Malware Analysis Report

2025-04-14 03:37

Sample ID 240612-s4sb3atgrq
Target http://scratch.mit.edu
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

Threat Level: No (potentially) malicious behavior was detected

The file http://scratch.mit.edu was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary


Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: LoadsDriver

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of SetWindowsHookEx

Uses Task Scheduler COM API

Checks processor information in registry

Enumerates system info in registry

Modifies registry class

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of WriteProcessMemory

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-12 15:41

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-12 15:41

Reported

2024-06-12 15:43

Platform

win10v2004-20240508-en

Max time kernel

149s

Max time network

151s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://scratch.mit.edu

Signatures

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Signature C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\VendorIdentifier C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Update Revision C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files\Mozilla Firefox\firefox.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~Mhz C:\Program Files\Mozilla Firefox\firefox.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133626804828738769" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1181767204-2009306918-3718769404-1000_Classes\Local Settings C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\Mozilla Firefox\firefox.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1952 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 2748 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3100 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3036 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 3036 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1952 wrote to memory of 1424 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Task Scheduler COM API

persistence

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument http://scratch.mit.edu

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc93d0ab58,0x7ffc93d0ab68,0x7ffc93d0ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1596 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2140 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2200 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2900 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2904 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --field-trial-handle=4152,i,16488180140590516186,11762960689811837350,262144 --variations-seed-version --mojo-platform-channel-handle=3812 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4696 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4108 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=3136 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4596 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4588 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=4464 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4592 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5004 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5380 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4648 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5624 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5532 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5760 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5632 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5836 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5952 --field-trial-handle=1744,i,18270283273682954203,16300787945476849974,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc93d0ab58,0x7ffc93d0ab68,0x7ffc93d0ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=2036,i,10024820346146809234,6542734846149354606,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1976 --field-trial-handle=2036,i,10024820346146809234,6542734846149354606,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2308 --field-trial-handle=2036,i,10024820346146809234,6542734846149354606,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2960 --field-trial-handle=2036,i,10024820346146809234,6542734846149354606,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2976 --field-trial-handle=2036,i,10024820346146809234,6542734846149354606,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3612 --field-trial-handle=2036,i,10024820346146809234,6542734846149354606,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4536 --field-trial-handle=2036,i,10024820346146809234,6542734846149354606,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4440 --field-trial-handle=2036,i,10024820346146809234,6542734846149354606,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4132 --field-trial-handle=2036,i,10024820346146809234,6542734846149354606,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3284 --field-trial-handle=2036,i,10024820346146809234,6542734846149354606,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4564 --field-trial-handle=2036,i,10024820346146809234,6542734846149354606,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x254,0x258,0x25c,0x230,0x260,0x7ff69792ae48,0x7ff69792ae58,0x7ff69792ae68

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5144 --field-trial-handle=2036,i,10024820346146809234,6542734846149354606,131072 /prefetch:1

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe"

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3748.0.2048307198\1949269163" -parentBuildID 20230214051806 -prefsHandle 1824 -prefMapHandle 1816 -prefsLen 22076 -prefMapSize 235121 -appDir "C:\Program Files\Mozilla Firefox\browser" - {c2c7b67f-4583-462f-b1b2-4193dffc011f} 3748 "\\.\pipe\gecko-crash-server-pipe.3748" 1900 1523df24058 gpu

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3748.1.1031740539\572842556" -parentBuildID 20230214051806 -prefsHandle 2456 -prefMapHandle 2452 -prefsLen 22112 -prefMapSize 235121 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {b617d2cb-e2a5-4e3e-98a5-ef7c8724cfd2} 3748 "\\.\pipe\gecko-crash-server-pipe.3748" 2468 15231289358 socket

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3748.2.1669777001\511841334" -childID 1 -isForBrowser -prefsHandle 2840 -prefMapHandle 2828 -prefsLen 22150 -prefMapSize 235121 -jsInitHandle 1300 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {c7c4a47c-eeed-42a5-8dce-eda502520ead} 3748 "\\.\pipe\gecko-crash-server-pipe.3748" 3036 1523cf95358 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3748.3.729816243\176164893" -childID 2 -isForBrowser -prefsHandle 4220 -prefMapHandle 4216 -prefsLen 27616 -prefMapSize 235121 -jsInitHandle 1300 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {6c331ca3-d181-45a0-9429-d362c1aaeb9b} 3748 "\\.\pipe\gecko-crash-server-pipe.3748" 4232 152431db858 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3748.4.1839368015\937651727" -childID 3 -isForBrowser -prefsHandle 4936 -prefMapHandle 4944 -prefsLen 27692 -prefMapSize 235121 -jsInitHandle 1300 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ebd218a4-cd35-4410-a0cb-55bdacb12c73} 3748 "\\.\pipe\gecko-crash-server-pipe.3748" 4984 15244e48758 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3748.5.1272979918\448608281" -childID 4 -isForBrowser -prefsHandle 5004 -prefMapHandle 4940 -prefsLen 27692 -prefMapSize 235121 -jsInitHandle 1300 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {ed44a79d-0f09-4f64-ae00-5cd62db9ca2f} 3748 "\\.\pipe\gecko-crash-server-pipe.3748" 5108 15244e48a58 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3748.6.17929394\1934906426" -childID 5 -isForBrowser -prefsHandle 5316 -prefMapHandle 5320 -prefsLen 27692 -prefMapSize 235121 -jsInitHandle 1300 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {79eaf561-4f0e-4c35-a91e-6e04d6caa0c6} 3748 "\\.\pipe\gecko-crash-server-pipe.3748" 5304 15244e49058 tab

C:\Program Files\Mozilla Firefox\firefox.exe

"C:\Program Files\Mozilla Firefox\firefox.exe" -contentproc --channel="3748.7.1588301739\1065801549" -childID 6 -isForBrowser -prefsHandle 5660 -prefMapHandle 5656 -prefsLen 27692 -prefMapSize 235121 -jsInitHandle 1300 -jsInitLen 246560 -a11yResourceId 64 -parentBuildID 20230214051806 -win32kLockedDown -appDir "C:\Program Files\Mozilla Firefox\browser" - {f6635ac9-ebc0-4587-8014-979c581e0c1b} 3748 "\\.\pipe\gecko-crash-server-pipe.3748" 5672 152431f8858 tab

Network

Country Destination Domain Proto
US 8.8.8.8:53 scratch.mit.edu udp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.4.4:53 google.com udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 scratch.mit.edu udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.4.4:53 google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.4.4:53 google.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 contile.services.mozilla.com udp
N/A 127.0.0.1:50187 tcp
N/A 127.0.0.1:50195 tcp
US 8.8.8.8:53 push.services.mozilla.com udp
US 8.8.8.8:53 push.services.mozilla.com udp

Files

\??\pipe\crashpad_1952_EAJJDDKEUWEUMLFA

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2df6f38f1a4e76daeac5387ecc5dc2d7
SHA1 bf1d3aebdaec0796c94ae01900c5f56ed51bd976
SHA256 a145401079bf852424f4f59799a283f965df68b9cc020f4228603ea05d2a2598
SHA512 de1ac8cb1dd8461aefc519fb746c88f1a02f7387f154f9b3778032ac62f51d8513962ba16b7b1e89d39c1888dfb7968c915b74a61b3e27094b8e531d0b1a5ca7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\8f6096c5-676a-4016-8f3d-26a193787acf.tmp

MD5 959f23c59747b2c05005c61a5e26da31
SHA1 6212400263692ec585ea2455cc390648804b0c0b
SHA256 256970e5212e7920255ecd8af6fc72c08c51789553330135ad76759a96b0d2b7
SHA512 8d0d526bcceba0bdad98e0b1181732d1331236e10e269f8afda0195aaf0c032a438ecd08e675a9bd6be0c45d9830c06402b653fb5fc880b515ecfcd0b1936a5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 47c4a8d39db969a70e56462bf748e7ab
SHA1 c75bbaffbda1779a7879e57c663e628a7ea93bbf
SHA256 87575db418094d5fe55394ef7b30a0dce1b75e99f36f5f6c6463d3c94001513b
SHA512 b9656b558b54f6356c49f72ca6c378680ec73421b9f4d8b890b3b7e8d72bdaebe80e0316b2a70774fe0fa5efb8c5f25014c009518d9776c1687668d65c7b1341

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 cffe5cf2135e00ade8552e6f8e77253f
SHA1 70be021eb13452731790bfdf20aa940cf78d1ef1
SHA256 5a13a9da74a0c7d0e3f610a7530cff5c6af897a5214523755e26f431617118c5
SHA512 ce21cf92f7048bfc90eee64985a00681b8b3410fcf85da42167e19278a8aa9ac02ca1e9c0f419380eacead57d80b9bda7aaceedea8a01a2336866b8c86f4648e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a30c566d5947e3828767d744adea944b
SHA1 05408cb3c4e64cd686fdb8e8f427f2df0773b457
SHA256 e30c4abb686ae4102df335414d558d2129ee404616e61af7e428b772e5d00833
SHA512 facdb244d188d8e6f5b91663bb7d54d3ca51561a5952bd55f6add2cce67d6cf7045d8c936835855e89c4a9ea2f3304aca4728fca269580b0307970cce51e1e0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e35002d6eb56f9846cdd56a703bbc1f6
SHA1 b35cb2e6f4e61e839d5e651bb331987606c3e59e
SHA256 458b635040c8c7cb7c56e4fb66a67d8ceec7830455c1588fbf1dbcee3c4c0ba0
SHA512 f2684118b9778603d8fb31ebccb0e841ce628cdee59c647b2386708f65e4befc4cec729d880f4dd21d7c3c4cf62c8ae7799f8ec110289ed0b7922bd18646cf57

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1c7840b6eb4546cb32a0bda55544c8b9
SHA1 ad521d2e480b59b464e5415066d58164ab133812
SHA256 1371d83c29197bc6dc4db7724be563cf17f6b81f9184a2978de89f09835ce08c
SHA512 f791853ac67e59b2920b998d7c3156260044f2b636a7e19dae52c497d7e99fd6903e3fcfd938297d2b1e46e3b8fae509214cbd2d1bf9718b07bd52e1efb7f2f0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 1dc47d258278b5e60c984a8c14a5a5c3
SHA1 ca592de8c966e536179ad0a6ddb7cccb5e394e0c
SHA256 6af92c5503ef715b2b50644f3a837083e6692c49b85497e8a08ad886d2bb9ab8
SHA512 987b923c4c94f691cbc1813f0ac9bf57ed80c75c07bcab799134db37c1c9a672121c5d4649fdb93818d49c55acb975ccf78d781b7ab9d3fcd0e32192606673cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 e646991f9b7863013f4543e5deea2d49
SHA1 7d3ab1c249b15c5bc5761baef819fa96b043539a
SHA256 0cc277125b5bd55a7c42e32f351b5bce3ca6003f28bc0646db5bc6b9b5135c07
SHA512 8b7b264f086ee2d1c1ec1199307d6511ce964890e84312a1c12c21a0a1fac24d6bf005a2ded820ecae3b51b58229a8ce724e98e40b03e1f93d3914948025a76f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

MD5 b0381909e3021cfbc889a74a35761709
SHA1 c25a1a6676999dbcc2ca0078f3441330d17a4df0
SHA256 022220770aa204942b9889432edc30b92bd39e54d2123c7c7bcddab795d3cc86
SHA512 7641ca7a12133397c354aad3c157ea97e39d3e06dcf01fca522ecbb5a3308329edfc1e645f9f9577463222af2994594f9d94acf685d494fd56f37b8c47a5cc01

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

MD5 80f87a5803a0f86216086e0ea9a4860b
SHA1 07bca3d3bf291e555779d50a3ff2615d26e03de2
SHA256 b784c42627cec0944d2b07e1bf12399fe588df67ccc867c9f2bf78765edc8fba
SHA512 17a38b57fd97941cf8c83fc59dce9ebe62d4be571b23da9d1973e19dabd8274de8174921a656a71fd3ccaa20faede289351f219639f330c10a6710e2bc663a17

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

MD5 0fc27cfd66ff52511c7107f98b0e43ad
SHA1 76a6381632e9e9c89a28b2dfff04085820f51ec1
SHA256 3a2a02da0d508ce639cd4a2f9a0b4fd29f1117490add1abd0fb239074bc6b391
SHA512 69b8eff674613a4752810c7cdab6d3b6c00daa18e554eb1b4dace6f70c22757ab6ad29875b88e2f0bb1cbdf80c949220e9645c1f72559127cebc943a92aceb3a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 8b901343dad93059b72ea12467ab1dff
SHA1 057874ea556a4041e1cc7cb8233ff2138d9c1a93
SHA256 b9e9e34bd123bb695f448f97ec30065259677b2865818814fa4193c573c86dbc
SHA512 fa6ed2cd0b1929a9ca623fd47f16ab41f60464526a93068c7fa595e2953c00d282deafbfc49b4d43732cfd2636cc8dc1b4650ecc59f69d90a4d37d840041af93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

MD5 8cf36eed480121c6c7636ee094ad2bbb
SHA1 361bbf8e2024d143ed646e0b92324b7a558cd972
SHA256 bce3912339beb2e846ce189259ef7fc80587a6a0bd29012e7b8e29426ec6f6f8
SHA512 d564f7a930642b60f3cbee53797438e57e704019eb9e080c73369633c99201ef5ef89970551ab98ca50c07c29db71abd3b5a900973ae4f73e38f09bb2949864a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13362680523374368

MD5 8301a3c3dcf9f2e54f1b19a851123647
SHA1 bb4efbb8e431a706d475a904a7fc937de7952455
SHA256 3affe7efb85250c2644b4dae9530714f56e5db640f80b1e90ac317630d6d23ea
SHA512 5b8ef059fc15f2dbb63aa90ee7e9ef6074906f76b22f75b3c8cc6dc781df70043a67362a102808c3f21ea9693980e5549042de206e36d427e5f23941309e2c87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

MD5 32fcb8245390820dcb55c9367bd1fd81
SHA1 da4ced4ce6b325b8561631086cd2a23a899dd242
SHA256 35b65006c9e9fdcaae2ab305eade6e1eac84c192807c585b736340f1031f2f88
SHA512 972e7b588d6f009f67b2bcac70832457903ee45258dcbc199ac7c8fb1fd9ac6d4bfedba925f01424e2ce96c186944d96181094730114726eeab8151d647fabe2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 80ab4b0fd0ab0f920fb3dd8f9a12aa3e
SHA1 5f1bce14ee585ad34fa349a2f4ddab91167df21d
SHA256 186653a3b4db3c2bf3e35352273c3b58b8398e083f7e4c3fa6c3f2efab864451
SHA512 84f896f88e64b2a6bf584d5509da51ec966b33ffc9f27a6e310da209918827ed4ccb7625c72969d307534c6ad8953ea5dec76acce53032e53092cb22d764ea49

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

MD5 8a30a1fdd0459d9ea8b1e78a8e636856
SHA1 9d7225e97f9cfcfb225cfbfd0b0bba21d4efdd20
SHA256 88fe1d31608930f2738d102d45c75dc77acdf01a1b69bfb7e7c0281575b75e33
SHA512 b529bce870cd8165bf82f3ebf94f07552467bd0993b9d35145182e54e26fb2ae8e7bb167d88267b632757e2146f27dfddf8867db0c66e5dcc306db12ec6b7bef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

MD5 a833518304aad90e652f7e4f6e8f63d3
SHA1 c54149a17eb6e228065aa6980781fc00b973ffed
SHA256 a1783912e1306f8a9156119f3ade05006741b42703d097fac7b59c1ebb417f6f
SHA512 0fea7e05aa08cdc7c58c52b793da87341d7d5d24ee35088143177b0a641347a195b985e694d1a0bdd0c7f45ab6c53f4e5e836b2478f8b63aba760e032c52a5ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

MD5 d23c15762438601be07c9cb1fcf593c8
SHA1 a73bf4b34d4eb016c01c3589c696adfa1188c809
SHA256 3c402aef40c7afa484902158af0f08343f77ff99e75f69b02da2a2e65c48a114
SHA512 bcb61aba0607122417a53ea699a9992931381f26bf614eed576bf3b7921138a692a0d121265df9c3d8b90cc770b1e6f1e2dc3df05d7fe2f4614516c364a75c78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

MD5 eb93b775f86b9d5f0982f864b2081f6b
SHA1 d071c02b8450facb8bcf4d9236264c62e9d34a52
SHA256 f443cfb03b9b79a2bfbccf32feae68191d5f50ffec2a01989659de30155cd0e3
SHA512 58b5ae71abc10a777469b1d6577d5fa87be5b8749ca7d41dbfc5eba063b4b54970f4cc01595735ffbf4d1622d571dcf85e56776f680515ccd5ab82bdcb52060b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

MD5 693827e6078643dfb0d0a5f7d4d9c520
SHA1 a6a1ca17f4e1411780cdb35c603d9909fbda1cbe
SHA256 3c620ff1c7a298446bfc777a547aa3e689cdf7562cd0e5393c35827e68bfb000
SHA512 0e889f8b6697a967de652ffe70a1dfd094668d90e8eab5a9ecba368dbe95b78c2cfdf8ed7e9eef8befc1cf0636b79308aa2452908476c26e36892d2773d6b500

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

MD5 c95edcb37cf5e573c2597990a604db1b
SHA1 047993cc01e7242693ee957ecca6f3452ce524f7
SHA256 5f731f0b19816e89947a44afed9e01f12aa2e031f89aa923e7f343d511bab29d
SHA512 98f774ff850b698aaf5412cd91158a461b14656dc26c213b046be1abc9183a9dbc876fc4f6fd8df31de6df8f04a53fa16a92576ae12161865b70ceffa47156a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

MD5 b53d9b5c0689a18b8b9583f03e4a2597
SHA1 cbbcdc0b0f181d72bdcaeffb51b6a663e2a44da8
SHA256 535353af4fb1fc6021fe8618a74cf03491954d1c563389efd139b986d97a9e0d
SHA512 ea762d76784d6805482a2ecb2312eca6c23d09c545dec4a9568de7780154ff5981bfe7aeea05a154d2948ad30a60e8c2afafbe58e7f913e1eb30f505c93cef69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

MD5 5204a18c65e33392e3e55d2b05d18d11
SHA1 1e219b31fe9754d5307b30b6d8e29190df3fdcbe
SHA256 340d950fc837f6252f659825d6e161aecfc655c4d2d623538f92c0ab2842aaa9
SHA512 baaac7108f5a026270bb649d9d3fcecf863c381a4280b1cae337e86dbc466579345e6cc184bdf30060296c6f2ed2c997448f000de513877296816e8c3a5f8b44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

MD5 304a94de9dfa6ecaff937c9285a4cdcf
SHA1 7d284ae083b2593efe65d7db2995b34afe6ebe0c
SHA256 2269be8bd8a9525b1846f0e540d00b8aa41bdec2d26585f970c1ccaf45cd8fec
SHA512 69cbc1944e136b6e1804fe1362a5415fafb0bfcb74e719dab2dd153098cbd4318fd194f5012b3df3c5da520f879a8061b0dcc84c6c133fdde5c606c44af1c186

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 bb74023ca94ab19444f95a2ab2470a71
SHA1 37ab2dc816b072502ad5fc9d0c21e60ed7bdb491
SHA256 18b7b26be7f9840cc44c6c0f7284019022ced6e4e5ef67105e033007363147b7
SHA512 c19b04b1dc462acee5522afc5852e60c629077bb2886ad37be7594dac259b03833eaa990670414e868ec45f4d8828f31511fadd4313e346a87231b84cb12947f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 edf4b3eaa488061ae1632a745f737f7a
SHA1 a77ebcc1e3ea151d71bc2bb95a791cc9b25a2bb9
SHA256 454e20c14e62e8ba3886a4f4278557545fc9eef76762cbc563fe5715de26f2bd
SHA512 7c1015149966a4101048dcef7f3db840a5c926a42522e0a7774df7e9535c1dc06a9f7457c5e4bde0cbe4c263a506c17ba9c57f2bf9f3dddeb81c12a43bc4f7d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8e6c0430053ea06ee7ee9cba688bc8a8
SHA1 e79ba6bb36933e95ac271e3a940897e99a994a88
SHA256 692e67fcf3f4fe528551dbad5cd71dda62245661716bd3cac06a39c7bf63d982
SHA512 d176d63c06db57c93feab0816c35ea46531810766d1d6c225dc5e4a5fbd8d387cb979cc5a9b870ea6c09540cfc27897ea8b840f659d7c1d13c82863b2d028a5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 009b9a2ee7afbf6dd0b9617fc8f8ecba
SHA1 c97ed0652e731fc412e3b7bdfca2994b7cc206a7
SHA256 de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915
SHA512 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

MD5 f131c0c7616d4e4cd41ed4547f60c5dd
SHA1 6a4af4f1efb583f191b9e1a46e3f49d3c8c39074
SHA256 75d9a38d1d67eea430731d398de909efe0fe96f472b6cbb721031df05e86b3fe
SHA512 7a01627ea39f3829d6ab18b9a7b13bae7c4de80dc3971685c201cc4f23f478cbb652f85e38d819d8ad572b59328b9093e8def5f2f30b7ba0cb5a6cd2ea377634

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13362680480209368

MD5 855240b4aacc7f09e5881c3edb7d02e7
SHA1 0e85893d323e2d252573f25e6a5059920ad76ad5
SHA256 8a32987bcfe58ded47b32ca00a8d4849fee229864e4d70018dc5cbde0dc49956
SHA512 b7abd04a310169f08bfb420cb6f34123c95304f355ea0b4499f9c370174fafb818b4cb94308834b772b848f356aeed05a42a1750fa35e7b5c28296b741f32767

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b18b31cd5bd847128c81517e0d8f3733
SHA1 13744517038672e7f962fcfe8d6ff886a961a8b8
SHA256 42a729fa4f8944933fdfbf4886b0b38614558c53cd4634a33dd3376df6cbfd2f
SHA512 2366e5a4dafde211e500105f75e60d0d263d3300e3b0a078b8f72d41b5946ca602e9d1217ce13f2a82b731eb343eba7df1c48e0d73f0f2427a882d05b6022248

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\94f40dd6-315c-41da-a959-217c68fa97eb.tmp

MD5 612ad386612e3ff8672315156f7d025b
SHA1 9ebc6992a8f7644b25607722707199dfde66e6af
SHA256 89e196c3984d5763fff4a0769fe68e21e08fe4bfdf93149adef5c95dfe2f2918
SHA512 049c0d2fde541f466b5accb1acc24f7d0118d77ca3525592e08543a1bb2bbe5a9d0e2a566484066088380078b5ac099377b6be94214154d9c481ffeffa85ecfd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt

MD5 b56d54f78cc4e48a699f6ecf95e11a15
SHA1 c54a38679e0541ef6d04ad5047aff0985c136553
SHA256 1cf50cbd5d1ad55de3284ae82820cdb5c58a0a55504be95c6584c5f34662ee01
SHA512 fd61c2a6584e87293ff48a2bcd5a077d15d38778e31db6a070838a97d20f54fd6775d0db1855e28fc52626a517358f79d245a7a54435ccc3790dde8b99e02045

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor

MD5 5146ed9c08b2661d813573b4d234a1e5
SHA1 e347890d22eaf98dc0c87c389897e28caf602ce2
SHA256 294df8be8bd38a3b66da1749b784ec9a4c3824b85d4eb4dad5cfd01c7fbadb9d
SHA512 9e2ef58bc165ef9ca4befbfcfdaea5b4df5873e0fa35f0188bc5428665965e41b27ca9c5b1c65b55a157c11c90fc20f4ff0cb6cac703157e6835f23249a23fd3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser

MD5 de9ef0c5bcc012a3a1131988dee272d8
SHA1 fa9ccbdc969ac9e1474fce773234b28d50951cd8
SHA256 3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590
SHA512 cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG

MD5 7332d9d83de409eeadd763af21b6849b
SHA1 5a2201877c29b3769ce0a1865bb0a917cd5978da
SHA256 c6402d3066110e1b336555c33ddab8a5654abd17f1631c0c0f6a44948e090ebd
SHA512 d412560ba9d2996419a428652b2fc4421835f38f644e91e0ed6c9c08984fa2a7863fb7288c20264614ab0767c0d8ed28be278ad07091697d809e6d4361728036

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 7ade5f0e40edeee7c781a777809afdec
SHA1 84aad004a92664d5f5ad0ed5ffdbadbd21897648
SHA256 15e278e7b92d12f915f7e864ef7ed75eb2d79cf9042477d378302a51d1be20db
SHA512 4667e00fbcdda79ef565c3d44e1fbc588bca9fbd8bcbd258ce526cc4cfbc3ff894f6a1c60525ed60ed50834dfb21186afbb2d7e35bd9890dcc80538f08e2ac44

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e9f8b8365716483c8ab8f99fc1df8301
SHA1 c98014a83092c51f2a65262c10ccaff757e9c040
SHA256 fce8e7b8754f55af908acedcf3f42997901d69f0271e223413f7ca4b9a523297
SHA512 8a95670ee6dfdee3e6805fa651ee2737d0a416853d6860bcf346ead2f4c0be27ace8a063bdce0798993c8e7dd1a699a658463754e33a5b16eceac87cc423f5e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b392834dafc4ad44c840c5e889d79528
SHA1 40bdb9b79e726637a0919df6b09d8097f801f952
SHA256 474b9a0a9aed816803afe9f0869f7f66074eab1f7b526da6ecaa7737068a41ea
SHA512 e490ff6103c233db1f5b4bca40d2936b35ca84e14544ba8505bf6c9201150e8bec541d234e3c7d0c32491fb8d5fe2206e3b77f136ea5a35dfe0d88fd3110daac

C:\Users\Admin\AppData\Local\Mozilla\Firefox\Profiles\n9vxbo99.default-release\activity-stream.discovery_stream.json.tmp

MD5 8ac2412d3ef9b309468bed97bf05a521
SHA1 48f468ff9773ef839953741171aa70198f7e62f2
SHA256 3c905c3543063f7e56101c432abb93b19b96c3303fe0c0bdd14be4cfcda2fafe
SHA512 5ebd436628e74c046315d973ca70e9bf626fa93879fe02eaaba6639843787c6b523827b59b28d7c05e0ea9899c63fd1ec27007ad730e9bef2f3d163d420ceed8

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n9vxbo99.default-release\prefs.js

MD5 a7cb92a2b5977f978c72db73883c15b5
SHA1 00005a38fdbdb3473b5311d96a2a82d067954ea4
SHA256 a763652ce4dba4bbd8cbf7e6f7d826fa2fa29a907af44bfec3f70797308e6a5b
SHA512 462d1eac654a819e8082ee7293493217b5f424e6519ac6a3c41344ef828ad3ade07db353edba242effdf776c88750366d9f2985cb5d7386dc355082550abc3b3

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n9vxbo99.default-release\prefs-1.js

MD5 fda22767f6a6cb89bf1af86201ad5cdd
SHA1 22e0eff2c65d9b6557ce191a326b364c1cbf1de2
SHA256 40d55940037e56e970bf08d6954466923b1cde75f198ef5a0f0f2e6252dffa6c
SHA512 a615affeca16ceb8522722d0f1d77364bdfac31d3dd6bbca62b94619f7f179701b4571c579178298533cfec06ef1d693a334c2c67859af08e277ce36452cee80

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n9vxbo99.default-release\sessionstore-backups\recovery.jsonlz4

MD5 3d9dcd5a3c32e61f532cce3f59ac0b59
SHA1 5bb7646a1dfa0b79584de733a6774425d652729b
SHA256 6ad90fdb05deea5c9b7e1a6f41cc71ead23400eceab9fafc431b5cccfcd1039e
SHA512 68e5574b35422446501592105ad35f6575011095bd113c8951a97df81e222efd926e2de68d5317d294d0d4c5f7dc4089f989243826d0f99b7861f6e2a6824442

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n9vxbo99.default-release\sessionstore-backups\recovery.jsonlz4

MD5 61672f8579694f0330c4728ba25fd0a4
SHA1 839617e156f6120eb8ff323fc578725f0e145e95
SHA256 2dcb5a88bfb20d727cbd99dc3a5f0718f3b9a47f291f8538f7f3b2fcb968aef4
SHA512 8d1a0fa8382d530437eb47f0a2b2439e4b4a86bfc37146889ddd0cb1d2543e4aa78592767ff091acafdae1aa233c44985b2c33eb62c04ac1ba27ff6252e53272

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n9vxbo99.default-release\prefs-1.js

MD5 05c8914781d7b1e7471ba51ade3a9783
SHA1 52684a0ec02ffcc34366f768519295cab77e3256
SHA256 f506f21ff49e80e52d9188cdd1dbf701ecf2ad9df203f855b57bfc48fd0d59ba
SHA512 8c4086f350a066f75becb80abbad70fab9c8c2444b60301d0a2b36623cedae142cd931e70361c616aad34805f7e9ca58b0ebf94acafee27065a475169cef9e36

C:\Users\Admin\AppData\Roaming\Mozilla\Firefox\Profiles\n9vxbo99.default-release\sessionstore.jsonlz4

MD5 c0725a96db842db81c1f9f24f178601f
SHA1 5da80debc3706770b8175d51931b84b9eeb1ec59
SHA256 3360b71f4332f00fcae28d57ff5fe50abb37d2661fcb26edba064fe05a5ec77b
SHA512 47349be2349e68de9c927f73227616fd9d4469d2273964ca7ecddf8e01997d6be4af0b684aa94cf37ce84223d78637b29055a3d142b74514fb0174597053addd