Malware Analysis Report

2024-07-28 07:17

Sample ID 240612-tlm53a1dkb
Target https://bu-card50.ru/50
Tags
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://bu-card50.ru/50 was found to be: Known bad.

Malicious Activity Summary


Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Enumerates system info in registry

Modifies data under HKEY_USERS

MITRE ATT&CK Matrix V13

Initial Access
TA0001
Execution
TA0002
Persistence
TA0003
Privilege Escalation
TA0004
Defense Evasion
TA0005
Credential Access
TA0006
Discovery
TA0007
Query Registry
T1012
System Information Discovery
T1082
Lateral Movement
TA0008
Collection
TA0009
Exfiltration
TA0010
Command and Control
TA0011
Impact
TA0040
Resource Development
TA0042
Reconnaissance
TA0043

Analysis: static1

Detonation Overview

Reported

2024-06-12 16:08

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-12 16:08

Reported

2024-06-12 16:11

Platform

win11-20240611-en

Max time kernel

149s

Max time network

151s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://bu-card50.ru/50

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2244 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 4408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2248 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2244 wrote to memory of 2000 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://bu-card50.ru/50

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc2ff2ab58,0x7ffc2ff2ab68,0x7ffc2ff2ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1612 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1852 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2160 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2952 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2964 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4300 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4456 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=4536 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4472 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4504 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4468 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4648 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4640 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3056 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4692 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3400 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=4584 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4500 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5056 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5048 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4632 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1936 --field-trial-handle=1976,i,14749432118702539376,15912329958150873591,131072 /prefetch:2

Network

Country Destination Domain Proto
US 8.8.8.8:53 bu-card50.ru udp
US 172.67.166.101:443 bu-card50.ru tcp
US 172.67.166.101:443 bu-card50.ru udp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 151.101.130.137:443 code.jquery.com tcp
US 8.8.8.8:53 101.166.67.172.in-addr.arpa udp
BE 2.17.107.184:443 store.akamai.steamstatic.com tcp
N/A 224.0.0.251:5353 udp
US 104.17.24.14:443 cdnjs.cloudflare.com udp
US 35.190.80.1:443 a.nel.cloudflare.com tcp
US 35.190.80.1:443 a.nel.cloudflare.com udp
US 104.18.42.105:443 community.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 community.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 community.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 community.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 community.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 community.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 community.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 community.cloudflare.steamstatic.com tcp
US 104.18.42.105:443 community.cloudflare.steamstatic.com tcp
GB 216.58.212.202:443 content-autofill.googleapis.com tcp
BE 104.90.24.180:443 store.steampowered.com tcp
BE 104.90.24.180:443 store.steampowered.com tcp
BE 2.17.107.184:443 store.akamai.steamstatic.com tcp
BE 2.17.107.184:443 store.akamai.steamstatic.com tcp
BE 2.17.107.184:443 store.akamai.steamstatic.com tcp
BE 2.17.107.162:443 cdn.akamai.steamstatic.com tcp
BE 2.17.107.169:443 shared.akamai.steamstatic.com tcp
BE 2.17.107.184:443 store.akamai.steamstatic.com tcp
BE 2.17.107.184:443 store.akamai.steamstatic.com tcp
BE 2.17.107.184:443 store.akamai.steamstatic.com tcp
BE 104.90.24.180:443 store.steampowered.com tcp
BE 104.90.24.180:443 store.steampowered.com tcp
BE 2.17.107.184:443 store.akamai.steamstatic.com tcp
BE 2.17.107.184:443 store.akamai.steamstatic.com tcp
BE 2.17.107.184:443 store.akamai.steamstatic.com tcp
BE 2.17.107.184:443 store.akamai.steamstatic.com tcp
BE 104.68.92.92:443 api.steampowered.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 172.217.169.46:443 play.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 216.58.212.202:443 content-autofill.googleapis.com udp
US 35.190.80.1:443 a.nel.cloudflare.com udp
GB 172.217.169.46:443 play.google.com udp
GB 142.250.187.238:443 consent.google.com tcp
GB 142.250.179.227:443 id.google.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com udp
GB 142.250.180.14:443 encrypted-tbn2.gstatic.com tcp
US 151.101.1.91:443 www.wikihow.com tcp
GB 142.250.180.14:443 encrypted-tbn2.gstatic.com udp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2851ca647dd1ac8dfaedad6d7a7bd7a0
SHA1 164ac1b212fda56051affaf29d8cc3972cb4f3f4
SHA256 1fdcc3a1a836ed6ba083a3fa635b7b8e2965866bf619b07ec9d1eeb76a72de5e
SHA512 fcb55afd3b050b17eb87910b22dba4bb728c4fcc14f07aa9f954db07c56f2d8c6b6da94828954f119504ffaa0d119814d93e0fcf91326f5d686e2ada5d73550c

\??\pipe\crashpad_2244_IWWXESUACMSQGEUQ

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 9c712911c9228f4c9d89adeec2c30761
SHA1 451204a57ed27d6fe20bf8662c07f9c05b57915a
SHA256 48386cb41db4a7c4e07468d5a70c5334e632de58ea2e246ab3c334834d7e6bd2
SHA512 d9a314a35bf53faf7272d939cafbec300dd06982af41933623874566b179e5d651f887b4d0829e76f619f6c4306eb09e01cf49fb3e6ce8eb063dd79b9cdfdf28

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 50ef38f33eb718b249ef7ee76199cc05
SHA1 de330814b8951736359a0d7a07035b853cf97a37
SHA256 aaec1b003c7d8a840a3a39122b9e8122e09b78c584c57449a9ab430f74c21a62
SHA512 ea541a4066a539500bcfb5dfa8ef701633bde716fcc9475ae993810c939e38ee0a16d5bb7fe271f7542dd734a5072b4f7d42cd3aa2289ba3047867631ca0f68d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 cfd1b5219f5563736587ac71adbf6c67
SHA1 b2172a91fc3bc125455dd7cea4cd64ae5824192d
SHA256 253eeb00c6077167b87ac974b815f1962ffc727846e7569e306ea71d6d9752cb
SHA512 6f0f55716e6fc2301f43199f5262919b5f1b6d5b4150236832021b518117104328dda0ec169771e9a1facc7da5bc36c401f60f8d39395b707276081cdadd499f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 bb15b05f9a54bc1bdc2810e826e355e2
SHA1 149ebd8d2d50bb69099746a62ddec3f586fa15e7
SHA256 fb546ed74738f7787b5ae18489d8f36c3a1a545f07ea760c392f2d1a1531b15a
SHA512 3a012da184df06cc3247090498791722f9a3f0c22a58d64b720349b61e117509849ba16dd4640bf2e4339d378379c6a61e14ca4ac7b582ee25e3a172b078dc3b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 00634e65bdfa3c77f4804e91846efbb1
SHA1 3327d30bc8cda8de217e4835843018b1d8a50b3b
SHA256 b145a8d4933e78e2c8373a73e88319f276325244254257cf9f38d15ee8226775
SHA512 dfe837e9b92a08fe533ebe223125dce8881c67d7930ca608b49070986982d2877a5f96af5c09fedcda0abc451a21c2131923360b96b10b33e10dc26e478bce8f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 638a4990025383a0f83ebf29bdb84a68
SHA1 153e8818dc42f598e47fde8cf398f1447649a4d0
SHA256 878e34b89800bb271d3588e526eb3598eb3822e263f3bdaf53645847d39d0ad6
SHA512 59a505fa1a3bea1511e8fed16dced733299928b4081665d3e3fa4fc71d6f0ed0b09934805f442bf190c9093937e1494ac938167f9beaca0223243703f73efe87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 ece822ddf599587ef262b1b22bfeaa47
SHA1 d9a8d480342a2a675c61452df0957fc6773f02ce
SHA256 199b281472b5e03f92a02e91d4f0dc88b91b641f05670a74e1b3507e09b0727e
SHA512 910fafc0f1915a64933d649cea2b80fef570872f792320c49217b6fe60e49e2d32a7b0f698ccc7f91bd444aa62911ac2cd1da6897cdf3c0a27a3c54c8aa9d638

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 4cfd2bf8b20bae0e4fbcab765ea29538
SHA1 8fc8156d558bee994abb82e57ab07654c8cef352
SHA256 72bdba0d0b95e0c41c313e72dd93a04ff5870e80fc9bc6e864841fc2a2439c33
SHA512 5e8acaf9af1c153ead1c24ebec44a12a016c6e48885f8c8f5eb7cbb4b65d1304172e194eed3ea364d526f2598b1049d3d6ab0deca7b5bec244f7b207de171f5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 f0a93bd3d774b522192de22954ddb0b8
SHA1 07f5b5a8082716ecaf85446d587df0762dbee2e3
SHA256 9d347144f3c2a396a44bfc7bbf231fa2185d3e536489811fc6dca3600dce3597
SHA512 98cf4d476e2f9f9375dd3b16873e1f4c1b3720293f7bc2bfd2660922c2c2bc4ae088f9036682f79a4e8b25bc9eb5148ac9e3eefd3d964710e63743d4e66bf7c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e1e9d71da7b755ccdb25cf0b61a2debf
SHA1 e2c4b93e43a3e6f7ba440f5bf74b1f9e54243c01
SHA256 9c0f0398c83096056ccca99c08771092a338fd5ba442c56481f53f62cd7c56ab
SHA512 ddab78900c7b51c75ce01dc20899bb4ca5114ce4105d265bcfb3f1523b241b3f76e6261e9c97ebddee058abc843113b1b020c96c8cf4a81b3b7213a558bf9561

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 841cb700eefd2f5c14a7c301549699f7
SHA1 9bdf00d962845fae67be77d2a669c3f1d366dac3
SHA256 0ea4b24e37054b1726cfc4978ae713582ccc14fcdf8bca26fe65f48edc20438f
SHA512 bb98ff43f2d1a227872cd08defc7d4f4420074648510e7578e00d2c123e33762411a1c317e36008da0f7b67b1e548cc5b427c11741656966fef1cfe1dd453909

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 712b937f438a854a14a8a126e1689d0c
SHA1 9089f1c8b4ab38c2c136e8dbf6c043ba2ac795cd
SHA256 2383019a7de68a28fba5256916bc578d292548a74e4a9fa6efc5fa2fb1c76c33
SHA512 9bc46c8a1b5aa7b721a0eefda37366613b0c0799b2a8338ed456cfc020677f8d6a1b04b82530c72d6c2978c71c0f38dba86dc9bc588d820b7f0f3b947a2c0d21

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 d767b2dbd5dc77ba5f2e366acff4617d
SHA1 14f7688d99bcd436880065da94cf14dd7db384aa
SHA256 ccc9f9d3ed631b83e21580c5accd366c7e8862757bc331e81fb003aa5850b2df
SHA512 dc485ceea5a289e26c1defc22afd5a05827bf984348819e24dc956bf778d5f590cdd710bf8a7f309d2953fc19c51ef6c2a82dc3e3a84c9e57196c31bc7ffcc35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 afa11b5db46e2c67e2212693021953c9
SHA1 ab7ed959086a676925bac7bead31bc0358dd2e47
SHA256 b0fdc96ea8c67331b3f3f5ac70a09c47abd76e6b5fab37d35cc5242341e4c78d
SHA512 f25aa65909f2d645cd3dc04f8034f6daacff3468d0ae45b384d49256de3f7f953f54c729a36167fd3e67a5dc57196bc9b333fe3a4b75ee3d8a344a9bfc2f8e7f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58cf22.TMP

MD5 cc93cec521c75a450a5afb440c3ce603
SHA1 f38effe31ac476de0f71f4139282032a4a1754c0
SHA256 ea613325f393e41a9298abc3fe7c1a1252629ea2d6cc4936225231dc31079443
SHA512 c19bed586cf11d281dd30de091f9974c67bd2d6c02d5e5b74b18f4613c6fc639a677c11562ac9c97a51fbc5a82acf0d659ae5315b761bb6055e403e9419e23af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 d4e353cd0afed47f81766365c0434058
SHA1 4d554dcd835e644b73e094a366be3bbee98b517d
SHA256 db23650bf4acdd9cf03a906dc0aa4a9f7f37c69604c943224c5335f16b4ded59
SHA512 31e8c6d099f7e8a50e47639ab58c6c48674f4dbe341d6fac1690e24ae73a1579fe668f54076cc0cd0b69978ab96d8b5b82b67884388ee9f0bd411c1f2ceb54b2

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 5f5bad9c8f9ac8bf8cb23025f98f4ac7
SHA1 3979ad81d77d3ff4970e9a4178a24002429c74fa
SHA256 d276596a020e5de6a18e4b8cc203fd4a5da12205686c64513a07b34872ae23f6
SHA512 e13777b8644e99516430be41ed0472c2ce8564d2f7e8521247aa1e0ef97fa378fc237efc18d5b796de53d612976585809a14bcc759b1fb91f6a1c4347fa0e2d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8053e33efdbeaff89f6aab1502937c90
SHA1 c674e32003831b10ce1ce49a40d514ed750a011e
SHA256 b578032f3969dc7eea70f9d64b149c39bd6070f4b0f70a437953dc5f0f1a40d4
SHA512 8f2bdd580e197cdf0c0604035649354f0d1caf93eb9b0303f378d6ee2ed6ab471bfc4c5078cb388fdadc5db4da7f6b9937f848e8cbf46f3d0aced11293522a6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 aea868f3f48fdb6e52e21da885eb5296
SHA1 5a1c3cb1118f4ffcf63f8a9c5deaf9108928d1fc
SHA256 f198f9cc006b075c969b169e95a337792a4e60e14702dd93b3a6617cdedd970c
SHA512 c2ea7ae990c043e8d9efe7bac4adccda0e891d0bcc758210c706691b92a77e148cd11fd49ecd44ecf72e9693d5a798a78aa67d250ce9a21189efef11eb178b6b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 4e09ec3073f2419975adae55a1c046fd
SHA1 a43d6e7b7aabea53804560644827c564c4b8f826
SHA256 3fc89b113bf388f6435858652247ba2df57b67e918f9923e81ca31eb9ee322a2
SHA512 38c54bfbeda99b4c1c85ace5a13e592ea817734c8116e70446583c2e952f40324745490429bc267cced6427f343e265b25b6c0223a214753bcb4216d10c98d4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9f4758220ba17a0f496ad15c002bff15
SHA1 8e6bbbd18d8b0eaf3d2b0388166b2aa918f0bd2b
SHA256 29de5cc650644dc067172b70358fafadc273123e3d66e184414c0519dcd3e4cb
SHA512 a3f1aade154704c77dcdaf21d4d7725c0d186d0e5582d1671abbbfd25bed09b2e6f8360424b5f9c86b6214aa915c699b9087ea4c90dd6fe11deda6889c4bcce1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 76452c8ef12f371d7a224898e8cccaf4
SHA1 32e031a4a9b88e8a0cfda9db799825195dd22772
SHA256 c4b2ced840f8274404c15ec52251b0557883f1a1a7b394d7f5f7e2adc8e8ab6c
SHA512 2e0dabadeea152f3a8e622b2cebcb876b9eeb1ddf3cae55941bbd67635cb67ced4e83efb60c4ad6f9559f50e9e972575408812d19810b67b523b763d869ca857

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 dbcf33a3c23e7af4e4731c1533bbdd51
SHA1 d62936470e07c4b6d7d5ac12e2dbe4ffeaba4e2f
SHA256 02767aa1cc5c18339ca06c206078928e2698a2d55fdf6a58d5d6f5eb3dff99d9
SHA512 29fdc4ae609e53654274c7590383ccc78d95476a1b587a039966fa41f86aee2c6b545a7fbc48d279b6f2507555cf29313e758c7bc4142aa7f73bdb6f245145cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000057

MD5 6a16cbefd2e29c459297b7ccc8d366ad
SHA1 40da0213a9e5ea4cb6948f4a8e92b5e8b97e6cfe
SHA256 9462da5aa6e2a762b02a24b7305bac86349e5b5ea182d36fd6a163de550cde60
SHA512 6a9de0231f9987554a20208a89c6c802d28c57ecb6f9e95771c94156b65c61ac1e18298ce6d3f0559d3a08052845cc2014dab335e119fde731d745e4857b7d74

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1e46d838e53cb308cf7ad58b9e1130e6
SHA1 50e9d1462c40d0ee381ab34d366facfa777fa270
SHA256 15eb5c2d17ed8e6342d0699d33b11f0de576ae8b7c20473dfd2a8880eddb3bfd
SHA512 8aa7804682c305c4ed2e3fca57c57188bf1d83566e178733db56875b5df02c598b94616f1de4b4bc98e6089f70aad8ac2e33ea85cf1a368f4a062f412a6b2c5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8e9ea61628a94da60ab435402a87c434
SHA1 3e56b74342b5e662ae44ded12b0efb97d2f83330
SHA256 62429ac31f15a46ef484bc5774ede32798896607e60fb7ce5a542681cedc5595
SHA512 c8e14db490e2fe34d69cf84b4f106795700e35af527f3587ce0b5c10a16dabe2b18ec1afb0bdc0633585cc17a71390a494b2d9548af7c446acd251495c65f437

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 50d15aa5c4dfe3f130cc0649320c5d9f
SHA1 4bb9dc6e43a58718422ce2a67d23e47abbfcbd36
SHA256 1c856dc019e1735bd63d3de3bbfd994be82e4d3d54b602615b1582d05f79e08e
SHA512 7ff9476305ec93815ad953c788754fddf05ff33498957f4a99f5a3228c6646f17951a5c2e9c1758f1d10a83f5e47852851ccaf2c7a55eda4a329f41c14fbf22f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 2d1d3d60fbbf6e536a0b3863268dfd88
SHA1 7d326198805d5e41d93d3690425559708cac6f68
SHA256 b733373e4055d252c824c749557bcd716e120ef7307791617424830b0c9304af
SHA512 d6adab14d0155db5fa3058bf42b1c02b54522d8a775ca5bd84b3ae152c2af503237a688df978db13e0ebdd2cddb98cb17c7b16eed9a120a9d02f9c4927d27fab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4aebf0b1a0744ea90fbb4f1827ea3a5d
SHA1 94765c0c11394c35a13173a57730062f9ea90eec
SHA256 f8d4dca1c22732ca5687d1a1a5a59c6383e1811f8c205d9ae369635d8e787e6f
SHA512 c15f2046e37158009e2f9ef4c0361e7279455daebba6ff5c51187c2850217e1fbef7d823a2ade33d28ec011d672c129e20ed2b6a1a888d896d7abe92725f0dba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1a994e93fe61a58b4e7e96252c86ba78
SHA1 e297200e8bddc6c347f4d1293bf67237d1632f95
SHA256 9b94b36470bfebd9885fa504de67c3e536c75511c024fde7a80c1d91a6830d60
SHA512 c8b26d71c8cd0ea2233e03241a899b3ea02ae77219ca9ee6c4092edd162c037727522f970c1e117cb20435751a355907f7ff874d1f6eb3820af7d054b6511465

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2a7e651b75a152f80563013ecb741cf1
SHA1 84eb2373ab001a8af14b6ae6c4fa93007227b39d
SHA256 5345376482a5f994aa76023b68d4c62bc365a43002a9b9b04054358fb4a6f00a
SHA512 db715daf0e2a87076f99c6b323bb1d6bb6ea4a16f1a3fbfe4a8bc47e722f59530e8337218aa4aeebc6233dc9709076956799ce2d9898e9a5f09a6c4886da38cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5ba0e655e6051de4cca7ccee76022bee
SHA1 050bc18defb6d073cbc8d5e2da3c95b4deec3765
SHA256 4b0a6662a69e1e6eee27375caa8adacb684bc75ae296bc7b079c8046563b5776
SHA512 79220491dfc7dba2ad18593952b19ecd87d7c90d2603b63b944af3db7b6477c756b2bb8286fe95acbab24c656c2da8f748176be8c3cd16400a26fb1b8350967d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 76c1674f7c89f62df8a5787b0802663a
SHA1 27fdb29cc674ff301739acae5587fe4379000f76
SHA256 195b6e5b3b55b5c4c72640505f25094ac227a7e535ec3cdcd52e3bc8cfa42300
SHA512 6447d8fa6676bf8098dba096b695ce5b428ff6e7a2cc39272e7489d299e5179ddd205fa4ba088c21f6a548e5e17cd82f042977cb10b68a644d13239a437fd53b