                                                                        4⤵
                                                                                        • Executes dropped EXE
                                                                                        • Loads dropped DLL
                                                                                        • Adds Run key to start application
                                                                                        • Modifies system certificate store
                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                        PID:3052
                                                                                      • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe
                                                                                        "C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe" --afterinstall
                                                                                        4⤵
                                                                                        • Executes dropped EXE
                                                                                        • Loads dropped DLL
                                                                                        • Adds Run key to start application
                                                                                        • Checks processor information in registry
                                                                                        • Modifies system certificate store
                                                                                        • Suspicious behavior: EnumeratesProcesses
                                                                                        • Suspicious use of FindShellTrayWindow
                                                                                        • Suspicious use of SendNotifyMessage
                                                                                        PID:4488
                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" https://webcompanion.com/en/install.php?partner=IN240401&campaign=18142067438&
                                                                                        4⤵
                                                                                          PID:3680
                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffbf822ab58,0x7ffbf822ab68,0x7ffbf822ab78
                                                                                            5⤵
                                                                                              PID:892
                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=2352 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                        2⤵
                                                                                          PID:6116
                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=2340 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                          2⤵
                                                                                            PID:5260
                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6296 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                                            2⤵
                                                                                              PID:6124
                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6616 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                                              2⤵
                                                                                                PID:5356
                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=6676 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                2⤵
                                                                                                  PID:5812
                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5136 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                                                  2⤵
                                                                                                    PID:6108
                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=848 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                    2⤵
                                                                                                      PID:2396
                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=6700 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                      2⤵
                                                                                                        PID:4268
                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=6528 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                        2⤵
                                                                                                          PID:4080
                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=3164 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                          2⤵
                                                                                                            PID:1012
                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5580 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                                                            2⤵
                                                                                                              PID:5996
                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=3056 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                              2⤵
                                                                                                                PID:5460
                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=4916 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                2⤵
                                                                                                                  PID:4388
                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=5728 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                  2⤵
                                                                                                                    PID:5128
                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=5200 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                    2⤵
                                                                                                                      PID:5368
                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=46 --mojo-platform-channel-handle=5416 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                      2⤵
                                                                                                                        PID:5340
                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=5168 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                        2⤵
                                                                                                                          PID:5276
                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=4436 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                          2⤵
                                                                                                                            PID:5308
                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=4440 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                            2⤵
                                                                                                                              PID:3772
                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=4388 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                              2⤵
                                                                                                                                PID:4976
                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=6652 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                2⤵
                                                                                                                                  PID:3744
                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=52 --mojo-platform-channel-handle=7152 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                  2⤵
                                                                                                                                    PID:5272
                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=7196 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                    2⤵
                                                                                                                                      PID:3576
                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=7204 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                      2⤵
                                                                                                                                        PID:3556
                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=7332 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                        2⤵
                                                                                                                                          PID:4556
                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=56 --mojo-platform-channel-handle=7496 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                          2⤵
                                                                                                                                            PID:5456
                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=57 --mojo-platform-channel-handle=8052 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                            2⤵
                                                                                                                                              PID:5648
                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=58 --mojo-platform-channel-handle=7592 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                              2⤵
                                                                                                                                                PID:3156
                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=59 --mojo-platform-channel-handle=7020 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                2⤵
                                                                                                                                                  PID:2584
                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8188 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                                                                                                  2⤵
                                                                                                                                                    PID:2616
                                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8504 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                                                                                                    2⤵
                                                                                                                                                      PID:2924
                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=62 --mojo-platform-channel-handle=8660 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                      2⤵
                                                                                                                                                        PID:6468
                                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9136 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                                                                                                        2⤵
                                                                                                                                                          PID:6496
                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8640 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                                                                                                          2⤵
                                                                                                                                                            PID:6572
                                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=8744 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:8
                                                                                                                                                            2⤵
                                                                                                                                                              PID:6580
                                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=66 --mojo-platform-channel-handle=8164 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                              2⤵
                                                                                                                                                                PID:6660
                                                                                                                                                              • C:\Users\Admin\Downloads\avg_secure_browser_setup.exe
                                                                                                                                                                "C:\Users\Admin\Downloads\avg_secure_browser_setup.exe"
                                                                                                                                                                2⤵
                                                                                                                                                                • Checks computer location settings
                                                                                                                                                                • Executes dropped EXE
                                                                                                                                                                • Checks for any installed AV software in registry
                                                                                                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                • Suspicious use of SetWindowsHookEx
                                                                                                                                                                PID:6884
                                                                                                                                                                • C:\Users\Admin\AppData\Local\Temp\aj3B5C.exe
                                                                                                                                                                  "C:\Users\Admin\AppData\Local\Temp\aj3B5C.exe" /relaunch=8 /was_elevated=1 /tagdata
                                                                                                                                                                  3⤵
                                                                                                                                                                  • Checks computer location settings
                                                                                                                                                                  • Executes dropped EXE
                                                                                                                                                                  • Checks for any installed AV software in registry
                                                                                                                                                                  • Writes to the Master Boot Record (MBR)
                                                                                                                                                                  • Checks SCSI registry key(s)
                                                                                                                                                                  • Suspicious use of SetWindowsHookEx
                                                                                                                                                                  PID:6856
                                                                                                                                                                  • C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe
                                                                                                                                                                    AVGBrowserUpdateSetup.exe /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9228&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --import-cookies --auto-launch-chrome"
                                                                                                                                                                    4⤵
                                                                                                                                                                    • Executes dropped EXE
                                                                                                                                                                    • Drops file in Program Files directory
                                                                                                                                                                    PID:9008
                                                                                                                                                                    • C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe
                                                                                                                                                                      "C:\Program Files (x86)\GUM6538.tmp\AVGBrowserUpdate.exe" /silent /install "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9228&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --import-cookies --auto-launch-chrome"
                                                                                                                                                                      5⤵
                                                                                                                                                                      • Sets file execution options in registry
                                                                                                                                                                      • Checks computer location settings
                                                                                                                                                                      • Executes dropped EXE
                                                                                                                                                                      • Writes to the Master Boot Record (MBR)
                                                                                                                                                                      • Drops file in Program Files directory
                                                                                                                                                                      • Modifies Internet Explorer settings
                                                                                                                                                                      PID:4908
                                                                                                                                                                      • C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
                                                                                                                                                                        "C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regsvc
                                                                                                                                                                        6⤵
                                                                                                                                                                        • Executes dropped EXE
                                                                                                                                                                        • Modifies registry class
                                                                                                                                                                        PID:7156
                                                                                                                                                                      • C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
                                                                                                                                                                        "C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /regserver
                                                                                                                                                                        6⤵
                                                                                                                                                                        • Executes dropped EXE
                                                                                                                                                                        • Modifies registry class
                                                                                                                                                                        PID:4632
                                                                                                                                                                        • C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
                                                                                                                                                                          "C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"
                                                                                                                                                                          7⤵
                                                                                                                                                                          • Executes dropped EXE
                                                                                                                                                                          • Registers COM server for autorun
                                                                                                                                                                          • Modifies registry class
                                                                                                                                                                          PID:8796
                                                                                                                                                                        • C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
                                                                                                                                                                          "C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"
                                                                                                                                                                          7⤵
                                                                                                                                                                          • Executes dropped EXE
                                                                                                                                                                          • Registers COM server for autorun
                                                                                                                                                                          • Modifies registry class
                                                                                                                                                                          PID:3060
                                                                                                                                                                        • C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe
                                                                                                                                                                          "C:\Program Files (x86)\AVG\Browser\Update\1.8.1693.6\AVGBrowserUpdateComRegisterShell64.exe"
                                                                                                                                                                          7⤵
                                                                                                                                                                          • Executes dropped EXE
                                                                                                                                                                          • Registers COM server for autorun
                                                                                                                                                                          • Modifies registry class
                                                                                                                                                                          PID:1504
                                                                                                                                                                      • C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
                                                                                                                                                                        "C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgb21haGFpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHVwZGF0ZXJ2ZXJzaW9uPSIxLjguMTY5My42IiBzaGVsbF92ZXJzaW9uPSIxLjguMTY5My42IiBpc21hY2hpbmU9IjEiIGlzX29tYWhhNjRiaXQ9IjAiIGlzX29zNjRiaXQ9IjEiIHNlc3Npb25pZD0ie0M3NkU1MjNELTVERkUtNDg4MS05M0IzLUExN0ZFREMzMjRCMn0iIGNlcnRfZXhwX2RhdGU9IjIwMjUwOTE3IiB1c2VyaWQ9Ins1MDVFNTU3RS00M0ZCLTRBMDQtQkZGRS0yMTAwOTRDRTMxREJ9IiB1c2VyaWRfZGF0ZT0iMjAyNDA2MDkiIG1hY2hpbmVpZD0iezAwMDA5QkIwLTk4NjYtMzU5Mi1BM0E2LTA4NkJDQzI5MDlFN30iIG1hY2hpbmVpZF9kYXRlPSIyMDI0MDYwOSIgaW5zdGFsbHNvdXJjZT0ib3RoZXJpbnN0YWxsY21kIiB0ZXN0c291cmNlPSJhdXRvIiByZXF1ZXN0aWQ9IntGN0U4NEFBNi1FOEIyLTRFRTMtOEY3RC0wMjA4QzNBODM1NjN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjgiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0Ii8-PGFwcCBhcHBpZD0iezFDODlFRjJGLUE4OEUtNERFMC05N0ZFLUNCNDBDOEU0RkVFQX0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEuOC4xNjkzLjYiIGxhbmc9ImVuLVVTIiBicmFuZD0iOTIyOCIgY2xpZW50PSIiPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiIGluc3RhbGxfdGltZV9tcz0iNjIzIi8-PC9hcHA-PC9yZXF1ZXN0Pg
                                                                                                                                                                        6⤵
                                                                                                                                                                        • Executes dropped EXE
                                                                                                                                                                        PID:4016
                                                                                                                                                                      • C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
                                                                                                                                                                        "C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /handoff "bundlename=AVG Secure Browser&appguid={48F69C39-1356-4A7B-A899-70E3539D4982}&appname=AVG Secure Browser&needsadmin=true&lang=en-US&brand=9228&installargs=--no-create-user-shortcuts --make-chrome-default --force-default-win10 --import-cookies --auto-launch-chrome" /installsource otherinstallcmd /sessionid "{C76E523D-5DFE-4881-93B3-A17FEDC324B2}" /silent
                                                                                                                                                                        6⤵
                                                                                                                                                                        • Executes dropped EXE
                                                                                                                                                                        PID:2116
                                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=67 --mojo-platform-channel-handle=5500 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                2⤵
                                                                                                                                                                  PID:6944
                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=68 --mojo-platform-channel-handle=7280 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                  2⤵
                                                                                                                                                                    PID:6972
                                                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=69 --mojo-platform-channel-handle=7232 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                    2⤵
                                                                                                                                                                      PID:6980
                                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=70 --mojo-platform-channel-handle=7320 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                      2⤵
                                                                                                                                                                        PID:7060
                                                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=71 --mojo-platform-channel-handle=9176 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                        2⤵
                                                                                                                                                                          PID:7140
                                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=72 --mojo-platform-channel-handle=8920 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                          2⤵
                                                                                                                                                                            PID:6316
                                                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=73 --mojo-platform-channel-handle=9340 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                            2⤵
                                                                                                                                                                              PID:6452
                                                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=74 --mojo-platform-channel-handle=9300 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                              2⤵
                                                                                                                                                                                PID:5380
                                                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=9640 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:2
                                                                                                                                                                                2⤵
                                                                                                                                                                                • Suspicious behavior: EnumeratesProcesses
                                                                                                                                                                                PID:2888
                                                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=76 --mojo-platform-channel-handle=9636 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                2⤵
                                                                                                                                                                                  PID:6544
                                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=77 --mojo-platform-channel-handle=9828 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                  2⤵
                                                                                                                                                                                    PID:6640
                                                                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=78 --mojo-platform-channel-handle=9780 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                    2⤵
                                                                                                                                                                                      PID:5464
                                                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=79 --mojo-platform-channel-handle=5628 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                      2⤵
                                                                                                                                                                                        PID:6928
                                                                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=80 --mojo-platform-channel-handle=7972 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                        2⤵
                                                                                                                                                                                          PID:3860
                                                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=81 --mojo-platform-channel-handle=2328 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                          2⤵
                                                                                                                                                                                            PID:6464
                                                                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=82 --mojo-platform-channel-handle=5400 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                            2⤵
                                                                                                                                                                                              PID:6456
                                                                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=83 --mojo-platform-channel-handle=8064 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                              2⤵
                                                                                                                                                                                                PID:6436
                                                                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=84 --mojo-platform-channel-handle=8872 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                2⤵
                                                                                                                                                                                                  PID:4392
                                                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=85 --mojo-platform-channel-handle=10604 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                    PID:5688
                                                                                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=86 --mojo-platform-channel-handle=4580 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                      PID:6468
                                                                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=87 --mojo-platform-channel-handle=10488 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                        PID:6348
                                                                                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=88 --mojo-platform-channel-handle=10312 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                          PID:6472
                                                                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=89 --mojo-platform-channel-handle=5096 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                            PID:5180
                                                                                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=90 --mojo-platform-channel-handle=8136 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                              PID:6744
                                                                                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=91 --mojo-platform-channel-handle=9148 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                PID:5516
                                                                                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=92 --mojo-platform-channel-handle=10700 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                  PID:6640
                                                                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=93 --mojo-platform-channel-handle=8684 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                    PID:7288
                                                                                                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=94 --mojo-platform-channel-handle=10244 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                      PID:7296
                                                                                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=95 --mojo-platform-channel-handle=11020 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                        PID:7444
                                                                                                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=96 --mojo-platform-channel-handle=10964 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                          PID:7452
                                                                                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=97 --mojo-platform-channel-handle=11208 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                            PID:7600
                                                                                                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=98 --mojo-platform-channel-handle=10516 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                                              PID:7608
                                                                                                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=99 --mojo-platform-channel-handle=9504 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                PID:7688
                                                                                                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=100 --mojo-platform-channel-handle=9476 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                  PID:7840
                                                                                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=101 --mojo-platform-channel-handle=8504 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                    PID:7916
                                                                                                                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=102 --mojo-platform-channel-handle=9588 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                                      PID:7924
                                                                                                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=103 --mojo-platform-channel-handle=4156 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                        PID:3340
                                                                                                                                                                                                                                      • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                        "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=104 --mojo-platform-channel-handle=5892 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                                        2⤵
                                                                                                                                                                                                                                          PID:6824
                                                                                                                                                                                                                                        • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                          "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=105 --mojo-platform-channel-handle=5188 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                                          2⤵
                                                                                                                                                                                                                                            PID:7192
                                                                                                                                                                                                                                          • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                            "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=106 --mojo-platform-channel-handle=5340 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                                            2⤵
                                                                                                                                                                                                                                              PID:7200
                                                                                                                                                                                                                                            • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                              "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=107 --mojo-platform-channel-handle=7184 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                                              2⤵
                                                                                                                                                                                                                                                PID:6580
                                                                                                                                                                                                                                              • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=108 --mojo-platform-channel-handle=8480 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                                                2⤵
                                                                                                                                                                                                                                                  PID:8216
                                                                                                                                                                                                                                                • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=109 --mojo-platform-channel-handle=12072 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                                                  2⤵
                                                                                                                                                                                                                                                    PID:8232
                                                                                                                                                                                                                                                  • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                    "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=110 --mojo-platform-channel-handle=12092 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                                                    2⤵
                                                                                                                                                                                                                                                      PID:8240
                                                                                                                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\chrome.exe
                                                                                                                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=111 --mojo-platform-channel-handle=12108 --field-trial-handle=1976,i,1783535282999659586,1230346392874014524,131072 /prefetch:1
                                                                                                                                                                                                                                                      2⤵
                                                                                                                                                                                                                                                        PID:8248
                                                                                                                                                                                                                                                    • C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
                                                                                                                                                                                                                                                      "C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
                                                                                                                                                                                                                                                      1⤵
                                                                                                                                                                                                                                                        PID:3576
                                                                                                                                                                                                                                                      • C:\Windows\system32\wbem\WmiApSrv.exe
                                                                                                                                                                                                                                                        C:\Windows\system32\wbem\WmiApSrv.exe
                                                                                                                                                                                                                                                        1⤵
                                                                                                                                                                                                                                                          PID:3540
                                                                                                                                                                                                                                                        • C:\Windows\system32\AUDIODG.EXE
                                                                                                                                                                                                                                                          C:\Windows\system32\AUDIODG.EXE 0x330 0x3d8
                                                                                                                                                                                                                                                          1⤵
                                                                                                                                                                                                                                                            PID:1992
                                                                                                                                                                                                                                                          • C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe
                                                                                                                                                                                                                                                            "C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe" /svc
                                                                                                                                                                                                                                                            1⤵
                                                                                                                                                                                                                                                              PID:2924

                                                                                                                                                                                                                                                            Network

                                                                                                                                                                                                                                                            MITRE ATT&CK Enterprise v15

                                                                                                                                                                                                                                                            Replay Monitor

                                                                                                                                                                                                                                                            Loading Replay Monitor...

                                                                                                                                                                                                                                                            Downloads

                                                                                                                                                                                                                                                            • C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              204KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              cbcdf56c8a2788ed761ad3178e2d6e9c

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              bdee21667760bc0df3046d6073a05d779fdc82cb

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              e9265a40e5ee5302e8e225ea39a67d452eaac20370f8b2828340ba079abbbfd3

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              5f68e7dffdd3424e0eb2e5cd3d05f8b6ba497aab9408702505341b2c89f265ebb4f9177611d51b9a56629a564431421f3ecb8b25eb08fb2c54dfeddecb9e9f2e

                                                                                                                                                                                                                                                            • C:\Program Files (x86)\GUM6538.tmp\@PaxHeader

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              28B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              244414574ddbd89afa0fb8c7b7dc6d6e

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              2df961a51c13886a9cb53868d5ac1ec3c6b767b0

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              bd35f097a801a3c234cb868fec228d169bb25f6c5dcaff5efb2f9d81a4d523f5

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              1a8014954385bead00003b8c2b08bb90643b62ca60fe4a091bcd6a16086c084b040e800f311f167941bec34bceb39572add7cf533e386f910d1f40e3f21b1d99

                                                                                                                                                                                                                                                            • C:\Program Files (x86)\GUM6538.tmp\@PaxHeader

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              27B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              fc8ee03b2a65f381e4245432d5fef60e

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              d2b7d9be66c75ccf24fcb45a6d0dacedd8b6dd6f

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              751a04263c2ebb889fdcd11045d6f3602690318ebaaa54f66e1332d76dde9ef4

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              0837f2b22c9629990165c5e070e710a69ad4951b7fcfe28bd52354c4b8a7246672497b8aaf521a8773c7ec2a4249fc4318330948ab0d8db8c6c74da57b32f1c4

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              24KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              87c2b09a983584b04a63f3ff44064d64

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              8796d5ef1ad1196309ef582cecef3ab95db27043

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              69KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              4f9d58547367f284c0fa5c840c00b329

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              afdf5a998830ad8bea4d57ad8cb3882ac911b43f

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              3104d7911ad5190e95f4bcc647740dcc286325ca7a57f46510cd7970aeced0cd

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              7d21bdf059b4cbb5a1203c8c7333ea91118bab3b6d935f59e7e89637eb31d2a28d69033ce8501431dfbcccdb6df1f05d86cc4d99af01c68270a5577b795eb350

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              327KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              f43bae76aca474b1c3c685767390f30b

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              3c0529e776d3adbff6b3da32879f1f67f12ea31d

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              c872f37122385d45ae96b618f1a0298387f90a3baf2e01b64f4a296a9fe230d8

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              6f71a93834388b0c9f3f5ef1c8c0e94bb98122eebbfbeece1403e530f214f36a32557f62e6e862a5d29ab25bc39bdcb14505f99c82cd3355d05c87447b81f3c4

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              133KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              f91dfab9ea71dcac2d56932ee97b4a88

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              ea278ac6e3a673d0047623473051b64a7b9085b5

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              f985b76e4096b86b946fe552479dd890b4510310ca11effdb58035f6f9b236cd

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              7577458acd4ce0e69e73d29c8e332a9089627d1ed31c6e2fe02907bcd539cdfe37126a418a445c6722f2196177cfee4501ec1498a86a0af6cddea3914740b120

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              84KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              ab2a042db4d59320b318e0ebe7fc16db

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              923dd799944998a387dd8bf6fd2e4caef35a6b66

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              65ec066a1c3b030bde7a8c24a3acbcc300f91d7cb318f8408e55796ced8039a6

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              3f261ce079fd340574ee1dbce11099503a8cd30186677944832d9f39bca376fe2b0bd6f436474a836407d3f024f824fdc8958737ff3ea8166089ed51ee9a61ac

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              78KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              b024bec6c4f7497790b0f256b2ca8133

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              82ebc8413750ed3af2903a9a1672c7b719eddf88

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              cb0a12a4221cea7f8fdbd957fe6eb18840b3c1947e750bf6b11a8b1bb75382ea

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              0a282f48f0b55afc510c3375cf08564bec4912b49eff867a000d65bb9337fb0dfb947d6a1a060b9e92ced35324a200025df1790bfd294533afcf7a79ac7718da

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000041

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              93KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              7b1d0b28954f0bb68bfc4bbb2525a142

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              07dacc6944ae7c34d971bb51469716e454f16f30

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              fa1de0268b71358006bcfe17c6eebbc35c9d51c648214820022b63bcd9c1fd4a

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              655cf47f64acc45c119ad92a020b35508382a169106f14627e6108833f2bb5a994cba0f77348bc8dfd38d87163c7ad6867c3b37250ddd6b2d7a0af8c538b4fad

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000042

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              102KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              33baa0c00b64ea001fe19c533b91cdb9

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              5d4f20c11cce8f63dc0492cc9b5520536aed0e74

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              34772ee9cc9af4bf18b5ac532380411f2827509a663bc99d72a53f2f073d4d8e

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              c322574dd8418bf80124a6db598495320eab58f30320323a2dc1d4e34364a1fbb022ef9ef0c7b4c17e19fa4eb15f7f5efbe8171ce61825641351ed33d8c03096

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              107KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              b3baa6daf6e650d825afa26de64f4a1c

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              32fd720530ed7f3ee44abf37adc43c13e7a98521

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              52a3e4e414c9669beeb24f18a109bc892147a81a328f791a93817221f60cd481

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              b4b5f4bee5e5411647c6ea0c01d09fa096139e8bb8701bb4422f5c63665da1d4cae6fd0153e3178dfae67d58a6674916e298315c7246b027368a33a124756d38

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000047

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              16KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              4e7edfe35e22eb75e1595e996560cc51

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              8a4d3ef39ae71b7d5535b0229e59bf0c45d987ec

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              4d2cbe37e9671926fef1d68f9cd970f5948d3c6f69e898e0803e8e5addb25d98

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              661055517d010882c4b88a87e0774570d5e17864b1afa6781a7245bf4c9b0af5efaaaae16eff47eedf4665772c59dbcc619b11b1756940a3baf278b8735e8124

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000052

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              27KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              75f1d5724eddb6c481e2e87727c0a19d

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              3cfe079018e25b2646f23e0744bc5af2114ee256

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              751f9ea75e28033193df30031bf3d33e0553e1644ccbaecb26fe7d3bda21b78c

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              a52fade9a438e7896f12afb5b8cccf05ab2cdd71dcc8683ba80001e74800d0c6a6d446d162e75eff573ccfc7106c1beb6f91bdd41753b81a6f5b7510c7c36b4a

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000054

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              20KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              87e8230a9ca3f0c5ccfa56f70276e2f2

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000da

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              19KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              e78f9f9e3c27e7c593b4355a84d7f65a

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              562ce4ba516712d05ed293f34385d18f7138c904

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              75488ac5677083f252c43009f026c2ec023ac4da3e65c5d7a084742e32abce3d

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              05f9fbbd59c286024b3ad49961c4e0eaa1abcf36ed29a1d07ea73d2b057075d46fbfdda56f135145f942bd0c3d48246c73be1771c21861eec4ddf8bbc365a286

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000de

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              64KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              8b37bb42b1577b08892393df19f534c8

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              e12eaa944bff9ccd0687ac54811a3ada4a5d21e9

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              6cc9e87df3ba27d6dd288a0593a4f70a17ecb0bf5cac0a591ff72f355a9f454b

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              9dba0d070832cecab4c2aa922bd07395b7493845926a5bed5c5f86d61c3b2fff1f6fa12069b7b7abe4f15cd58775ffa238aa36c47e100d7ca544abb3bc1a29b7

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_0000e1

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              23KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              4e23cf0a622effe6072fde83d18d2156

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              bf57a0783c6ceb9547acde6b585b0127c40e17f6

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              dd4fe923e2cd0b31fdec51bd973acf89b180895fdfa82172218a6d96461a5985

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              d45595ddc64e3138d2a4afb2053e0ea7dad66fd726022889ed8452c143449c3e310a9e8fd7f3a7378d0d84506483ad6203ebe2970a55c88bcc3d59fe0ce58449

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              1KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              af6c6fcadaf6afe4800f57ee56992ff0

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              b49c5a5b77692877574cb1f6916cb01ccb30339f

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              cb61386b70c3244358315843784cf070c7da74d07c47e31e9419781149be346e

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              a22ac30bfaf91f8f139f502c77e9582c51f1e72d1c0a7f223144af107683cff1b0bce81329f3bf57e5d88844496d65dd12032618a123d64e925960d572f4da4f

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youporn.com_0.indexeddb.leveldb\MANIFEST-000001

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              23B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              3fd11ff447c1ee23538dc4d9724427a3

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              1335e6f71cc4e3cf7025233523b4760f8893e9c9

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              7KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              56a121516870d42064aad7a884b10fb6

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              3a6c710c8f88e2fcd36b26d210e3e33fb538b424

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              c8d80b45b42840f6ba31d04675b63d7444251f4728da4fc25f58a102c933d8f7

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              1eb361b72818552a2a29069e74f2f739a8aba7c545605f4fc41273d694136829a5853f83afbd1eb5a67dfb4d36ec5b07d4e638fb4bad253811ed26c5ab467630

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              23KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              9e808546b15dcbde3a43624e7097db2f

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              f1b0b639539997bc1577a1aa2661fd3793a7ca63

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              de7aca9b239dee8c694378826aa5d8b527343ffc4a371d6cb4ff891a85aeb198

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              78e1e739c85932f6126ba5dacea0420dec5203e177a87195a87e5101919236e4352c5c43b2bbf3d33495db67f32774d6061fa5be290f416bcb290b0d2172efd2

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              d751713988987e9331980363e24189ce

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              97d170e1550eee4afc0af065b78cda302a97674c

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              b54a50c368fba2993b048e7defbd3b46

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              c00f3699deca9ba7a2f0dd22f5bd141964292992

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              1b7c39257f63ebd4ffaadf5a38efac81e90cd95bbb7e4e6d9076ca274dbff10a

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              5c46f32d83c0687dd69f561238a190256b62a39c33cc196c9949c8e12ede0f4598925be0ee667a13e2473fe2b2f010cf5f3f4f250be21bfc9c7639e26fc11c50

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              1ba01cf4f039d593b74553fb3ba51e50

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              32789d78deb3f761463a44a4fdd29b0f5021c765

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              b6385badf62884c9068167b62c0a87a7a1e8307cffb59d5d8045641873764b9d

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              e75a635a75c666ea26ef58fce20fdfd04944490f263a1e35491561973d6c9fe476f19b58a9b0008108e482d1de2036a8751de610ec189269f08883434a129c9d

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              356B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              8e77c6e874fcded06554d8965988c69d

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              fd9fc551d3cbd3b485f3dfabb5277bb35bb5c46a

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              989c3449934c28c8e4ca583de4672771f41d5efd7f443b47cdf0fee78280b84c

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              9b964b2d2dc1ecae7041601c3eb2cc4c1248469cad5781d731e4ca0eaecd2c9e9fd7905cd7ca39def7b0657673737530226c8420a90223469f066647817d7610

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              1KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              290068d46d2e7f5022d9d986ac0d6df3

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              c1fcc295254e0235f692426cd1870c99f7909142

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              4a13208e91069755c4ed786217f971c0ce9ea542cc23e8315a8e7eb4e2fb8b0a

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              7bb7945200f42de2f139185cb4a9efda2db3fca5e66f6b5e218e588311b8c793b19d03a3aabd5949debfa6fcfb06c9ac5f113a593359632cb4e3e32d4623ffaf

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              8b4912ebc403a9ccff63dae2ab23ed77

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              fc35fba80beebc877e17a06277faef063620fbaf

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              8551ef1e0deedf4549b8f652b4871dd2906ab2d2c8734c2349f1f771b592cfe0

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              30a090c1847c0ec1f33b99085b438b17a7d2321ffed98a9eedb8de0e0649158603bf0c8401101a9af9dd6d6fc824c97cab44bae7cfcab885b0b2a7760a48f07b

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              8KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              e62dd02458726b10ddf9674574e9b6ec

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              c6b471e2c95dc36a091ddd007c2e2916a469a494

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              31756a0515c68ba9455432dd3d82a5a7c0f9dbe0574d9aa11749d46717328dda

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              ce93fb4f5af6255a0c1cea294a2a2451b2a8f9fa4aca45490bae3de31a6259e0629b062241f7e127c50728752a99fe26a050086bdaa72b86da7977955bdda038

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              9KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              e29a1b2f3b5cc0552d7e34fda2e83077

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              0fc7a3174d322208d42e937b4cbc8fed81d1316a

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              584d1e118ed05438f92807a11171dc5d39dffed88254ea5f911e1a7fa5e9fc75

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              f54def62993953810b0946cdd509e28a8d2302278e61f936abb7658a319c9998360f674b551890bbcc3cabcfa68f414ec908619e179ca63f088651c7663621aa

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              bd29d145236c284685a2551b4395eb0e

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              f43c504208d0dc29c1f8e5bcfaef11062c295d34

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              de29bdcaec912e7c30ed3d9b5d3bed4d089704bd2c45fa38c1a7c0c75d26a3af

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              3a7e6ca53e6f6dbd244e8e6da95a0147bcb932d1a3f35f59da8fbdb1e6ad2b7f3a429ea98287cbebd5cdd64217858473a67a6e5d8138c9806f90ac7014b1cc48

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              4cea2d8e4bc2bd6e7a9b2b9c6a1fafec

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              16239cb52b3dc70c0c96ae007dc70beffc5859cd

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              f857a98999989dc440716c45701df49cbbe331085685aaa2189bd1eedf366eae

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              dd5adf46ce697cd6ba9e0ac6c53215be902ac6edd3e766aecbf9bb5d1506af0d11f82b63169df084f60a54178bc808a1e77c66d021b0943c40fd1c48aa5887d3

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              d45646625150b59a83a4240f93fabfa4

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              f3516a315de906a3e2b56902ebfc6cee6f19b5fe

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              09149f6bc87c37f85e179e949c2a63632bb6b8620a4022b24c3e8542de13520d

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              03d5d0bc9c7073c1d03e2311b528767a9493c6f7337c1d5c7480b2c62d683ed2d2f3a0146ec45dc3160b17105bdf34e37bb1d6add27bb2268ba8af942ec033eb

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              6KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              d93901526ef4ba4faa99f30a2ad6f7d2

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              85e6d618c6d99fcbaf59f70286672b143ab1d757

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              be97c83cd133c529352f8e31b300971d342faa2fb86c5d136a1abd6c1a4a5bf0

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              94f3b275184a0705d48d75b52cf2f29cc92ef3142803d8eaee57f629a237e426b481386808bb6f9240027e1dbae52e6bff83f2d9a1055616dfd07ef9fe84b0d0

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              be2e1ccd8286d5a868558db2d19c966d

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              b744c1ae72b2415ad340d09feadc5cc7f1f5adfb

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              fd52de49f880a234d1c298be1f12a26530d38414571ca1fcf9e941524222a892

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              3c8624c6aa49d8b0446cfc8fd21b95c4ec01c2234943450f2191a6d110f555aae1887da8563b7c151abbce8c885beae40bdc1037a8870d59c71e3cedbf64e62c

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              8KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              66940266cf8beca9f0a6ef116986ce63

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              df7f27dac4bb2940a04fc0d38a0e8db3e7424016

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              276dbc89b22c644d1eabb50b3aaca6480e071f836bbc74bd7f0a710fb615d0a0

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              cbed656324898d8e525b906d607cc319929aa9b0cc612aab37aef0022948fe66f9d462a773d062802c5d6be232832ab903503a0c0cb55626694bb053f284caad

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              7KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              028314890d945b159594edd7f8819d5b

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              ac631876809365a1e4ac161f3f6be1d9edb5ad55

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              79263a388d864d461b0e041550da6333b4fb4698f9bbb504f4dee5342a1accbc

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              8df0e1b7dc5785f6f8fccaa8a9c73027cdd7670df7bfd4602669424f48f409767a69cf9effef7d0a75ca42e72c413a64c25015058f965b7e0a30ba86165cea19

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              7KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              ca5725e41a45ced3c33ca47191de5748

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              e47e3a81f3a8884db75ec7339b578dadb682c601

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              a0c6dbb19b46ff73a50b641fb8c72623cffa40da0fa3cc12d6e6cb2f26a0cc29

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              b6f867ab46a45eb21b535a637433bc07912f027cfd04e05805f0de7d8916e024035f427675b005d7fe6a04981503aec19d4ab31be98604b0b025d316cc6b70ed

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              8KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              e3038f75e4d297789d94ab5d9adcef5d

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              8f2936895a62ae51ed0bdfff0005ff04b59b5d03

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              8d5d8759c8e884d66d13347cc3a80be9af8d468b49a0bc27aa92f2790d53c578

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              43b2594f5ee50114660c0e7186bb6a2d8ebb5a9c9cd2ffa0a4fd330b837fcc8d8953e35ae3aaa148234e76ce511ae4f3a571a273d2a0e264811ed8bafa4e1fa6

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              9KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              b20406bbd0265cfb8c7f638eeded1c4d

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              2cae6ef0396524f40f9d29b358632e1c139a3c61

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              e7b76639374a67cc67eedc55a5256b15df2d9309940f5c28675b2af081a68a99

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              39f01e61abbabbc142c5c92a04ac10fb82942cbddbdd54d3045fbec6363caa73631001e58adcb895beb33f9ada5fd8ca9a9e79cf79d0992b779e8e762e03cebf

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              9KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              bca844856ac3bae294b74cd9b4c0c5a6

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              b6f34be333ff69c9042c086f99a10c96fb631c11

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              2fe73be240ef725d2c766d1c4f42fa8cd05b7d88babb9de5192e7cb4f9294ab0

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              719e80373edde6071fab7a0e9d4d855116a711e7c1f3717abdb31d55411c48b0fa98f587dae08c988001c7f37b5be39691a20a7049bfb023f865ffc6fd850873

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              9KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              f26f313dec8f7298e9a55ab0fa8817d0

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              95799779c6f06087d2754a06a532d0e5c74ffa07

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              0bb2a58c147dddbfb607ca33b6ec15c089e0bf660b2cc69b9c90ac6f949dab14

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              206fdae4b8c105bb600de4cb49101aae8b8b42662afbfc68ae10aaf193660e723d686c43673290d6a7c7637fa95e618e7fc4bfd36175427fff5dbc9a87ffb8ce

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              8KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              fe904697e23cf1c9032bcca22d9fa7c0

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              2e88fb2d579e150b5d89c4e0f8112ee6efaeeafc

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              2195af421458990596980dc718ccbba907a013720259cbd9e5998e4350ce0a23

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              33d1de008a1d12d5e61c29c2bcdedaebd9e5e2222e3c60c9e1c585b73ac45999e97d2141bbc177c18e3735671c453d630aef3226b1f6a2e18d20edd9782f94f5

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              9KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              3d5da7178d2846f81d08dfd7115ca252

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              50a93798d7e7d46cf9e7320ef3ccd905e04775b3

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              ff688526b327b88117ba0bf596168c88ff2458f53ea6dd9e9a1fc9a7522308b7

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              8a1e9b613f05a9b39006873d8fb1965058432acefcf4c7f3b970f879c73591eddff3aef010608b7f6a05fff4b1bef134e454725f1f65f883addd8d3bc577b9fe

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              16KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              a7243798963ec7f8e2148101209d7eb9

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              9692fac7c3fe768524a89e43b10307cfd16e1715

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              7079d14e5a97a69e35f6796045d0a90304f5add8599d2bfd1a8786231ba7e0b8

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              a8f0cac6ad2366c5c33a1e685a5b5fab4c2e768605b0330e7a9bca5e3656327cbfbb614ed61d62e2d3f8771f8aba82725abae0107aa77b6ea33e68a8b78f254c

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              56B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              ae1bccd6831ebfe5ad03b482ee266e4f

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              01f4179f48f1af383b275d7ee338dd160b6f558a

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe579328.TMP

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              120B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              c9a4dd24ea23f6c4f70b8cd330ffcfad

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              81b6bbff7b9655ed97baa5bcd758b990b1e242a3

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              5fa7b553b1ef1da37df9574fe376a68d7d355b096359628b693c0afd3b331a41

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              9785f1dec850bb3691b7477642e5a11e89b6f5e50911b1f3d01b6bd8b8746133c540b3ff67043070906fddd972ac5fe495d0949e883716ac68b611c33741cc1b

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\fe0c0e7c29d3a61ffa60c89554575bdc50002b23\b5c2e899-17f0-4f47-8baa-8db1361e117d\index-dir\the-real-index

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              96B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              f7aba4c91d7e496309e74ab072e1b26f

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              c031d30b1edd7cd63c1b39ab659afa34502e90b4

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              be4027fb27ae785c3689b522c0c0c547a46da1abc65eadbac1074f3e93856c47

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              f64544368bb5979d87c1acce9ffc48cf717337481bd985044a5506c44fc446d01c5a33b314feeee468c1d913929ececd551ec63c85bad87b1e57317a1f8b1a7d

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\fe0c0e7c29d3a61ffa60c89554575bdc50002b23\b5c2e899-17f0-4f47-8baa-8db1361e117d\index-dir\the-real-index~RFe590d35.TMP

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              48B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              c14d32e7d4ee48dc56398ef623134a81

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              1e271888c5a84fe1b3880b8a08ed59119857a5bc

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              3d0b1325b9640aeb95b1d0335f2aed397edf848f4d7712fce7748309fe6f89e6

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              9036ac6e33a89e6ac0d56e251c0b9970c19c5b59043966fcf28cb8ee0d2c774776b331a383d8528a72eb0cc979e57c042d99c20aeeb19dc6ccae68b2844fdc37

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\fe0c0e7c29d3a61ffa60c89554575bdc50002b23\index.txt

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              120B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              8a47fcc2e3938327f87ee39e41905fb8

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              5b1dbb4c215a3e2d3ecf87c94e7f9479b542a325

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              a64e1ffc4c74805c7b7e8ccea7403d5bd608e50aae75fc4659035f1c4560d9fc

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              7657081ab7a83374db28344036b3694e865d91eb2addd02f649d2ba7b8a5a65a3419a9d3b251ce8b7462313661bb7dcc22ba17f526d548e2eca87a35b3e77418

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\fe0c0e7c29d3a61ffa60c89554575bdc50002b23\index.txt~RFe590d64.TMP

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              123B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              7416005ac50c259fa537318cc3767d3e

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              0ad31006c1744f5b7f907ad940f5bb37eb092af7

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              4d3aaf6e50cdb9599fb905f8f41bb96e9ef7b815c2c85e6dda7dd89ffa491ec4

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              005386d274885724539c1d77e949107c8e89551a3dc60b4377b0629a67dd966e9b786d9d28526f4badce2393de2d48eb82221030f63042afc05034f652ceb8c4

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\CURRENT

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              16B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              46295cac801e5d4857d09837238a6394

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              44e0fa1b517dbf802b18faf0785eeea6ac51594b

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\2cc80dabc69f58b6_0

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              9KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              288b80b3e5a1014a1ae4a047d51ea5ee

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              75de5f747fe2925a44c9819bc4b944c91fd5082d

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              94014f6931a65305eb6955f0a72dccfe64afdde8f0edf914b8a6731837a333f9

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              91a00ed83cf56943a2e06f52224f76f12a82e6b67f8880a0bf6bc298cdf7c0f2191b3251f2bb5cd39b8b1c9b104c9c425221ce5a78c2dd806cdf3484ec99b1f5

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\4cb013792b196a35_0

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              0175e7d9f7d3516e41d101b2e81d5d72

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              2a2fb99e40c7a2fa0edad6c405c5f31edeb9f035

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              5fd6ccc245d47da85b09278ccfb300b43a4d18c5d39f21941f3a22df08ea9b04

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              85bd071880e3989d60f97fda091e901803e67926e81b41272728b7d3e5dc863f34cde367b363c4f81c2022fc38ea50cb002e8f03025803b6a68ed15bd2143a2c

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\67a473248953641b_0

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              0d84e99f76197695f6210cf3ce79b101

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              d6f2e8d61d4bc3d9804facf615eb810f1bfab625

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              0c82f641ca860d8ddbd66f3e31c5eebca98729c9d3f469e640feb16d15ff022e

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              3b1d851ed41e527fe8ed2e502ff48b8cbdbd73d46e3b381f23409936e5dae6e571ab26d1b8e1b1073bb63708866f4ab2be2badb66370cbdee7d577f6edd26a28

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\b6c28cea6ed9dfc1_0

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              ef865dce8f39bd572b864f677f7ec8c1

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              c892470e7119cd85d63ec1de8ca0a007b5e4be28

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              1f1a6c27fc64b5e82262676f06eca358a13e7728b5b92999eb0fac6e91bb6ee0

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              49b62fc477b6254f9056bb4c5f73c5ef26d199950e1d019e28b803841fc055995dc5d80cdb6e632e66fcae5c396b20ef32a881959d09bafe8aa7b536f7430a0a

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              7KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              847343e03cee23dfaa7d10680ddcb0b8

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              a6e2df09ed6094032ee93f0ef41f382f4e148c9f

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              ba4577b3546c46510f9f072fb8090720bc2ef4963045501d62739183e01a8f1e

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              38c169ecf6ab79eaa13323880fc85b55a9c07162a3e2bb386bee07793e53ce6cb91443b0dea4f9e129d5e96f201b25988417497412e6e77f2770c456753c8171

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              ca9a00e160b7dc408a80eca964383bb0

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              0060fa733ac7884657bbf42aeca105d491fcf90f

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              7eb10f36703d2db3d84cc3e84446490dcbb8429e38b30d8b269f871cf1574848

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              6bbe9587875c3f8ef03a54249343ff7c4647a87c6b6505d5d9fc1e26c6d7749bf4bd3b02fd09a92bcacee47e33c4fa887ff138ba0b1ede02b6bf1c5eb32ecad3

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              216B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              f8472a52463d248300ac0c19963bcb5b

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              2a2684bb469537ab73c86598a4096192f05033d2

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              b36f23897a3eb8c782275bc79b903a4c365397df56761083f6f97d11add47310

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              0d365a8a72f2257aa280fe139b096479b93dda63cde02bfc888a95a4ce3af67c43f7ead9819e3ed25bbccefdfdfff435dc9922fad0b131a6483a852815873ef9

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe58af27.TMP

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              48B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              4046d48a3584bbefa6158ae8f39d5346

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              dc99397d07c22c80bd69a9333e628ce22f331cf2

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              bc4a1b3532ed74230ffc30f50c5f9cd979522b82b7ad6ea2e8472366a0709f8f

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              73db262a024d958e4f852c13bcd1092ad459b88b8055776f8e4eeaa7b849228f04869238a91855e453983631239f3e573db350f2a8c3649d80eeb0d6c7df27d3

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              263KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              74a5eac3f5ccec5108d49188009c829f

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              9f19de78f4d687a2c46c871769c59559f416aab4

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              d9bb3ae37374b063e0305de1244d0ec6d58e66ee9d4d29332e505df1ea8bfe9f

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              2b1489cc5dc612ac73e0cbd64859fb31833e8457c138108f1a87f3d11902e42e9c177ea1fcf05a94fccba1847127834aed390250da28e4168acb607fc312a378

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              263KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              24c15be638da6d3298dd0a7fdabf683d

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              e051db9084c1bb97aec92bace89394e590e8f433

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              2c21b81cc224c1418185db5cb867bc7c68850e0ad72855e6e4506ee79e08465b

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              1c60b58d6a189f2335b5a4e75ee27623e8dfd6c3ebd94d13b2b30198a75188e06bee55cabe697fd18b0bc041e24c9ab31028d8dc5e439048c276be8ad4661b3d

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              263KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              1d32f5b5cae822903bf6ed0eb70c9969

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              1c2ad058192a5a26512a29e3b1833db33d28068f

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              b6bfe3db5e9f35de8b21cbe326a42109823c3682d99ac01322a278aeb133dc42

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              c1ff2d85bbf4be45c86326ea8463b129109f7d4f779794a9169c1a40e18b617880bbe0d6ed1fd3699a5d8157104091b3ac27eac2bb1ffcda650dbbd709e3c7b0

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              263KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              47e378812de7bfeb2628a8d7aa0e142a

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              00d114090cd1340ed9237273cf72461b50d9ff71

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              e893ac14c928283d422322b256bc0591917d29c976d08742d23b37952a5a9f57

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              0ec6a3b726a64339a7cad33f8716b1c18de6ea0198002c708815aa74c0c3ba5885ae0fa497a5291d8b123719427572c98bbacefae6cd4c35f2e354a8b30f2305

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              263KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              0e5bf5f8d59579dcb5ce341db52b7ac2

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              c64c99c2080edfb54c4cd9581684d522e49aa7ac

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              25c7240fbc44e3617c2feaeb29ab8aff2a29963dffec3c95a42c8213c2c836ef

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              30e761a4090bce31a7c37401445038430fa410619a938b61dcc4e240eb075d51def68fbc2e6f9e73500ebbba0a98490f0b5a6c4bb99aca0d5601deef36d31ecc

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              104KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              aa2059163a0055be7a0f736b74417a3f

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              d8471655ce5162b6e387fe0533ddcbe38e59a9f8

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              636a6dc16a949ab78ce1eaa12c14ec195ee7faa4bb01aa085d234548602372c0

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              f476fbed786f6db8e1763848793e7733a7ab073a3dc2e42f8022259238ad49fd8dc49d844673025538296457f777eb4dd4ca93e20657c9260e45e4caa5866d42

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              107KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              f6e79be87f80827c1cc821b92d3d4687

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              23440140335e5d871e5f53e168f4d7ac44bfd5fe

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              582b1fbb604289585931a04e3213540e1a486e94af2a18b266f0b1dd562a0d3d

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              13e072f0b62c34c7b41537c35919e292527a51633654e31ad4e26276eb744855c63a589c41ca344c47aad2f3e1fa0c710d3dae8a8e056580257498cf87f6ec9f

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57f1e2.TMP

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              88KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              cc50b60ed8779d75c10faba547bbd11e

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              608298824ed2d2424f42d12bf47c11721a0f234b

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              a50916cb07776c544a1ba2cae91048c8ef0a82c1e8cc09eab4a9703059d2eac7

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              13b84395efed09df6e34153a7463d2e757e04073abdd9b328060fd41d6855aab2cf00be6adc49ff5cf997a4eaee74c05b3fee0e7bf3c67c3e43f08f8c1fbc4f0

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\Web Companion\Logs\Webcompanion\webcompanion.log

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              ee2cd7b177b22a6570c2e1515bd9ba10

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              83df846347c4866e4969567e68f6f976f3afe2e2

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              b5896c9950d32e40087224d361cee9bb96290b6579b735752c802804b4a1dfba

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              58a24f6559df887a40f4c0361957e25f7b82a6c14b484f8d2cc2b68bb9e90987dc1f860211207454a78ab9f65b438aa1fef73d88e4fd074569163bf06b1634a9

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\4jdkgvcq.newcfg

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              453f54c9bb5f056f93afe7100e488eff

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              050b08a5ce662cbd90cbf5b249602969c05eeb3c

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              14fde4cee90e9ba914b8763318120ffaf1d3d0e54e7adc2aa68b9c378baa5dfe

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              981705d05773b1247be3e2f710b0ef6c3ea63c182040f7d8eed40ee7c8139cd3fec5990fbc835bded5749cbff5296883ea64f6217f2a3b1fa09af1afa0bdc09c

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\exf11ml3.newcfg

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              0347dfd7feee5c48c3d1770fce46906c

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              ef0b57bf31a3c268f70d3e629047d73b58916d71

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              24329b74735462511094418baafc0dd7b96865b344b9bb5049e0de0485dc8d4d

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              015bc9b29dd39460294263129aefd48c9f01057fe18cab322ebd852518acef9d16a48054e50f053fa603110f09333f72569628de1018aaaaaf1c57ae61f25861

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\gsjt0mps.newcfg

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              34833df80ecb9d5e2d592db9b3ae70d6

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              5dcee5e915c0f2a5f0c9ce9fecee9698f4fe6dd1

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              98e0257a45db7e6909db7e998c5a9cb6d0f2aec612661f2d28bab1437677503d

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              32567963397e1428cd8d8788525e5a958b1f09582361354b53d32af76481ff25b278fae35ce77c5967ba0a07c708b2bdbf9d85be1e38e7a208fd40d0f66d3220

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\ie4sgbye.newcfg

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              1KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              5e9e5caea0e9c4e8b9451fa2e417ef31

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              cff95e107d3f17213a9131db68a342ba5f85833f

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              a4e3a68ec05d7bdc8b3af1e9cf8bdd719c228e079c8489ca2a188a4541ca8093

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              225dd12ddfc61cdbfa3e7f8bebcca47d4273998806b18f29fda2af7f2f2993f692c169c3811d1eb0a16ba83910f035abfa1ce41119dccdf2836fedf4e6a85e2c

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\mrgsmxjs.newcfg

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              723B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              c471093b49ca1d7770d7e39a57743626

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              905d25e85acb63fc6088390ff0e30a993bfcf777

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              398633b8f978f449fdb4107aa450cae694a02e334d61e90bd0116610539f3435

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              ee41bb38cb0a38801a622d263ccbcdefc48392c8fd290231b858ae348cc776105eed58ca8df2f45aa3a7d26e335321f658ab0f1e2247f01d14ac0cb6025ff7b2

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\n0cbtbxk.newcfg

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              1KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              d8f3c0193e05514f91f5cd2db4b589df

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              785fe4cbf68c16707539ba7aefaebdde109de6f2

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              dd2687d3e8dabcda317f637f600bb2a0e088d80143e9eff923a7ff7457bcd00b

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              f8c47cef6bbe43fc85153183f652a5fe04c5b907312c1bdfc3583b401ce2007d213722e1994f08d0f8fb6579f48398204fd360360f0a70d9548d5658d2afd151

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\nkyqlxu1.newcfg

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              594B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              911eecff48f496119302a40bbd4a24b7

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              1d0c0c1fab96676e6f6d642350a7f8229cccfd21

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              e1860fb491a053511dcb794e6dbacdbbe4fafaf5b72fac016fe7ff8a3cda0fab

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              84315c669ed55915c58b5c9e88a5f8ab880101d899326bb5dc7f569b67f605e2822c93d650d0b5a3eda95902c1335b912b53829fd0b5d93f8753dd53e4583b0d

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\nysizexv.newcfg

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              2c3a3e2c304a78825c89df85c285250a

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              de5c766932d19ccfc01ac53afce4948d9f2ae111

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              f4d06f9fbf1b28af6c10f492fc0513e0e432441421dc040e687e49d2be6d5452

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              724006d152973f23920f0655e343fe5c1d18fc34b8835a6f5b2864fe81e1d8c355e3275bb92982a2c690cabdcbd2d56fc3f7b5f391ac0ce86e9a0f9fb18e6fc7

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\u4qpaz5u.newcfg

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              40ee76fe398da89493e05ea67d4b90ff

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              c72079907c8a105ba6ec67bbb3decdbd9791e758

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              6993b96acfea4668fa1a2183e2471a84ed657aea72486eb0c5d3ea53c44b81c1

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              71960d4da973f7415e16c081690d439c2197072cae9f78db47bfde679d70eae39f21c450589b85dcfb7b02b7e1569d7a1862afe3edffde1af1dec343b0d42e6c

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\user.config

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              b6698267c2c6fe01a31421e879856f48

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              5246751ac99b046bb758b9cd139cb32b3d7da7b1

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              196152408b4ac609bb788364a0ce80ca2dd2f11130c8a4c813c0fdf557be5934

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              cb8644039e67d447204ee51669a359648b6f11d2921eaee538e7e8140f5fd714d4a29e4d04dfba32a8b355644fddb9df6a8150b3eca0d5b59a84f55969f2e1fc

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\user.config

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              330B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              88bac5db79ab9307b4aeca937b6e4936

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              efe6b00df096ee515f1df0689198dfda8a7a7635

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              ed4bb00ba1024503cba62bc4bfedf3df1ceba8c29104c6bb91772e7871771908

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              811ef8a62c9ba3be0e84cd9d66aba8651f709605571e7efd092d5f4fbbe77cd1540813b1f81d28bb85291c30f0e1ef81a16bc171cfd4368ea70249fd11d13a8a

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\user.config

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              861B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              b4ecccf8f6cb66ed6c222e0d32f34065

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              5166bb516a533296b2f6914290c01359912ceb86

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              1631ff1bc4b474303be696ef05dc79aa8a58014383019c4d84366c6c25e349fd

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              fee6e5b6d9a90cfde669843ef7bc408e054b955691535df9735bae5a225c36bec342d4dead83d6a82ea724f6c47b0cccc5d62d007870b48c0577fd768f067e3a

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\user.config

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              918b73e11ff23f37859767f65e214125

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              50168ab3820fc493eeb02280be16e9179aa51133

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              08f78861fd112cc75665bfe038a092181120e29d8836b915e9bf058ad8d0e4fb

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              432cce58be2582a54189533f252ff8ae4106001eda19ddf94671c6102525978bad6d5997d4271bf562c62d281e43d649cd7000783393b4e04ce5203f7403e1cb

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\vyxiyfwl.newcfg

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              462B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              ea94cb9595adb65764e4d641c444ff97

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              e603f3af615bb74fdfb59f63abf4023fb9eeecb8

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              9b03a1514068d541d07a107abb7c0d7ce347a32e9ced04eadce146a2db540907

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              3a82173e5a53baea82ca77f35194462bf1ae6afbb3f7dac0b686c378468576c762aa0131f44e1278a55fa18a852d6e552c308632aa4ee960a7b5f8c62fa7417b

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\xkavy2mi.newcfg

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              1KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              41ef59da5e0de776ef13d1630c731914

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              94347c033d06414e1099372950e3cbcdbbcb0907

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              3cff2dc358932c6b0ee25f828155e618b2363172441c2e0870728f7f0385de82

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              7c4c24b68b3ae64cae26e25ed1e7c8b591d63ef1647545c96f69f63220b968f466b58472cd34a0626d929fb77e7fb99aa7cffb46a8ec09910ca8038661565e69

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\yv1pee01.newcfg

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              7ccf5fb6d61493fe051f2adc4b0260b3

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              a8a8204f7990a521029ab86f5eca58b922edeb4a

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              0246f58ec27588d91af3952c6da97cb849dbbd12e8ee9f30075d6ff5f305b705

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              314cb120d087fe1b739a0e37e5e2c66054ac4a389cc16775c43e128ae32645cf705581955b4a8bde25041aced6a693ee294c5ef990d71c69ff68dd63cd4a8064

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Lavasoft\WebCompanion.exe_Url_kleyaxrtenldtfqjmu2cbjmsn1otpqzk\12.901.4.1003\zvrb5nth.newcfg

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              1KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              9947a1264484c5f4cc22a07970be3a92

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              7935b6b785cddc4289ac68842293b78269990371

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              4662bb7bdd9d2915a4dce215642ac6b0b04ab8bef451e8a94f467d962a1ef699

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              f1c825d79cb6bc51bccf3e8403e4c787d4d044c3cf82340c175c4b9277d50a7cff3c261f141c56ada4b52bb451b8e512ecbcd0e8f40a20e9d85298c925d4a44b

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              152B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              a8e767fd33edd97d306efb6905f93252

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              a6f80ace2b57599f64b0ae3c7381f34e9456f9d3

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              152B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              439b5e04ca18c7fb02cf406e6eb24167

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              e0c5bb6216903934726e3570b7d63295b9d28987

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              327B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              f3106aa0025225b57168090149edbf3a

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              c30d9d8f10a58c4c5e489ce20643692e1bfc7bdc

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              58e52df780f26d6539aaaa96e94503030db31706a59d59ac54e62cfdb9532485

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              467e7d2ab41d59f88d42a8e3332c52f2a4fa43ec1cd7fd19a2637db0e9720cecf72db06b98e774ed4adaf9e2a19b88ee78f23ffa0100f7910f3cf50d6a79c0bc

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              5KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              0ad7e9cccd78f0ebbfaba06461f3703a

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              9c9ab06795607a69bd62d22561bc6e25d481fdae

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              6834add84369e01dfcbb908e8edf399433d21b81a3c23595aea9f619ef7de04c

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              cf382c4e0d6a40e0f7d058694989167ad0120295d4d5828e9e26b9979359d6e7df3df71ba2858ceffc98ae985273a9632f91de2dbf7cac9d88107629d407b527

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              6KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              d034372b1978aa7bc601763c9b5eac61

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              e4de09156b3ba43dce3874acd4b22eab7872c99e

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              2afa33c94ac58dbf5b524a734e0cae727dfe7cd6902b24a57fde76eb20b609c2

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              3de9d78f6f667fb5d3ee6429c80f7ee2942380a344df88fee19453654af678a3d5ab172e1522eede323239b18d6d6407ceb3729f5a5d885cc52db2be7704a4c0

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              10KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              b4546890809ebedc363a206662dd4c88

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              d38aa09bcf55f7b9080f459d361f67ba3af5c177

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              f247e403a77e536822df97c143b46b865ad2078d940bc0c9348c6bde314b4a6f

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              3e422e7d21d13aa4fd53572303bc1873d4fae97d6a998da13a88ffdc65a4b6e7b8285295c0c1006d70ff1a060949720fb9be6aae64d896edca38934fab7281b9

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\7zS82518897\ICSharpCode.SharpZipLib.dll

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              208KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              b0040d764201abd71c26560e798bfa7f

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              a3f32be47621d353d67c6a72b7059b553801a9b8

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              13c3e0fec7ff29eb8ab28b321102c2d27afcbb410884cd693cfd3d211bbef1d5

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              104f157b822901375cacbb22121c1c866254eca5979422741768aed5536b0d51f5efce24b6106927cb16843276fc8e4b8f70ba20f5ac3c48a75460b2ab14e478

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\7zS82518897\Newtonsoft.Json.dll

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              428KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              746c1f0ea5a5c0a67fe96dba4e32ac76

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              cb31834984b5c7509499f0a9a5febe2e3575de78

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              9ee20b0b7e54e633eff1a25b6e379201d499552689ad29eebd5ad90f221b1386

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              b07f6032d609291f3f3d6e75abc055cbc0751c2cde4cfb4eb5ab93611ad8391e877dad92009dec70c0c2a7fb96b20cb4392a1a51634006466bca06fec36ce358

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\7zS82518897\WebCompanion-Installer.exe

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              428KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              f6271b5d4729c2fd7dd9950f41d57c8b

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              b201f20d58d3d0de4edbc513b25c4af8d3790d13

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              04e8c3de51503351b4d52fa9b010aebb41d3cca46387046e8e689fbaa7063c16

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              8e4ff8ec79b154211d2b6ded28025b92c4f09e36ee160be689af986ae2aeb0f444d834b04f2c6887e757f618f1d7dfe049f8d8e6a6c460c99f79a80a1580db9b

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\7zS82518897\WebCompanion-Installer.exe.config

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              be34b448b611dc35dd383ed545e8fa96

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              6c9dcd8d936f0e39648f8fa80e7f07d9ce6f550e

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              deeba89fab938088e2e65942e93210e6e368eef6bc1ca8e8724ed43154701851

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              796bc2ee8672b64d9f5859f0b091e76de9523beb91a7c8a1aaf59be30902bb73f5d197f271d9d50ba6139b109b00f121efa11929f322af71fe9d32c683ad8c44

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\7zS82518897\en-US\WebCompanion-Installer.resources.dll

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              6KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              e4266f63970e9bb702fded23abb07ad7

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              fb53dbbc93788d7ac3672520706195ab3eb75fd0

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              83cf07757ca5e7c3dd2a8cabc44ba246b6b6f24c3d7042ceb3fc91ddfa8c4160

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              4632e8af8c60b242d7213ec4eebfff358c59e0408e2f6d1821bd87553877e0ff4c9e874992242b303d26a2c53ac53e628674ce2ddb0dc0102e581c05f25c5f54

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\AVGBrowserUpdateSetup.exe

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              1.6MB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              9750ea6c750629d2ca971ab1c074dc9d

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              7df3d1615bec8f5da86a548f45f139739bde286b

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              cd1c5c7635d7e4e56287f87588dea791cf52b8d49ae599b60efb1b4c3567bc9c

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              2ecbe819085bb9903a1a1fb6c796ad3b51617dd1fd03234c86e7d830b32a11fbcbff6cdc0191180d368497de2102319b0f56bfd5d8ac06d4f96585164801a04b

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\CR.History.tmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              152KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              56be61fa4901f003a9c69b84175eb016

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              283ceca7b3d8dfb93f1a008bf663672a0a67f314

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              7cf854bc0b633554a6d0ff3945325170a3b88f87d771763413aa6e70827c9327

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              dd400f6e74698fdb35731c6b7ccddd179bdc3112a696a37b87989c8a5ec0d56857521cb149f678888ab9cfcd2d967c117e61bf2ab6e8f4df71d16d5c8f350a18

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\CR.History.tmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              124KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              6e73b3da90a32dc416b3ba7c3309f3ab

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              8e3299267499e3648e8c46784a4cc3c48ba00784

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              781c7e3ca29bdc298a46c9d75142fa615129a9c5308e25fa7d6f3e180bb56113

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              ddabd966675c9ea3e024c4a50c353593364b0c45d1ec025bd03a086e3bc86fa34641e1d57d8854afbd7567586358e07ad305402a7a8d5ebf91adc12fec32959c

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\FF.places.tmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              5.0MB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              25b97815c0005fc273a7eff8e4306d35

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              9e23f75f19686261d5a3c9abfc7905bd2b8885bb

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              08eb8fb2f947cfa307191716fc503a9e547fa9104e16f16f4e706a64ac19a393

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              26e258004e766f3a1542f2a5a12ea3223dec9ac37b79e3ffee8a16326d623e57ab10f92fc9302a46dcc938511dd078b105e81b12a9872892fcbd25f0cca7b856

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\JsisPlugins.dll

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2.1MB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              bd94620c8a3496f0922d7a443c750047

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              23c4cb2b4d5f5256e76e54969e7e352263abf057

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              c0af9e25c35650f43de4e8a57bb89d43099beead4ca6af6be846319ff84d7644

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              954006d27ed365fdf54327d64f05b950c2f0881e395257b87ba8e4cc608ec4771deb490d57dc988571a2e66f730e04e8fe16f356a06070abda1de9f3b0c3da68

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\Midex.dll

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              126KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              581c4a0b8de60868b89074fe94eb27b9

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              70b8bdfddb08164f9d52033305d535b7db2599f6

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              b13c23af49da0a21959e564cbca8e6b94c181c5eeb95150b29c94ff6afb8f9dd

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              94290e72871c622fc32e9661719066bafb9b393e10ed397cae8a6f0c8be6ed0df88e5414f39bc528bf9a81980bdcb621745b6c712f4878f0447595cec59ee33d

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\StdUtils.dll

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              195KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              7602b88d488e54b717a7086605cd6d8d

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              c01200d911e744bdffa7f31b3c23068971494485

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              2640e4f09aa4c117036bfddd12dc02834e66400392761386bd1fe172a6ddfa11

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              a11b68bdaecc1fe3d04246cfd62dd1bb4ef5f360125b40dadf8d475e603e14f24cf35335e01e985f0e7adcf785fdf6c57c7856722bc8dcb4dd2a1f817b1dde3a

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\jsis.dll

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              127KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              4b27df9758c01833e92c51c24ce9e1d5

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              c3e227564de6808e542d2a91bbc70653cf88d040

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              d37408f77b7a4e7c60800b6d60c47305b487e8e21c82a416784864bd9f26e7bb

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              666f1b99d65169ec5b8bc41cdbbc5fe06bcb9872b7d628cb5ece051630a38678291ddc84862101c727f386c75b750c067177e6e67c1f69ab9f5c2e24367659f4

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\nsJSON.dll

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              36KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              ddb56a646aea54615b29ce7df8cd31b8

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              0ea1a1528faafd930ddceb226d9deaf4fa53c8b2

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              07e602c54086a8fa111f83a38c2f3ee239f49328990212c2b3a295fade2b5069

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              5d5d6ee7ac7454a72059be736ec8da82572f56e86454c5cbfe26e7956752b6df845a6b0fada76d92473033ca68cd9f87c8e60ac664320b015bb352915abe33c8

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Local\Temp\nsh3C55.tmp\thirdparty.dll

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              93KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              070335e8e52a288bdb45db1c840d446b

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              9db1be3d0ab572c5e969fea8d38a217b4d23cab2

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              c8cf0cf1c2b8b14cbedfe621d81a79c80d70f587d698ad6dfb54bbe8e346fbbc

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              6f49b82c5dbb84070794bae21b86e39d47f1a133b25e09f6a237689fd58b7338ae95440ae52c83fda92466d723385a1ceaf335284d4506757a508abff9d4b44c

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.AppCore.dll

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              118KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              e9e26816ee6dfa0d4c30357008311c01

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              d4d2f690a08f1ab85b9b02d267b8e138278f2329

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              91ca690f23473476ac201cada9527f71dae1b15f6c272398253f3f0425b34825

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              efe8d18d57b1e95c117789181f51d652eda53849872cbb5331cf5fd73955b04a08e360707d105b7901d72aeb86496baf2644111da289306c2022a7c9f5ee7440

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.Events.dll

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              136KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              b4e90ff038a9640cde9c1eb897cd2878

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              fb26404d6d6630f983d8d95eecb00cd28f1809dc

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              1884da1809e9d5b24f777524e8a9df261d3e39cdbb25846d5b594feb123abbec

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              8fb8b6f4af754c5d2333cb622a953fcc3ed2fc13b604f5f17a94271b82151466f3aac50bc52116e5cdf7269854e4e3ce323cdeeb504551439cadb5b41f4c403c

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\Lavasoft.Utils.dll

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              108KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              522a44cd2e255dff02c5e5c67a61b85a

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              c8a9ec53407f729c81126dbb9db81af235b43b58

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              4649fb49605bac2da3925ba3255bbd4017f5a9115206d67de6d51d5a1035b2c3

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              3ea6b1bbd0cb4b78674b58d3ad77cb5d93a6f27be5dd5a4a83feddeacd55d1b8f17a12ee7664d866e32a929debef7183e3991c53a9ad8e056721e7b70d92d252

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              3.3MB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              a89871f4fb8517d47eaf356fcba5f9c2

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              4a19ea78e1ea859447c584a4eee2fd62a1c3903f

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              afc118ca9b161f9b2439a63c84a1a172d6e854540aa8a24538ac73e83a09273b

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              3574660b1156f1501d42a1406093c416237457f8331fac32419e26a8cdb6a8e582a17c0be1c960bc86206b7a12d0324b588e51ebc9a87933233507ecaec8991f

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\WebCompanion.exe.config

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              11KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              cd4e494e258c7eb0585fe76ebe9e6233

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              e93eb57e6c38e496fda92dbcb31021b34ae47cfe

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              bf61730717f05b95c4f43d425b6d7d15deac39d53e28eb302e5723c7a9b7b0b2

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              413b3727a71126e3f35551232607d95f8bd79342526c0144cbca929e6dd3e65aab56b2d1f37baafad53ea23dca4c55bdd363cd45d0c54792c3118726ea45c07c

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Application\log4net.dll

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              316KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              2354866890cf03971a066b1b0a6e2376

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              a446317cfed4875d5f6b82b507bb9097029277a6

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              83f5dfb7e27c8316ae780d39eaefe6583dfd119a4e9e556a6552df799f300e0d

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              c681e0a545812198f7a89eba33bde9fb0637a3b94b50a63980767f40279618433ed71082c7575c84d5ab1ca2f664bba573c8f3d7fe0a39e8d3229fb85158372a

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ActiveFeatures.zip

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              404B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              f399862f4ea59a17c22943c3e486ee58

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              85ab6a077c208397fc17636c9bc146b27f654de8

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              114f787d70b5cf81bbfdbfa30165a84fda628866cc622c0d3b7d89f8f34a0e77

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              991c63e9cfd76a7acf9ec5e161c23e26906a4b9dbfb592509f601f61e9cba1b2d5babebe3fefe254d1157183c1d771b387d8222ffc0e742eb7e602ef19778bed

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ActiveFeatures.zip

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              404B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              dc1cee56fe63eccc5c3e986a8b3fa544

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              7057b8d503f8d359e1f11c954f421d5a64552faa

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              d6b027aea1def822667f82f2c2275676657fe5e9fe4e90bd0303d62e8e69d76b

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              b9cf60973c9e5c5720a69a1c90588d30adb1b6abfcbb2ff944d249c1ebd6d8005f038280ab2685dec7e8a7d6441e0710a9e912549006d6484b7ea969a4b1bd48

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\AppSettings.txt

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              332B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              590fd86ad024f2b655deec8333e240a9

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              f1946050248dd1aea834f139063ac8eb3e41677e

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              7afe6a8c5bf14cace6e9bb2d40df2adb5f31325fc024f448138106cf7b63f7c1

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              c19bf730552e548b6caaa27f5ff2c5b34d34ac9408b3b6e388361635ddfd4f619b9205fad76b9141f2804b8dd364cd843dcbabd4d9d7b7b712f320f6729d87ec

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\CData.txt

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              209B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              3b6635c23ed1d500dd929e043b13b4f7

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              a9ff1f6b7bd6677d536b6fcc20e864d2840074c1

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              53cb28f2b0d8860366ca92481c848b0a25e27b5f5118363fbed69661763318d4

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              6d8900695dc941f12ca74ee4785efd4f1fc6bcf70cf792cd8256d7781d1f4d144dff3826c9d3ca63d57fc1414924f788aeaf199bdccfecd5d40386bc2b1eb1ae

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\EData.txt

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              207B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              2618e33ab1242d879f14ba6544f0488c

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              8275e14edd7623e3b4d51058caa4a4bad5be56b0

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              1759b433ed6152b36f36a6939e6a419bbb91ff46dd7d15e57dd67dab6d10fcde

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              fb063b60e9e7ca8550f4350796352788991b669bd988b4694538b3a1ed2c08b11797187e04d2bc74ad7da0916d7f99ed471e6582edde16255de511f11966630e

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\FData.txt

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              208B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              73a7727bdf72be84806a3a5e423cd0d7

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              2b754059bc23b21f336ab82fa7ceca1133ec3b0f

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              198c6f1e12e9275bdb84db4d022453781900217597f2c29b2c22a3eeaa7659d0

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              0de75ec2989f32cf3ba04587a6aca55230e1907aebd83a013a0d5c8e67975477de3371d2fc95c55be6e7358944de473ddec5d98ac94f325891f3f6d29dff1ec8

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\FeatureActions.zip

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              656B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              dab042b104b2f904977ae033f0b7fcf1

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              d779bec870dc968f01f3ebd369a6e4b6ed77fc07

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              b76d1f149dbf5f3c4479a92dd60bfb18e4d11bc1c241260bb289d4a9445fcf7a

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              5b7be87ad5e6d6c3b9ea3b8451bb08926ad82b352ce384114c047a928088eb899c06d2f385f691df8cd2e9ab3c912d865be3b2c24de030b2d57d0ff580922a01

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\FeatureActions.zip

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              225B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              94a3263bd4a3447478729d6add2c28ae

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              37716240b644954907a3f62cc45797e805e7f42b

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              5c40f3a8ab3b19a8e0b4f57f7cd21ede1ca73492d78c2303544e83347c96b8f1

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              b7fd8beecdee6e9414bc2e811a78b26ccf89ef1d44c704fee96a3f8bd24a66986f952f853eff181b412f6ccf14362ecf26d9d5bd5c739aded4f8a1b6bf41b134

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\ServicePartnerInfo.txt

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              185B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              f870df721c17b87f2f657b2d785ee41c

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              172bb36a887ef6e082379e608ff3cb5a4ad96067

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              2ba88e860952594366808423c7031478d0c4f7cc84022cf55a19ced01a28c5ec

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              9a2d45fc711663bb6754025d5e9a5b54ad053b660d07dda621608f9f0c48d042333ba78ce4033e650f63c24676fcba36902395c9f5c93a026ae5347a71e50568

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\WebProtectionConfig.txt

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              308B

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              0cb1cc6ebd3113ffa4d08cb8e611b0c1

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              c084178a890875d41c400e8950537e1f8a58a50f

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              b578ec7cfe4cdf6690c83daa66b068fc585a8b35fc3a8722e29f2dc0fabb26e2

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              c86f4c9a16249313e1a4e0561dc6241e931c5d382a830b64e3aa9d1447734716417bc2f08e4860edc0d2945cc5091170b90039194c90985395d33a36662fffec

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\statistic.db

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              95dce32019b77df44c51df9ac6248148

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              1ff3753f39b8a4e6eb3002689db3db75f318a6fe

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              ad0da1a29dd675debcbb1d7bf239082589dbdc589ea1067d9e3cea79ddbc242b

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              f4ff61364a816fc8ec515866399d338ff6ea5e2992a49ac0f207626a52b9f4a8598d9688b40f6a93c759fd0085f9a3d45a218078b6bfd527e0f9cae4fd157f14

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Lavasoft\Web Companion\Options\statistic.db

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              2KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              77261c00dad3aac89b5ded6f63084065

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              0ca08b17fa1075d164b2b3ea34f495d211d609a5

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              4cffd9c87fb2590a706de816f0d1e50e36bc542340ac18a827d770154982c1fc

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              07db4760560a1ff3839f2f37c9928e592be3533cd61f64a3af8cd9076c43ae753486fe92208176fe0d6562df0f6de12e92d25a81c8dd68f83d4a24431ead6ace

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              8KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              09044118da8674015844dadd2821a342

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              9dcbcd2a7211d3ad8972ed561a019e2dedd6b450

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              8c5bdd0ed69ae0479c33d9b19b4d7ecf0d18b4f1d36b3ef5729e736f9f7ac07c

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              971ba6976c195a86e00690c296d9742d02f7b9079fd1c4fcc83d2b838623efed33b97377e1ee87b23df76c42655c332d566221378e9b31e126fb162dacaa54ae

                                                                                                                                                                                                                                                            • C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              11KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              34fac6457f8d78c92665a97ccb49df7e

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              ef7432dd4d0bbe1a509a008d04e75c2ca48563f3

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              001a86e6d10ed87ade8fd1e9cf0452ee87804573885565413305073de55f9c9c

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              7b3e7fbfd999c51afc9ca0b6df87b1422cabd3a095a1dcf171de93419be3dc821800022ecd34ebeed9419fad02d1d450879c0f4bac3360363fd7355a90e79e11

                                                                                                                                                                                                                                                            • C:\Users\Admin\Downloads\Unconfirmed 237721.crdownload

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              5.8MB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              e126e85516c400f91c7faec6de177490

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              364d5712f99012549c4c0425bebc0c6cd6bba218

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              9742eb6f940a9bdc5a2f4323a0407ed7fc0903620a2fa3a3999a803b208ffd07

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              028e8b84b732750739a9eae771ea8706006377bf184c333ebae26ad9244e00aac769c6cde077bfe63b5e53ea7ef7fce4390e930982dc50b9cd049c0989c11f5f

                                                                                                                                                                                                                                                            • C:\Users\Admin\Downloads\Unconfirmed 831677.crdownload

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              532KB

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              2a96b4260705aa2c2316846a6d1e3aa3

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              48166dd9bb44dbe24f43e252893e8ed90e90a7fd

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              1593b737347941ab793cb2debd48fe4636bad48a3a1e4e9251b35ee8c33992f3

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              c3a785f26889f121429dc6c2dcf28f5a806347e1fac4a79fcd72d63db7882948e40a4ac0a419608b78bf7eaf086d29ac64fd164262c47a25d1c40eab9b0f12e6

                                                                                                                                                                                                                                                            • \??\pipe\LOCAL\crashpad_4816_WGWCPYEXOQGJANWE

                                                                                                                                                                                                                                                              MD5

                                                                                                                                                                                                                                                              d41d8cd98f00b204e9800998ecf8427e

                                                                                                                                                                                                                                                              SHA1

                                                                                                                                                                                                                                                              da39a3ee5e6b4b0d3255bfef95601890afd80709

                                                                                                                                                                                                                                                              SHA256

                                                                                                                                                                                                                                                              e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

                                                                                                                                                                                                                                                              SHA512

                                                                                                                                                                                                                                                              cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

                                                                                                                                                                                                                                                            • memory/3052-750-0x0000000005CD0000-0x0000000005CE2000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              72KB

                                                                                                                                                                                                                                                            • memory/3052-736-0x0000000005580000-0x0000000005588000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              32KB

                                                                                                                                                                                                                                                            • memory/3052-723-0x0000000004F40000-0x0000000004F90000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              320KB

                                                                                                                                                                                                                                                            • memory/3052-727-0x0000000005330000-0x0000000005350000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              128KB

                                                                                                                                                                                                                                                            • memory/3052-731-0x00000000054C0000-0x00000000054DE000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              120KB

                                                                                                                                                                                                                                                            • memory/3052-1018-0x0000000008D20000-0x00000000092C4000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              5.6MB

                                                                                                                                                                                                                                                            • memory/3052-733-0x0000000005510000-0x0000000005536000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              152KB

                                                                                                                                                                                                                                                            • memory/3052-971-0x00000000080B0000-0x0000000008126000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              472KB

                                                                                                                                                                                                                                                            • memory/3052-1094-0x0000000008810000-0x0000000008832000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              136KB

                                                                                                                                                                                                                                                            • memory/3052-958-0x0000000007760000-0x000000000776C000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              48KB

                                                                                                                                                                                                                                                            • memory/3052-1129-0x00000000661C0000-0x00000000661E2000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              136KB

                                                                                                                                                                                                                                                            • memory/3052-738-0x0000000005A40000-0x0000000005A7C000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              240KB

                                                                                                                                                                                                                                                            • memory/3052-719-0x00000000003F0000-0x0000000000738000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              3.3MB

                                                                                                                                                                                                                                                            • memory/3052-737-0x00000000055E0000-0x0000000005628000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              288KB

                                                                                                                                                                                                                                                            • memory/3052-922-0x0000000007FB0000-0x0000000007FE4000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              208KB

                                                                                                                                                                                                                                                            • memory/3052-868-0x0000000007580000-0x00000000075F8000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              480KB

                                                                                                                                                                                                                                                            • memory/3052-751-0x000000006B050000-0x000000006B062000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              72KB

                                                                                                                                                                                                                                                            • memory/3052-973-0x0000000008130000-0x000000000814E000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              120KB

                                                                                                                                                                                                                                                            • memory/3052-739-0x0000000005A00000-0x0000000005A21000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              132KB

                                                                                                                                                                                                                                                            • memory/3052-743-0x0000000005B10000-0x0000000005B32000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              136KB

                                                                                                                                                                                                                                                            • memory/3052-748-0x0000000005BA0000-0x0000000005BC8000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              160KB

                                                                                                                                                                                                                                                            • memory/3052-749-0x0000000005C40000-0x0000000005CAE000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              440KB

                                                                                                                                                                                                                                                            • memory/4488-1427-0x000000000B830000-0x000000000B838000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              32KB

                                                                                                                                                                                                                                                            • memory/4488-1396-0x0000000008580000-0x000000000858C000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              48KB

                                                                                                                                                                                                                                                            • memory/4488-1395-0x0000000008390000-0x00000000083E6000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              344KB

                                                                                                                                                                                                                                                            • memory/4488-1620-0x00000000661C0000-0x00000000661E2000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              136KB

                                                                                                                                                                                                                                                            • memory/4488-1132-0x000000006B050000-0x000000006B062000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              72KB

                                                                                                                                                                                                                                                            • memory/5436-589-0x0000000005C00000-0x0000000005C08000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              32KB

                                                                                                                                                                                                                                                            • memory/5436-551-0x000000007480E000-0x000000007480F000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                                            • memory/5436-553-0x0000000000C90000-0x0000000000CFE000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              440KB

                                                                                                                                                                                                                                                            • memory/5436-554-0x0000000005C30000-0x0000000006248000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              6.1MB

                                                                                                                                                                                                                                                            • memory/5436-555-0x00000000056A0000-0x00000000056F0000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              320KB

                                                                                                                                                                                                                                                            • memory/5436-557-0x0000000005710000-0x000000000574C000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              240KB

                                                                                                                                                                                                                                                            • memory/5436-556-0x00000000056F0000-0x0000000005702000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              72KB

                                                                                                                                                                                                                                                            • memory/5436-558-0x0000000005750000-0x000000000579C000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              304KB

                                                                                                                                                                                                                                                            • memory/5436-559-0x0000000005990000-0x0000000005A9A000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              1.0MB

                                                                                                                                                                                                                                                            • memory/5436-564-0x0000000006940000-0x00000000069AE000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              440KB

                                                                                                                                                                                                                                                            • memory/5436-565-0x0000000006EC0000-0x0000000006EE0000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              128KB

                                                                                                                                                                                                                                                            • memory/5436-1336-0x000000007480E000-0x000000007480F000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              4KB

                                                                                                                                                                                                                                                            • memory/5436-566-0x0000000006EE0000-0x0000000007234000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              3.3MB

                                                                                                                                                                                                                                                            • memory/5436-567-0x0000000007470000-0x00000000074D6000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              408KB

                                                                                                                                                                                                                                                            • memory/5436-590-0x0000000007970000-0x0000000007A02000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              584KB

                                                                                                                                                                                                                                                            • memory/5436-591-0x0000000007F50000-0x0000000007F58000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              32KB

                                                                                                                                                                                                                                                            • memory/5436-592-0x0000000007F60000-0x0000000007F68000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              32KB

                                                                                                                                                                                                                                                            • memory/5436-594-0x0000000009D80000-0x0000000009D8E000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              56KB

                                                                                                                                                                                                                                                            • memory/5436-593-0x0000000009DB0000-0x0000000009DE8000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              224KB

                                                                                                                                                                                                                                                            • memory/5436-601-0x000000000D1D0000-0x000000000D204000-memory.dmp

                                                                                                                                                                                                                                                              Filesize

                                                                                                                                                                                                                                                              208KB