Malware Analysis Report

2024-09-11 09:20

Sample ID 240611-zqvzcs1epj
Target rblx hacks REAL.rar
SHA256 be449362ee5003c6a1b6f73a7d3ef1b2d5b67c9eb57e317ab672df32fa8cf366
Tags
discordrat persistence rat rootkit stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

be449362ee5003c6a1b6f73a7d3ef1b2d5b67c9eb57e317ab672df32fa8cf366

Threat Level: Known bad

The file rblx hacks REAL.rar was found to be: Known bad.

Malicious Activity Summary

discordrat persistence rat rootkit stealer

Discord RAT

Discordrat family

Executes dropped EXE

Unsigned PE

Suspicious behavior: GetForegroundWindowSpam

Suspicious use of WriteProcessMemory

Suspicious use of SendNotifyMessage

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK Matrix V13

Initial Access
TA0001
Execution
TA0002
Persistence
TA0003
Privilege Escalation
TA0004
Defense Evasion
TA0005
Credential Access
TA0006
Discovery
TA0007
Query Registry
T1012
System Information Discovery
T1082
Lateral Movement
TA0008
Collection
TA0009
Exfiltration
TA0010
Command and Control
TA0011
Impact
TA0040
Resource Development
TA0042
Reconnaissance
TA0043

Analysis: static1

Detonation Overview

Reported

2024-06-11 20:55

Signatures

Discordrat family

discordrat

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-11 20:55

Reported

2024-06-11 20:58

Platform

win7-20240221-en

Max time kernel

117s

Max time network

118s

Command Line

"C:\Users\Admin\AppData\Local\Temp\rblx hacks REAL\Client-built.exe"

Signatures

Discord RAT

stealer rootkit rat persistence discordrat

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2316 wrote to memory of 2868 N/A C:\Users\Admin\AppData\Local\Temp\rblx hacks REAL\Client-built.exe C:\Windows\system32\WerFault.exe
PID 2316 wrote to memory of 2868 N/A C:\Users\Admin\AppData\Local\Temp\rblx hacks REAL\Client-built.exe C:\Windows\system32\WerFault.exe
PID 2316 wrote to memory of 2868 N/A C:\Users\Admin\AppData\Local\Temp\rblx hacks REAL\Client-built.exe C:\Windows\system32\WerFault.exe

Processes

C:\Users\Admin\AppData\Local\Temp\rblx hacks REAL\Client-built.exe

"C:\Users\Admin\AppData\Local\Temp\rblx hacks REAL\Client-built.exe"

C:\Windows\system32\WerFault.exe

C:\Windows\system32\WerFault.exe -u -p 2316 -s 600

Network

N/A

Files

memory/2316-0-0x000007FEF5223000-0x000007FEF5224000-memory.dmp

memory/2316-1-0x000000013FBA0000-0x000000013FBB8000-memory.dmp

memory/2316-2-0x000007FEF5220000-0x000007FEF5C0C000-memory.dmp

memory/2316-3-0x000007FEF5223000-0x000007FEF5224000-memory.dmp

memory/2316-4-0x000007FEF5220000-0x000007FEF5C0C000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-11 20:55

Reported

2024-06-11 21:13

Platform

win10v2004-20240426-en

Max time kernel

1049s

Max time network

1015s

Command Line

"C:\Users\Admin\AppData\Local\Temp\rblx hacks REAL\Client-built.exe"

Signatures

Discord RAT

stealer rootkit rat persistence discordrat

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\rblx hacks REAL\Client-built.exe N/A
N/A N/A C:\Users\Admin\Downloads\rblx hacks REAL\Client-built.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133626129912642712" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Users\Admin\AppData\Local\Temp\rblx hacks REAL\Client-built.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A
N/A N/A C:\Program Files\7-Zip\7zFM.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1540 wrote to memory of 2932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 2932 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 692 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 1536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 1536 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1540 wrote to memory of 4992 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\rblx hacks REAL\Client-built.exe

"C:\Users\Admin\AppData\Local\Temp\rblx hacks REAL\Client-built.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff7ebaab58,0x7fff7ebaab68,0x7fff7ebaab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1788 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2244 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3128 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3160 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4428 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4576 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4612 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4692 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4896 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4628 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=1744 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3116 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3252 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4448 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x494 0x1f8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4516 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2432 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4740 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5176 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5372 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4948 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5252 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5208 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\7-Zip\7zFM.exe

"C:\Program Files\7-Zip\7zFM.exe" "C:\Users\Admin\Downloads\rblx hacks REAL.rar"

C:\Users\Admin\Downloads\rblx hacks REAL\Client-built.exe

"C:\Users\Admin\Downloads\rblx hacks REAL\Client-built.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5612 --field-trial-handle=1944,i,5228683407648101928,18130556357954108106,131072 /prefetch:2

C:\Users\Admin\Downloads\rblx hacks REAL\Client-built.exe

"C:\Users\Admin\Downloads\rblx hacks REAL\Client-built.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 gateway.discord.gg udp
US 162.159.130.234:443 gateway.discord.gg tcp
US 8.8.8.8:53 196.249.167.52.in-addr.arpa udp
US 8.8.8.8:53 234.130.159.162.in-addr.arpa udp
US 8.8.8.8:53 240.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 74.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 234.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 157.123.68.40.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
US 8.8.8.8:53 clients2.google.com udp
N/A 224.0.0.251:5353 udp
GB 142.250.187.206:443 clients2.google.com tcp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 240.197.17.2.in-addr.arpa udp
US 52.111.227.14:443 tcp
US 8.8.8.8:53 t.ly udp
US 104.22.21.234:443 t.ly tcp
US 104.22.21.234:443 t.ly tcp
US 8.8.8.8:53 234.21.22.104.in-addr.arpa udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 104.22.21.234:443 t.ly udp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 8.8.8.8:53 249.197.17.2.in-addr.arpa udp
US 8.8.8.8:53 wetransfer.com udp
CZ 65.9.95.18:443 wetransfer.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 cdn.wetransfer.com udp
CZ 65.9.95.18:443 cdn.wetransfer.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 tagging.wetransfer.com udp
US 151.101.1.229:443 cdn.jsdelivr.net tcp
CZ 65.9.95.69:443 tagging.wetransfer.com tcp
US 8.8.8.8:53 e2c79.gcp.gvt2.com udp
IN 34.0.0.42:443 e2c79.gcp.gvt2.com tcp
IN 34.0.0.42:443 e2c79.gcp.gvt2.com tcp
US 8.8.8.8:53 18.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 3.69.250.142.in-addr.arpa udp
US 8.8.8.8:53 229.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 69.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 42.0.0.34.in-addr.arpa udp
US 8.8.8.8:53 public.profitwell.com udp
CZ 65.9.95.129:443 public.profitwell.com tcp
CZ 65.9.95.18:443 cdn.wetransfer.com udp
US 8.8.8.8:53 auth-session-caching.wetransfer.net udp
IE 52.17.149.144:443 auth-session-caching.wetransfer.net tcp
US 8.8.8.8:53 beacons.gvt2.com udp
US 192.178.49.195:443 beacons.gvt2.com tcp
US 8.8.8.8:53 privacy.wetransfer.com udp
US 8.8.8.8:53 analytics.wetransfer.com udp
US 8.8.8.8:53 experiments.wetransfer.com udp
CZ 65.9.95.44:443 privacy.wetransfer.com tcp
CZ 65.9.95.42:443 analytics.wetransfer.com tcp
CZ 65.9.95.22:443 experiments.wetransfer.com tcp
US 8.8.8.8:53 129.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 144.149.17.52.in-addr.arpa udp
US 8.8.8.8:53 195.49.178.192.in-addr.arpa udp
US 8.8.8.8:53 44.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 42.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 snowplow.wetransfer.com udp
IE 52.212.115.114:443 snowplow.wetransfer.com tcp
IE 52.212.115.114:443 snowplow.wetransfer.com tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 e-10220.adzerk.net udp
US 8.8.8.8:53 help.wetransfer.com udp
US 8.8.8.8:53 wepresent.wetransfer.com udp
GB 216.58.204.66:443 googleads.g.doubleclick.net tcp
US 52.22.172.231:443 e-10220.adzerk.net tcp
US 8.8.8.8:53 22.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 114.115.212.52.in-addr.arpa udp
US 8.8.8.8:53 66.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 231.172.22.52.in-addr.arpa udp
US 8.8.8.8:53 privacy.basis.net udp
US 8.8.8.8:53 collector.brandmetrics.com udp
US 8.8.8.8:53 privacy.audienceproject.com udp
US 8.8.8.8:53 site.adform.com udp
US 8.8.8.8:53 www.adobe.com udp
US 8.8.8.8:53 www.amazon.co.uk udp
US 8.8.8.8:53 www.beeswax.com udp
US 8.8.8.8:53 www.captifytechnologies.com udp
US 8.8.8.8:53 www.celtra.com udp
US 8.8.8.8:53 www.scorecardresearch.com udp
US 8.8.8.8:53 connect.facebook.net udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 www.redditstatic.com udp
US 8.8.8.8:53 bat.bing.com udp
US 8.8.8.8:53 s.pinimg.com udp
US 8.8.8.8:53 cdn.treasuredata.com udp
US 8.8.8.8:53 js.adsrvr.org udp
US 8.8.8.8:53 c.amazon-adsystem.com udp
GB 163.70.151.21:443 connect.facebook.net tcp
US 8.8.8.8:53 nolan.wetransfer.net udp
US 151.101.1.140:443 www.redditstatic.com tcp
US 204.79.197.237:443 bat.bing.com tcp
CZ 65.9.95.80:443 cdn.treasuredata.com tcp
BE 104.90.24.194:443 s.pinimg.com tcp
CZ 65.9.98.75:443 c.amazon-adsystem.com tcp
US 8.8.8.8:53 s.amazon-adsystem.com udp
CZ 65.9.95.20:443 nolan.wetransfer.net tcp
US 8.8.8.8:53 di.rlcdn.com udp
CZ 65.9.99.119:443 js.adsrvr.org tcp
GB 216.58.204.66:443 googleads.g.doubleclick.net tcp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
US 35.244.174.68:443 di.rlcdn.com tcp
US 8.8.8.8:53 pixel-config.reddit.com udp
US 151.101.1.140:443 pixel-config.reddit.com tcp
US 8.8.8.8:53 alb.reddit.com udp
US 151.101.1.140:443 alb.reddit.com tcp
US 151.101.1.140:443 alb.reddit.com tcp
US 151.101.1.140:443 alb.reddit.com tcp
US 8.8.8.8:53 eu01.in.treasuredata.com udp
GB 163.70.151.21:443 connect.facebook.net udp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
US 52.46.155.104:443 s.amazon-adsystem.com tcp
BE 104.90.24.194:443 s.pinimg.com udp
US 8.8.8.8:53 insight.adsrvr.org udp
DE 3.120.64.214:443 eu01.in.treasuredata.com tcp
DE 3.120.64.214:443 eu01.in.treasuredata.com tcp
US 8.8.8.8:53 www.facebook.com udp
US 52.223.40.198:443 insight.adsrvr.org tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
GB 163.70.147.35:443 www.facebook.com tcp
US 8.8.8.8:53 w3-reporting-nel.reddit.com udp
US 8.8.8.8:53 ekstrom.wetransfer.net udp
DE 3.120.64.214:443 eu01.in.treasuredata.com tcp
IE 18.200.145.30:443 ekstrom.wetransfer.net tcp
US 8.8.8.8:53 ct.pinterest.com udp
US 8.8.8.8:53 match.adsrvr.org udp
US 151.101.0.84:443 ct.pinterest.com tcp
US 151.101.0.84:443 ct.pinterest.com tcp
US 151.101.0.84:443 ct.pinterest.com tcp
US 8.8.8.8:53 ib.adnxs.com udp
US 8.8.8.8:53 cm.g.doubleclick.net udp
US 8.8.8.8:53 dsum-sec.casalemedia.com udp
US 151.101.0.84:443 ct.pinterest.com tcp
NL 185.89.210.180:443 ib.adnxs.com tcp
NL 185.89.210.180:443 ib.adnxs.com tcp
US 172.64.151.101:443 dsum-sec.casalemedia.com tcp
US 172.64.151.101:443 dsum-sec.casalemedia.com tcp
US 8.8.8.8:53 21.151.70.163.in-addr.arpa udp
US 8.8.8.8:53 140.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 194.24.90.104.in-addr.arpa udp
US 8.8.8.8:53 80.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 20.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 75.98.9.65.in-addr.arpa udp
US 8.8.8.8:53 119.99.9.65.in-addr.arpa udp
US 8.8.8.8:53 104.155.46.52.in-addr.arpa udp
US 8.8.8.8:53 68.174.244.35.in-addr.arpa udp
US 8.8.8.8:53 198.40.223.52.in-addr.arpa udp
US 8.8.8.8:53 214.64.120.3.in-addr.arpa udp
US 8.8.8.8:53 35.147.70.163.in-addr.arpa udp
US 8.8.8.8:53 30.145.200.18.in-addr.arpa udp
US 151.101.0.84:443 ct.pinterest.com udp
US 8.8.8.8:53 safety.wetransfer.com udp
US 172.64.151.101:443 dsum-sec.casalemedia.com udp
US 8.8.8.8:53 cdn.brandmetrics.com udp
US 8.8.8.8:53 lebowski.wetransfer.com udp
IE 52.209.0.135:443 lebowski.wetransfer.com tcp
US 104.26.1.90:443 cdn.brandmetrics.com tcp
IE 20.107.224.50:443 collector.brandmetrics.com tcp
IE 52.209.0.135:443 lebowski.wetransfer.com tcp
US 8.8.8.8:53 84.0.101.151.in-addr.arpa udp
US 8.8.8.8:53 180.210.89.185.in-addr.arpa udp
US 8.8.8.8:53 101.151.64.172.in-addr.arpa udp
US 8.8.8.8:53 90.1.26.104.in-addr.arpa udp
US 8.8.8.8:53 135.0.209.52.in-addr.arpa udp
CZ 65.9.95.20:443 nolan.wetransfer.net tcp
GB 163.70.147.35:443 www.facebook.com udp
US 8.8.8.8:53 www.datadoghq-browser-agent.com udp
CZ 65.9.97.166:443 www.datadoghq-browser-agent.com tcp
US 8.8.8.8:53 download.wetransfer.com udp
CZ 65.9.95.98:443 download.wetransfer.com tcp
CZ 65.9.95.98:443 download.wetransfer.com tcp
US 8.8.8.8:53 backgrounds.wetransfer.net udp
US 8.8.8.8:53 50.224.107.20.in-addr.arpa udp
US 8.8.8.8:53 166.97.9.65.in-addr.arpa udp
US 8.8.8.8:53 98.95.9.65.in-addr.arpa udp
CZ 65.9.95.95:443 backgrounds.wetransfer.net tcp
US 8.8.8.8:53 prod-cdn.wetransfer.net udp
CZ 65.9.95.33:443 prod-cdn.wetransfer.net tcp
US 8.8.8.8:53 33.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 95.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 z.moatads.com udp
US 8.8.8.8:53 pixel.adsafeprotected.com udp
US 8.8.8.8:53 cdn.lamp.avct.cloud udp
US 8.8.8.8:53 donny.wetransfer.com udp
US 23.53.113.212:443 z.moatads.com tcp
IE 52.211.97.236:443 pixel.adsafeprotected.com tcp
CZ 65.9.95.10:443 cdn.lamp.avct.cloud tcp
IE 52.209.0.135:443 donny.wetransfer.com tcp
US 8.8.8.8:53 measure.lamp.avct.cloud udp
US 8.8.8.8:53 static.adsafeprotected.com udp
IE 52.209.29.169:443 measure.lamp.avct.cloud tcp
CZ 65.9.95.74:443 static.adsafeprotected.com tcp
US 8.8.8.8:53 px.moatads.com udp
US 8.8.8.8:53 236.97.211.52.in-addr.arpa udp
US 8.8.8.8:53 212.113.53.23.in-addr.arpa udp
US 8.8.8.8:53 10.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 169.29.209.52.in-addr.arpa udp
US 8.8.8.8:53 74.95.9.65.in-addr.arpa udp
US 8.8.8.8:53 dt.adsafeprotected.com udp
US 3.93.206.215:443 dt.adsafeprotected.com tcp
US 3.93.206.215:443 dt.adsafeprotected.com tcp
US 3.93.206.215:443 dt.adsafeprotected.com tcp
US 3.93.206.215:443 dt.adsafeprotected.com tcp
US 8.8.8.8:53 215.206.93.3.in-addr.arpa udp
US 8.8.8.8:53 168.117.168.52.in-addr.arpa udp
US 162.159.130.234:443 gateway.discord.gg tcp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 wetransfer.com udp
US 8.8.8.8:53 e2c76.gcp.gvt2.com udp
SA 34.1.52.129:443 e2c76.gcp.gvt2.com tcp
US 162.159.130.234:443 gateway.discord.gg tcp
US 8.8.8.8:53 129.52.1.34.in-addr.arpa udp
US 192.178.49.195:443 beacons.gvt2.com udp
US 8.8.8.8:53 pixel.adsafeprotected.com udp
IE 34.255.96.248:443 pixel.adsafeprotected.com tcp
US 8.8.8.8:53 dt.adsafeprotected.com udp
US 44.213.157.148:443 dt.adsafeprotected.com tcp
US 44.213.157.148:443 dt.adsafeprotected.com tcp
US 44.213.157.148:443 dt.adsafeprotected.com tcp
US 8.8.8.8:53 148.157.213.44.in-addr.arpa udp
US 8.8.8.8:53 248.96.255.34.in-addr.arpa udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 wetransfer.com udp
CZ 65.9.95.37:443 wetransfer.com udp
US 8.8.8.8:53 37.95.9.65.in-addr.arpa udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com udp
GB 142.250.187.206:443 clients2.google.com udp
US 8.8.8.8:53 wetransfer.com udp
US 8.8.8.8:53 beacons2.gvt2.com udp
IN 172.217.27.195:443 beacons2.gvt2.com tcp
IN 172.217.27.195:443 beacons2.gvt2.com tcp
US 8.8.8.8:53 195.27.217.172.in-addr.arpa udp
IN 172.217.27.195:443 beacons2.gvt2.com udp
US 8.8.8.8:53 beacons.gvt2.com udp
US 192.178.49.195:443 beacons.gvt2.com udp
US 8.8.8.8:53 collector.brandmetrics.com udp
IE 20.107.224.50:443 collector.brandmetrics.com tcp
US 8.8.8.8:53 px.moatads.com udp
US 8.8.8.8:53 measure.lamp.avct.cloud udp
IE 52.212.16.196:443 measure.lamp.avct.cloud tcp
US 23.53.113.212:443 px.moatads.com tcp
US 8.8.8.8:53 wetransfer.com udp
US 8.8.8.8:53 196.16.212.52.in-addr.arpa udp
US 8.8.8.8:53 lebowski.wetransfer.com udp
IE 54.195.10.151:443 lebowski.wetransfer.com tcp
IE 54.195.10.151:443 lebowski.wetransfer.com tcp
IE 54.195.10.151:443 lebowski.wetransfer.com tcp
US 8.8.8.8:53 measure.lamp.avct.cloud udp
US 8.8.8.8:53 wetransfer.com udp
IE 52.209.29.169:443 measure.lamp.avct.cloud tcp
US 8.8.8.8:53 151.10.195.54.in-addr.arpa udp
US 8.8.8.8:53 donny.wetransfer.com udp
US 8.8.8.8:53 snowplow.wetransfer.com udp
IE 52.209.0.135:443 donny.wetransfer.com tcp
IE 54.195.71.165:443 snowplow.wetransfer.com tcp
US 8.8.8.8:53 165.71.195.54.in-addr.arpa udp
US 8.8.8.8:53 lebowski.wetransfer.com udp
IE 52.209.0.135:443 lebowski.wetransfer.com tcp
IE 52.209.0.135:443 lebowski.wetransfer.com tcp
US 8.8.8.8:53 measure.lamp.avct.cloud udp
US 8.8.8.8:53 collector.brandmetrics.com udp
US 8.8.8.8:53 wetransfer.com udp
IE 52.212.16.196:443 measure.lamp.avct.cloud tcp
IE 20.107.224.50:443 collector.brandmetrics.com tcp
US 8.8.8.8:53 donny.wetransfer.com udp
US 8.8.8.8:53 secure.insightexpressai.com udp
US 8.8.8.8:53 snowplow.wetransfer.com udp
IE 52.209.0.135:443 donny.wetransfer.com tcp
IE 54.195.71.165:443 snowplow.wetransfer.com tcp
US 23.53.113.23:443 secure.insightexpressai.com tcp
IE 54.195.71.165:443 snowplow.wetransfer.com tcp
US 8.8.8.8:53 23.113.53.23.in-addr.arpa udp

Files

memory/3140-1-0x00007FFF846E3000-0x00007FFF846E5000-memory.dmp

memory/3140-0-0x0000023D2E210000-0x0000023D2E228000-memory.dmp

memory/3140-2-0x0000023D48890000-0x0000023D48A52000-memory.dmp

memory/3140-3-0x00007FFF846E0000-0x00007FFF851A1000-memory.dmp

memory/3140-4-0x0000023D49090000-0x0000023D495B8000-memory.dmp

memory/3140-5-0x00007FFF846E0000-0x00007FFF851A1000-memory.dmp

\??\pipe\crashpad_1540_XIETXFEPGFISJDSS

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d40256c36b98309e10a6ae83b8802580
SHA1 143af689ed499e7c8478920624c5d3fe3314cb5d
SHA256 af67c1fdeaf94642a9f994704c93acc6f936fe5e667a6a035e8874b09439eeb3
SHA512 664d502550b4708e53d5a9f6def521323a7324d6869ee41371d08039069007a1cdd6519f5d31c1a01d856d1cd350dd86edde4238173b2d27542a88fe69f13bc2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6b9eb39d0fd6e42e682bea16185efb11
SHA1 bd300e1d2c19ed7aca914e5f80fac71a32c8cd5a
SHA256 770b4513bea47d276f9883d4e754e68f21e1147cbe5de128bd4314416b284468
SHA512 7d9a3a3540c372f6e932e3d4cdb950fe8425d1d34e10697de04ca4a10a70bea17e12b6e8f0a8a396ff3decffffba4105dcb6f0bde03903bbe729fb18aa8d49d0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1b646c04447edc46a4a948524309cf87
SHA1 e979a8c8ee592f6204a510d2a52730acc742e6c8
SHA256 93e2973c4edd9bd8a330c82056b7a6f6cdd86c02040dbba527a6d804b8085311
SHA512 34e9959cf485487aec91129b1579b173193417a92ea9f6929ca7464bbe2ae5870378435ab393f344586901e3f062ad0eb29088006e9771ffc44452bee9118a07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 944b3a28243de3f38d9d239768b2c3bf
SHA1 2be72b9fff504edf5a95f7dcd5c6cbb9fd1ce08f
SHA256 10644c335619425793ff8b30890e31a201ee418671a254d64cb0ad59544570c6
SHA512 619f7f002f9cd88e8f71403f98b010a7684c9fe54c952a84e83c6255c3bc5e774d843e2aee692de7704c62df71d2ace85e5eb21a6037acbdbe22a8a18f0a8ba0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5dadba19aada81bf940e47f0df0f6bd9
SHA1 041af6835e953c1981c833de4a3e73db747ad5da
SHA256 c3eb63730192807dd4f5b2ad3d70336892fdaa4e26ae3910baec1fb8b9db7828
SHA512 0f7ea28d8cf71debe60049b8c1eea0548b18a2ed005e4b0341782ed26de0a80514d77524997aa64f4267f903842e01f9352b1675c1717fe0bd68ea51228fa5ac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8a141c580ce80a6e856f0d68fee91da1
SHA1 dee5468c5ca33bd4a21c3420b3788bb66cedad35
SHA256 2ffc66bb3dde456f4c48f1bec46ad31e9d6ec07b09ea1b8d01bb5ce3570b03ee
SHA512 0b7cc778ed57b761480a13c579cacfdf8588563353d88a5663b04cb1093e3faffc6f3154c94ee9d54747cbb539a157c7ac1c8a3371b75b8e4456f323692785fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 93c794099cfb3258a498502822e3f8a8
SHA1 624de31411b9a3afc5eac43d638b197f29a142cc
SHA256 b8d21e74648901520a7a94ac17c8279037474c0bc48ae6e487d4042c8c66e4a0
SHA512 048f639cef734196fd5e29dd33a0e80fb528689d5f2812948e631685dad50624f6bdaf3239d6ac1b7bab132c4b8cb6d1b8bc6acbcf60ad4234d8da63f481eb56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58d5aa.TMP

MD5 dd1247137da790af6303c65d05dbdd99
SHA1 d1b526e4e22f46d94f0d705eb92f283b4eeb3af2
SHA256 2049493d71c012aa1dbe66e6597f1adaa80f7f05e9f6bb6dc0351be098d91f9a
SHA512 7d6d5d3a120767656ffe9facf46dcac9d2192016a414c2f7fa566535618f7722b7667489b8c28c87258c2dab2f9b855592b9e6c90ac6e0d18ed880c57f5afd9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 547d495cb63473e1593097dee72006a9
SHA1 f42854a67f3e330ae2697b8b517a4564972fe1fd
SHA256 9209c007aadb9adb656a8b46f938f2be9b20279072ea8551f6d489e9a42898b3
SHA512 fd2d08c3d740032d964b1ca3ff1ad2672f0666521f86e785dffaa2eb3b4e31ceae92f7fed5006f040cd498ccc8a6ca57cdc9ad70e2af5dd125ba39decd47ca76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 14642f0113e9f0a45e5e11440858414c
SHA1 4f5cdea65594a35d576a2e14d5296089b7e702ae
SHA256 1d362818628bf86993b9d98dfb056c6c323cf86ba123599ea0eb5925e4d3f71c
SHA512 a2f6584ad2fb06ed3c2afc687c1ef5255d2e4254eaa9b911d2835d112f55ad1efdd06dc423bab0bcfce631c54c6847d1847b03327716c27952d642aec85a34f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1d3532b125b79a2562b2a5c77c1554bb
SHA1 63dd6a4dba03151683d167fccda363149bf5e1a0
SHA256 54614da88aa7420754ca3ddb91c347345e40a55e6df96340dcd7c1b8bba17663
SHA512 c49fe6892bfd689eae69fc4fe288d730f057242077b50d9dc636f0584db6c7165ae2350fd264b7174de021eaba345f359aadf198dd2241bb85c06be030093685

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000036

MD5 152d16d8b407d22e5596bd29e3198de1
SHA1 a989c5d50ccbe0346c55feba6b00e8096c7920c5
SHA256 5da70f597eb6d86c559bf3aab9ee262f6036853bb869be2b0ad447555e425358
SHA512 464be1e04024e86d40098119b41d01bdf51d126e6e8baab1b0817eac136007755af37816133b728b57013bbae2393c4d472b3491f37d1e5a3d65babc63e9695c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

MD5 c002fe07e975bca1075e2e2e719be6a8
SHA1 f17cf36cca17a882be579ffbcaf84adddac72b8d
SHA256 3ecd142663d05d0680e339434c6cf43e433d621ae08de71b935b8a37eb2af9b1
SHA512 3e1d6833d9bee0bcd1cda6c783cd16c3f765f8544732d07b819c575672719f42ee7158018841309d3e69339a0fc8fc8fb89b7407ff6e2df5afe93b79a4f01172

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f

MD5 52d6460dbee7386b959b00b5379d3b1c
SHA1 db04c82b78e091992fd9c63df04db0ebfae58861
SHA256 8c074e1831cbcb5584c33102c41173082d2c5f4c82996f0b0a2c34a3e417a9fb
SHA512 a8402c66b07832f1061d4a89e834d120104be6c7c214e2e4e22c1df97d40af69abea40bc764876357f6d1eed250772fd0da2a1a76691f0a1299e1241bf50df0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000033

MD5 9ae419d3b49e77268db3c6dbdd3b4e6e
SHA1 962e65b9cea0b861f757c31abb69041a71189ea0
SHA256 613c186724489bb8c17d952b3a7bc6dab468f5e5236ecbb4f50e986c7b042b6d
SHA512 4bd96e2ff3ef9cc9c1d1c7291fb7f9c9b6a3160a4f3ec948af910b4eea1c1086026a40ed5eec3fcc6a32ea0dff362410050a82cb0db5c696b5cf5aa25f1dba9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032

MD5 d1d1e79c21c57ecf62d4ac32654bed13
SHA1 4bf44c674e45674d3371aae17f132eadd689792a
SHA256 d35280d680e8ef67af60e20c309cc54cf9cc1483e3f947257eff6f2d53e760c3
SHA512 59bbab76d69f6b84d19c8d6ee08e29b847edabcdecc4d295c7d7964bc730b0d690f1e3d4e4a292eea39b8491bafa06d4d5db737397cb34057de60592334e1816

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 77ec21480b2134b12f93223758568e14
SHA1 cce4465bc55a979b122bd659261f932709c8f3d3
SHA256 f757a7ef957210d41d3c72801a901dbca68dade2f8b0761e9634827edf62547a
SHA512 3831d3d918491d2ee570f2e2e5c0e8d9a8ae797f33904df17557f392dcef316eaba512f12d875823d6f403bef73761e44a7ac5cdebbf67d45555b3687b27059e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 d156925d9462ce6239ef25d005798b55
SHA1 89102b4c8c74a1cd2a5ff80ed0efefcc151b16cb
SHA256 0e98bcbc09e19ba20dd34cc2758c8e0178169d2ed2b1828ecc5b8f269832b98a
SHA512 b6aa33e8023fb9bc8edc702bfb71aeefeb19a066d9187903136129c978ff3fbb8c5b4881eec73e5ebc7347336a79015e229f23e196c769bcf8d684fefc987632

C:\Users\Admin\Downloads\rblx hacks REAL.rar

MD5 0e9547daeef407dc9fd2be7976d60f8a
SHA1 e5dc59ef908599cbdfaf160d0c852cfd412afb92
SHA256 be449362ee5003c6a1b6f73a7d3ef1b2d5b67c9eb57e317ab672df32fa8cf366
SHA512 fcd410b6b7d8871a768736fbc8d9af9057a4273ccb0a015663002fb16efb6a853b2f0c36f3c2207b7b3efa623181ddad6de89f9e7a64a1ecedde53216fac67d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dbb33a33f9eadabce641629a422480c8
SHA1 1f3f25172570b3d23c61ca255c9741474f6001f7
SHA256 53f3d2aced9cb082943729508d7e59649ae181d1a0017e3a0a3232aef76199a4
SHA512 586a66990647f6bc4ba8726f83743e78f7494de44336fb11bcf0289636be4caba6404919a08efa91244527c7b5f84db1f09275b88e9422613bb3debe793bc32e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 026d0a71676cff6f9f70a9271c5458b1
SHA1 62e6bdf6a4a03f03d6a31cfcbb40e139279353f3
SHA256 0ca4a3e30450b7ae9530fce68359c7ed39384900a4404759276b0acf2c0f4193
SHA512 adf1beb6882ad75c00a8b53f0af25b20fc093d5b9c97a14b72fdb89f8ec261c8b1f9f0c3e88a1746ab73418822e4da7210ac22d5a144cc99a8f26e1e8e9e0fd2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 1f871dcd8b633c3661f3b91c6af888f8
SHA1 1585b13e9b606dad252b526a16ee0bbcde502f63
SHA256 0fc2f8e1003d4895603fc521535fb21a9fb1e3c48de06e19b2e66d5ecc4adb82
SHA512 396c228bdd9eaf2b743591bd5c23c5783b784cedc3fa653802f113caa79cf15552bd59a636bc07aeb4036165e91199374bf63cd28d7177bb043f1b95353e69a4

C:\Users\Admin\Downloads\rblx hacks REAL\Client-built.exe

MD5 456bf5de813e40ca39898ca6ba16b1d7
SHA1 4b668377e4f81802f5a975739a2799d140e04d55
SHA256 9ea8612ee8a4e2599a73e99cee7afd8be19faedd655ff2f54b1f06e486021135
SHA512 7f3747235a0f48c774ad084207f43201dfdac9bc3bfd340f645cd7c13b61a853e01227756d1f9f154f5f541914c316b86fcbe1ab9a130aee117f17daab9b3191

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f5e6da90471e3c0bedae9e31a45f6cb8
SHA1 94ae03a2b914624821c5d11d397f10a90c5a33e1
SHA256 2fb8d8203d192563acf4ad15370f943feca1b70ed671ea803c8a2716e8a42362
SHA512 19891a45f9992d7f0fbcff79e9b34d8b3b965850f486762e2d5a5dd0901c371dff47e77bedaa6c3b3ff7bbd7a1786841260d58ce1d4bed85e6c06be4f9662a27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 97b4e3b4c097a4d7d53065465287e999
SHA1 5eab66ef06022333523167e70e5ee8c1cfb5e379
SHA256 da14ed1c8bd93d94ddc50aa624ca6652544eff80809ef71361ca8c225ea89adf
SHA512 1f7baf019891675cc8b43b20fe9ef50b758ec867330a51fdd47b95eae7f56882a585ab9aca8d91783d00df985ac710c0f9a315dedcb8c1c1faf4ab40d7dab6b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c364ca7ab3ef6331386c0ab95d621979
SHA1 b48823c3696087f8d88d132f08a83d7264f0467f
SHA256 22a10e4d10b4e5baeb755dd46c11487d807dc9e09e06ee7094fd4275e14b5e0d
SHA512 5e69389c2052c42da4f48a90b193e4b04587a7103a82670f67a03bdf2a5dcf80a8d7b8d553dfecee418c85372c3e78ab5e4976b1d0013175aa4765fb0b7f65f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d1877cfcd85b3cf1a21ae0bfe327a51f
SHA1 ae0dbf792f032f8b8d95c08e3b0955a7069e3fd1
SHA256 e7b0565d61760d6650e6cc9146fb59201cdae6021c06884e17b06dba97750820
SHA512 fb4af61f96018549ba0fb6e182fb9935468f4dd76d64597c80a5ce6c4f6f8bd6f1558c3acf3aff374690b2007480a7e0e921682b410a8440413fd4c70067d94b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2a62f51a3c456f8262887b5582f11b09
SHA1 5e913b405ded3f699f5dd0382ac65e785e342150
SHA256 9b138a0828bfc58bada87372aa6b356d20eafab84d54477661a0a8b157e1687e
SHA512 be76ac40bac8d6b299c924679011e4a1076d4d5a401a95d3e332f6011e05665230640b7380a81d34c8c918be4a12f0c9f05823352aa8e34c360dcc4d8b7d0a1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 b6809af9374a5ea940ea6d03fc299ea0
SHA1 a9a96e4b9cb7d0f81fdd43971e0d9e579545999a
SHA256 bd1ec2b43d02ad01dfc536a9f0ce9000d2ea155465dc9bc81ce8440c87f0197e
SHA512 0d298e59f3f1e0b927c1dc624a5c02afbaa32e01948e9f9b9741ef1a7fd7963a2863bb01b3bf5a1957758ad73d3ac5cfa42ed486ac8a9db4afca6b2ccd2a55fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6e8c577f7aa52b538c4dded9164fdfae
SHA1 7d724b00572f74d187df47f4ceb6f773e1bee904
SHA256 375f7ff14eb2a3e07eecbf757cd87b2ee82a148378754e81e8b7ecc745620d19
SHA512 f5d892ed085c283c150e224c6e0567aa3140930172efb32700c074f983682cd43e370a0123385b2bcf0fad503321bdc1ab3630b65ffc9cf72819139b43a9ea97

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 becb5865c2ddca0f5f9ed4916d890545
SHA1 edf72cc8e261ce68f77021f42cdc025c50cf181a
SHA256 f0a28ef2918b5bd818aa5b4a792c9c7f2cc4ce28447059f3e4faac8aadc34ca9
SHA512 92ebe40e92d815632cf58709e04f9f25622f36f1cd9abc954ee01310afa2989d13612c3e30e7521b76c3c28ae941f743f7cf66d1925cebff92831fc6029d01bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c512b441b935c46d4281af425742c566
SHA1 2cb4cc66e77797fbed7a3f0c272ce2980886336a
SHA256 31697617916350f336f1531a57cbedd1421093eda2745cb8eedafc687b0b6ed2
SHA512 809ff7948b18875b2ce17898d59b0d7889eb1fa669e56223c46c8547ee6ad7fa5c955926bef2fcb3aa3ac9081c455b399e8da463745d2535d065825de386cf1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037

MD5 ff5f6eb22cad5bfbac357077bc963f07
SHA1 7926b4fc2d292ec4e007bfbfb08b6a1ca93cbdd3
SHA256 aeb909116881e83f54f709a0cdd20f8e70c9d035b76e1e65ffa6f80d739fc523
SHA512 f10efd05b45ef5baca758c2de80c31853b25268264dfddbb0f513d33cb96c91886be7abcf343fbb347318d7df5d437d538821e4bf0ce8d165c9fa7f15840b1a7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_backgrounds.wetransfer.net_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eb51e57b13ad0ce2834182212a270eff
SHA1 9682de66ffa098379428b0d19520657955a89f16
SHA256 9b8666343d6ced29c6169139354043bf1672ae1182e3b84aa800fc69a70cb824
SHA512 10b41cf206a02e1c108e9be2ba8f5bbfe398102ce768d869ba6a272017f947c15400a2e5c7d7b7f6526bfafba47887097f7e08cad288c05ec8a676dd6ee338be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d1b14952e711af6f87c456434ac7f2c8
SHA1 60b9b30a20bdb179040ded47479345935c740d97
SHA256 3daee42ebc4d4c4fb6815cfab75605de05744634882be6fbe5667bbaf4482140
SHA512 80c1b1ce4026ee12e4041a14b61bf304710e3945fb9179c1cd3a2696b6a847c90fcdc92f51ebe529d51d8c09323861f3e03d5365bed2ea57a65a496bec1cabb9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c5d06c15f20416d7eb916d371e2284e5
SHA1 67829934712a49023fa1bf0727986d5ec07efee9
SHA256 0f2c4bd9251894a33117e01c160995ffc6eb91752a4110bdf4dfeb759a3e58d9
SHA512 f48cc0c533c65e77a87e94a2c4dd6d91c5924af17a075b1cd10e795c6af9675dfbe3b9016ed22a0c62c7c304d2aa537da170914ad592f03a31b389d531a63c8a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 fea465b3c7af5e91bf8d39c2e28461c0
SHA1 469125478dd4eb1f4c66bb3552f72356ec53fed9
SHA256 4c628000f2233ec20a22a333ef7cb7b386a9fcb77a4b490de96c8066ad2e3e0a
SHA512 8751f21d23ad6c67e3f8e82c6e9851b261a2dcb1fe638b0092b32258123a80ee4da008461f08719c404e3a921f209c26fe47d3cbd82692e0698ff139cc5b6ec0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 11a5d6d20c96e4080c583ac2a705a9a6
SHA1 8df960c4b9d5177a26ba5097973f7faeafdedf8b
SHA256 b0804ea87dce3b3c881e2a3a31d8c3f9596aaf8152fbf385d69dda34a8b7e180
SHA512 563918f045202652cae61ba728c7fd661b42e763476a4064c04a3e5c3a57e408d2a37ee948ff6f176586c2b1d282e37e8cecd17341b2e1f858cabb5b4507832e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\79d71aea01fdd91c_0

MD5 d850018ff4248b4d1b2529fdd6b7f948
SHA1 2d6ea20722540f046f5ddb1f844b349f12d7fa8c
SHA256 231422c06972018194058188cd87ad14eaf9e1a6628a2e02d92eeab575218769
SHA512 85aa3837052a5a76e1fe7435c295db762c272029c978610fa4bd1cd4e5a634b6d885a7c1e0e132b6cbb770ef5ccf80f778b28dbee9124dfbdb551535d367a037

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b2b72c6660afe643_0

MD5 51ba389da85e0ea2ef36318274e087af
SHA1 35fac972c33296600dfd77ade1bdf172671e1a2f
SHA256 25582c420ead75baf03a3f8b8850cdb91ce19c2966657d8764e8eebf451d39e1
SHA512 a4d7e9e77fc273f27c30fa45588f72d15517f46fab85456f6bb8c570c488d0cc0305453f006cb40d7fd598832a8ab2a22752b325883b0fb31b7574f774a05f93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 350ade9c7fd8113d295d331e87bab075
SHA1 a748ab15710c744e45a2bda1d26b4b55c8d96969
SHA256 8d72435add0df3eba564d2b88b7982e0ed0e33f9621b0aabeaaaabd9feab8eb6
SHA512 24badc508e7209c023880adcf7ce87efff119feac6fea8ab909f303f0371f330468fbc30ecc3d28ddb229e335c4130d9aecda40e031c620af2b15e6602fd0768

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 932f9324ac15855832f59c008c964dac
SHA1 19d523482392169ac0a08862e2b22671a789a2a8
SHA256 55d4a3a6c23893d3fca9d9f9f348836a47c6ba749b862514c2969ac9686d94e9
SHA512 c81a4e22f3e90e2aafd5c8a52f6da8fa43059c7d5c2cbf8b89afeca282ec0697e5cddc1e1bbbf639c67520ffcde58c5cb2c7e7ee2828ee98386f95eb4051b459

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3fdd7c96c02a0fcbfbafcd72a5a852dc
SHA1 a863a9aa8b2b6d0b3cd49c17e201e9fe51c3e9c7
SHA256 6b194be195ade8dfccce2c5ae8373e98ee802891961eee65744c0af22026ae42
SHA512 aa9d129abb764eb126efae1b47dc933920cf23e590dfed0fb503c820f2f674a8878355aa153b48fb113c5c7a9d61074634f18a80b1a532b2815ce0b263b76215

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4c946f599b554097562af1c1cb1b5866
SHA1 6bb73a7a70dbda3da7ba4307638003d47fcee1f9
SHA256 b978aae49affdb5d26fafeeffa741bf148e948c90c84782b79c571d138c69f06
SHA512 0c8991df3ba888a0e9b482191e50c0a750044279ff217f927ddd0a9249a9fffcaaecd1a2a91250d4d0d7bc64116cbba9d2cfd98ba25ab39018f86228205d1182

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 aeddb0ab5a048670dbd4b2011bec9d3b
SHA1 5c33c420d1f7e0d9ecdef152cdb8e73ef4a84c13
SHA256 50a2d363db59115d04e412129538304676a368b27d797a95f3f6dcb50817a283
SHA512 4469d03caaaf3b1e6085c1675208c24baa394a2e38e1b2edfea61a410a75cde3eb591718986d3f5e6d7ec4b5c2c7a14bb6ce66c25ce7b41795ded841bb392a2d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 450ef175d00e52a2bfb41211ac23f46d
SHA1 cf9bb8200f8e7191a1bd7091705d715b95662a4a
SHA256 a347e802a83264f1e81ca8d3904c433c3c24279407dd36aabb660f674e2d5bc2
SHA512 0565b1ae8a841ce7c28e2003148f89892ef8e9726aeccc92fde5936b6e2ccbe963a292f77a33fef98ff0e8aeca5bd32e0390d317e0dfb0559c653b55bce8575d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3b989eb471d6f2ebe5819a9fd1e0bb20
SHA1 a75ba9f93049db0034e0d7157c26308aeef1c46a
SHA256 50d7fd9745078922727cd60d84d4d01fbd671e00c6830e14389a6648141a8dad
SHA512 aede72f1754f052a689b8cc3e151883e4fe14684b20b6fb3f0a8956c300b47466e82b0ef8530458dbbffe44c5e3ec41ff28b50791c9ce802188eec1bb6adbadc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 55574d271574e69b37275375ff210322
SHA1 41ccf1f555d5d2ee0beba6d2850f336b9a676988
SHA256 aeb851abd8cad6fd73530c5c42aeec0560c0d3607d85563cef71e121dd1f4c31
SHA512 293ad3def39e05c53625b93290da971b8afb57775d7f3a493d6e29c7a302b298e92035d346dea427f38b046fb7f94c5b76e71acb5501b2948abfff07fcfd3587

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5e8c7dacdff893a13c17ff5a118cd304
SHA1 b99e155938b568deee8dac2d3b620ee8e529e54f
SHA256 72ab994dbb47d2cd1ffcf36545bfca32a929ebd4ffcad0bcfd713321dbf3e920
SHA512 70ef3d95aa5368831d1a7e78b219b367075c592c0c31ce3bab53b59aa656559d20daa9dc1db09936f761e76242460cc45bee86cae1e872991efc92c85b910263

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 04ac79e72b621e3ba68555e6bb390ae2
SHA1 a67a1f8f5d0b41a9aba4f96c7856c8d965ec7e5d
SHA256 8eefa0df1525bfff6028bbba393dbadb2ab76db03c30f96e9b28abd4c7113029
SHA512 9a0df69a2ed6241a1f9391e322840e05b7cf598a0895f342ff2fabaad2e81cfbba9c8d94407bdafd98a6f888d95274da87e5e1bf9a00a15801807a50445e8467

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9e5fa034d7816b7cf0884b9f6352aca7
SHA1 6a19b949154c52717a7ffb42a5ae174f04556826
SHA256 88c190532a8456a0f40b9ba8ce7d65ebbf3bf222c54d53388a34aedf2e4e1151
SHA512 5238e8704108c5d4a07cc682d345e29d3092ae94ecc022f7c1633b51cb3bc25ff3f3dbf0ce35433ecf7a898173d1f1dc14eb7d4965ce0b51a655895cb4458d75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003a

MD5 01a5168b5249b9c6518157300322042d
SHA1 d9fe3183d341c4ed8f18da0a49bac0f5e76e5f62
SHA256 c2548e614f50f86610238b5729d27b36e49fcd7a832c9ff5493b8a770c44d3b8
SHA512 cdfb3c535257f8ed5d13dd16512a4e9100013674a08f862541c23e09da421da454fec130a003cc91166d6cd366236de5dc8e85100334b21b3c657e0ce60c75fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003c

MD5 2b9904c87bd1421b5c77fd11789136b8
SHA1 2f8d760400dbc6f6f74437845588043d29dfb9ed
SHA256 6cf8c52d1b441fbe906c461859ae7c7665776051e31e6d3ba8e34928af4aa1b2
SHA512 c09904b15997daf5d0fe777953b696de45535ba18883a3082c943a068a12b364851d7fae2313041398e75d63e7cfe204829724b836b6866f1dd13cfa9460ee64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b

MD5 0132f66c516a8c23cca529d8b04274ba
SHA1 a46d7692220dc33589ef858f9a78af9f08395aac
SHA256 a98b3d62983722353251784532ef19195cb57d74270a7e5b5521a8f093ba1f14
SHA512 2b09906305a45a4c45a6585394d3e7ead2bae2a2e3b36cef8efefa05dbcffaff753c53b0b82aac2b7009b0c08a3f0dfdaf715e90a3a4d35788f70fee8f05691c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003d

MD5 c21837f7e385a8489a517f9f36160c41
SHA1 85990e5ddb1144f8d7090acd8516dfccbf0381d9
SHA256 4c19fa371cb9d5cff7d84b5ce25e96740e5c9c37bcf59a3c3099b51b99827ed6
SHA512 d1a67d34d375b2e2f90ffdf65d1e5aac235927a21ced3003dd2ecc2d046525149c7bf6f96f12c43f53b554e8df093ba1ebcc1091e31f2620f751f755892a79e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d3eb8fba256e5cbd_0

MD5 3799d8338470270ee9363fe3c9f6edd6
SHA1 5ca60c2564b6b5f1f05f9a97bb45a35dc4a9c45d
SHA256 7e74a0666936ae244fb691a33a20870ea1954e7b75955d0ba46b53ae9314ec76
SHA512 5667ef886053437b61add744e3f33e82407937f014504dbd3e45a3224f780eecaaee600a99ddb2ecc8ade4fd320d496957dfe1a7523c576556416dd05480b9d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9ae01db7bdde946e_0

MD5 fbb345dd473e2d73d7714f6a85ef0124
SHA1 23cabf8501a71c1bc991f25053ba0e9fff5fd240
SHA256 d658373e5586b0244d0a8db93219ab6e1a68d9f189f108a6b892c36e2feab993
SHA512 64bcc9152a97ab4b9bad39281b3df7bc84d3f2139ebbae1d4e5a4ce8e5f0bece08a471629ed234867494037ebb18e1a4b7024e35f09f3012dbec07bea19f04cc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 992f3827bde526742e3ec652781d7863
SHA1 8549c5336712092aad43a1d657ec9192211ad632
SHA256 3159f381ee9c7b14a7d6f8f1d98bc2d964226e362d571149f2e44870562e9940
SHA512 1a5318dbb6d41853b6656b14365161beaed3a88742cf55d5ef53d060b684da2d3ae2cc24471a6f54f2276179b9827d075acf478a18e726bda8167af44e761423

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 374640e2cc9770dad72c78bc169aa580
SHA1 a7592c02d6b7c36b45f0f2e5da76691525cc53a7
SHA256 04da161dd1a47693ee761ffd36f2ca38b443b53f091c125d1a3070cffc263a08
SHA512 e10c492f090e111097ffbd6281285b25f3be9b009fcb8258eecb340a9445fbe09bb71d32fa0c90e64fa07b49bf14eda3f1b28d338157530ffdb9aad086e2a514

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9ebfa31439045156af3aab5f49b7f682
SHA1 3e7c35d309200784e134e22a3d5648fb178c65a1
SHA256 3846cc1ecda095e5af752235cf344cbbf14bb22fd8a907b1791c1ce31174aa37
SHA512 24073503b2aa576a2c6850bf31f1ba08d0eb5a853140864641fbfe858be539295374b8ccf1498a78748159f3d9ee316d78654a096c1ce622554f0781ea3f705c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 464954776635cc892a3b8df99c77bdfe
SHA1 5a15599504de1535010f08a339d3d0ba5ff6295a
SHA256 0b836b45efb2ffa2a2952a3a62b9b0924e3ed45cf0e23fb3ed97f5fada35f977
SHA512 5c3758a8ef5496f15038daca1b298a9836c1ba206c0c84ea92cc817dd73cd1e07277cbf9a81e363c59d49856bbeae137c8997a54ae0db1906f48c485c0c249c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 59867d1fb120ecad10b92415f9decf68
SHA1 a8f06fde0622dc25beacce38045673eebc7ead2f
SHA256 df5551ac82af8bd0a956f3c340b7b045884cca03b0fced0e69ac50a84bb660c2
SHA512 92653b18bfa565cb18c14f3ffa8648921cae50b9a7e5e2a3606ba81900d1fb3137a91fcbd20025a65a1addf41a69c5b3beb55f9fde97130b2d866176132a46e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 055434a6f881819587280142ec837517
SHA1 ab126fab2a3d856d300c278700e7c2dbfe889974
SHA256 5527bd5601a48f4dfcf98963011e43d1f5ba51ddc0140c580164eed91afaad57
SHA512 b46301aaf46b6b49e2bc2001e0dea6050484c777b09dd3ee0bcda3f651b393259d798be715b13e8c0ca53a2c3bd99905e1e1d2d71c19e364781f935b13891c4b

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-11 20:55

Reported

2024-06-11 20:58

Platform

win7-20240221-en

Max time kernel

118s

Max time network

120s

Command Line

rundll32.exe "C:\Users\Admin\AppData\Local\Temp\rblx hacks REAL\dnlib.dll",#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe "C:\Users\Admin\AppData\Local\Temp\rblx hacks REAL\dnlib.dll",#1

Network

N/A

Files

N/A

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-11 20:55

Reported

2024-06-11 20:58

Platform

win10v2004-20240508-en

Max time kernel

147s

Max time network

149s

Command Line

rundll32.exe "C:\Users\Admin\AppData\Local\Temp\rblx hacks REAL\dnlib.dll",#1

Signatures

N/A

Processes

C:\Windows\system32\rundll32.exe

rundll32.exe "C:\Users\Admin\AppData\Local\Temp\rblx hacks REAL\dnlib.dll",#1

Network

Files

N/A