Analysis Overview
SHA256
b238f21e7e200ac3c5d608d97ddaa480e5de534adf5282619529f9ef9d38adaf
Threat Level: Shows suspicious behavior
The file 4_pillars_record_-_for_SMHW.docx was found to be: Shows suspicious behavior.
Malicious Activity Summary
Executes dropped EXE
Loads dropped DLL
Enumerates physical storage devices
Modifies data under HKEY_USERS
Suspicious behavior: AddClipboardFormatListener
Enumerates system info in registry
Modifies registry class
Suspicious behavior: EnumeratesProcesses
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Checks processor information in registry
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-13 14:32
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-13 14:32
Reported
2024-06-13 14:34
Platform
win10v2004-20240611-en
Max time kernel
150s
Max time network
153s
Command Line
Signatures
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\SteamSetup (1).exe | N/A |
Loads dropped DLL
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\SteamSetup (1).exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SteamSetup (1).exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\SteamSetup (1).exe | N/A |
Enumerates physical storage devices
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\Hardware\Description\System\BIOS | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133627627365787376" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3665033694-1447845302-680750983-1000\{EC502486-817A-4853-BE89-856FF9BB82A3} | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: AddClipboardFormatListener
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
| N/A | N/A | C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE
"C:\Program Files\Microsoft Office\Root\Office16\WINWORD.EXE" /n "C:\Users\Admin\AppData\Local\Temp\4_pillars_record_-_for_SMHW.docx" /o ""
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffd8c5eab58,0x7ffd8c5eab68,0x7ffd8c5eab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1620 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2308 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3028 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2736 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4352 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4480 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4640 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=3584,i,6041070687820623968,3004230300437737550,262144 --variations-seed-version --mojo-platform-channel-handle=3784 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4832 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5020 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4636 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4832 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4900 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3468 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3472 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4480 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5236 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5288 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3516 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5484 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5404 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5712 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=5864 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\Desktop Goose v0.31\Desktop Goose v0.31\DesktopGoose v0.31\GooseDesktop.exe
"C:\Users\Admin\Downloads\Desktop Goose v0.31\Desktop Goose v0.31\DesktopGoose v0.31\GooseDesktop.exe"
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x490 0x308
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5112 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5424 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5472 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5372 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4148 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5228 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=4060 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2480 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=2500 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5244 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3468 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=5456 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5876 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6364 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1500 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=6312 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5052 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
C:\Users\Admin\Downloads\SteamSetup (1).exe
"C:\Users\Admin\Downloads\SteamSetup (1).exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2060 --field-trial-handle=1860,i,1589848886232151251,5356819270870586983,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 203.33.253.131.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 4.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 58.99.105.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| BE | 88.221.83.248:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 248.83.221.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | metadata.templates.cdn.office.net | udp |
| NL | 23.62.61.184:443 | metadata.templates.cdn.office.net | tcp |
| US | 8.8.8.8:53 | binaries.templates.cdn.office.net | udp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 2.22.144.9:443 | binaries.templates.cdn.office.net | tcp |
| US | 8.8.8.8:53 | 184.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 9.144.22.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 142.250.187.238:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | samperson.itch.io | udp |
| US | 45.79.115.66:443 | samperson.itch.io | tcp |
| US | 45.79.115.66:443 | samperson.itch.io | tcp |
| US | 8.8.8.8:53 | static.itch.io | udp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| US | 8.8.8.8:53 | img.itch.zone | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| US | 172.67.69.99:443 | static.itch.io | tcp |
| GB | 142.250.200.54:443 | i.ytimg.com | tcp |
| GB | 142.250.200.54:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 45.79.115.66:443 | samperson.itch.io | tcp |
| US | 45.79.115.66:443 | samperson.itch.io | tcp |
| BE | 2.17.107.200:443 | img.itch.zone | tcp |
| BE | 2.17.107.200:443 | img.itch.zone | tcp |
| BE | 2.17.107.200:443 | img.itch.zone | tcp |
| BE | 2.17.107.200:443 | img.itch.zone | tcp |
| US | 45.79.115.66:443 | samperson.itch.io | tcp |
| BE | 2.17.107.200:443 | img.itch.zone | tcp |
| GB | 142.250.200.54:443 | i.ytimg.com | udp |
| US | 45.79.115.66:443 | samperson.itch.io | tcp |
| US | 8.8.8.8:53 | region1.google-analytics.com | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | tcp |
| US | 8.8.8.8:53 | 66.115.79.45.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 54.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 200.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | tcp |
| US | 8.8.8.8:53 | yt3.ggpht.com | udp |
| GB | 142.250.180.1:443 | yt3.ggpht.com | tcp |
| GB | 142.250.179.234:443 | jnn-pa.googleapis.com | udp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | 36.34.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 1.180.250.142.in-addr.arpa | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | js.stripe.com | udp |
| FR | 18.244.28.50:443 | js.stripe.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | m.stripe.network | udp |
| US | 151.101.128.176:443 | m.stripe.network | tcp |
| US | 8.8.8.8:53 | 50.28.244.18.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.128.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | m.stripe.com | udp |
| US | 34.210.222.73:443 | m.stripe.com | tcp |
| US | 8.8.8.8:53 | 86.23.85.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.222.210.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 216.239.34.36:443 | region1.google-analytics.com | udp |
| US | 45.79.115.66:443 | samperson.itch.io | tcp |
| US | 8.8.8.8:53 | itchio-mirror.cb031a832f44726753d6267436f3b414.r2.cloudflarestorage.com | udp |
| US | 104.18.8.90:443 | itchio-mirror.cb031a832f44726753d6267436f3b414.r2.cloudflarestorage.com | tcp |
| US | 8.8.8.8:53 | 226.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | itch.io | udp |
| US | 45.79.115.66:443 | itch.io | tcp |
| GB | 216.58.212.194:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 90.8.18.104.in-addr.arpa | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | lh3.googleusercontent.com | udp |
| GB | 172.217.16.225:443 | lh3.googleusercontent.com | udp |
| GB | 142.250.187.238:443 | fundingchoicesmessages.google.com | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 30.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | id.google.com | udp |
| GB | 142.250.180.3:443 | id.google.com | tcp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | 226.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | store.steampowered.com | udp |
| US | 23.200.189.125:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | store.akamai.steamstatic.com | udp |
| BE | 2.17.107.184:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.184:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.184:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.184:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.184:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.184:443 | store.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | cdn.akamai.steamstatic.com | udp |
| US | 8.8.8.8:53 | shared.akamai.steamstatic.com | udp |
| BE | 2.17.107.184:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.147:443 | shared.akamai.steamstatic.com | tcp |
| BE | 2.17.107.147:443 | shared.akamai.steamstatic.com | tcp |
| BE | 2.17.107.147:443 | shared.akamai.steamstatic.com | tcp |
| BE | 2.17.107.147:443 | shared.akamai.steamstatic.com | tcp |
| BE | 2.17.107.184:443 | store.akamai.steamstatic.com | tcp |
| BE | 2.17.107.147:443 | shared.akamai.steamstatic.com | tcp |
| BE | 2.17.107.147:443 | shared.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | steamcommunity.com | udp |
| BE | 2.17.107.162:443 | cdn.akamai.steamstatic.com | tcp |
| BE | 2.17.107.162:443 | cdn.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 125.189.200.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 184.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 162.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clan.akamai.steamstatic.com | udp |
| BE | 2.17.107.210:443 | clan.akamai.steamstatic.com | tcp |
| BE | 2.17.107.184:443 | store.akamai.steamstatic.com | tcp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 210.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | api.steampowered.com | udp |
| BE | 104.68.92.92:443 | api.steampowered.com | tcp |
| BE | 104.68.92.92:443 | api.steampowered.com | tcp |
| BE | 104.68.92.92:443 | api.steampowered.com | tcp |
| US | 8.8.8.8:53 | 92.92.68.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons4.gvt2.com | udp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | tcp |
| US | 216.239.32.116:443 | beacons4.gvt2.com | udp |
| US | 8.8.8.8:53 | 116.32.239.216.in-addr.arpa | udp |
| BE | 2.17.107.210:443 | clan.akamai.steamstatic.com | tcp |
| BE | 2.17.107.210:443 | clan.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | e2c7.gcp.gvt2.com | udp |
| GB | 142.250.178.14:443 | google.com | tcp |
| N/A | 127.0.0.1:27060 | tcp | |
| IN | 34.131.78.121:443 | e2c7.gcp.gvt2.com | tcp |
| IN | 34.131.78.121:443 | e2c7.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 121.78.131.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.143.182.52.in-addr.arpa | udp |
| US | 23.200.189.125:443 | store.steampowered.com | tcp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| GB | 172.217.169.3:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c54.gcp.gvt2.com | udp |
| US | 35.219.153.27:443 | e2c54.gcp.gvt2.com | tcp |
| BE | 2.17.107.162:443 | cdn.akamai.steamstatic.com | tcp |
| BE | 2.17.107.162:443 | cdn.akamai.steamstatic.com | tcp |
| BE | 2.17.107.162:443 | cdn.akamai.steamstatic.com | tcp |
| BE | 2.17.107.162:443 | cdn.akamai.steamstatic.com | tcp |
| BE | 2.17.107.162:443 | cdn.akamai.steamstatic.com | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| US | 64.233.181.94:443 | beacons2.gvt2.com | tcp |
| US | 64.233.181.94:443 | beacons2.gvt2.com | tcp |
| US | 8.8.8.8:53 | 27.153.219.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 94.181.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | help.steampowered.com | udp |
| BE | 104.68.92.92:443 | help.steampowered.com | tcp |
Files
memory/404-2-0x00007FFD71950000-0x00007FFD71960000-memory.dmp
memory/404-3-0x00007FFD71950000-0x00007FFD71960000-memory.dmp
memory/404-4-0x00007FFD71950000-0x00007FFD71960000-memory.dmp
memory/404-1-0x00007FFD71950000-0x00007FFD71960000-memory.dmp
memory/404-0-0x00007FFD71950000-0x00007FFD71960000-memory.dmp
memory/404-5-0x00007FFDB196D000-0x00007FFDB196E000-memory.dmp
memory/404-6-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-7-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-8-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-9-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-12-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-11-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-10-0x00007FFD6F240000-0x00007FFD6F250000-memory.dmp
memory/404-13-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-15-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-16-0x00007FFD6F240000-0x00007FFD6F250000-memory.dmp
memory/404-17-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-18-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-19-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-20-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-22-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-21-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-14-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
\??\pipe\crashpad_3532_URAYDBMPZXHELQYT
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\6487a65b-5ec2-41a4-8b64-8cfc91a5313d.tmp
| MD5 | aaf51f1680c3708bd8e88c0d18fbb1dc |
| SHA1 | 467a83d932c407f3333216280ae91b355226a09b |
| SHA256 | 1cec3811bf1cc794bc1b24d3a5d65920fd0d5b4876591342888b085a40dcd72f |
| SHA512 | 8a741b91da897410b143a6887b79e3818626e2ef3613ea7afb6d6b22f1e73d3ec969f5099f6887b16ff924a661ad8d32a759167bb677cfc9bd7a38a7eba39ac7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2a603416321309d2c81121ee19970566 |
| SHA1 | d74fa8fe9dbda1009daf3ee4b843361ba6a31e79 |
| SHA256 | 6f58eaa57d46d15819db900381301d0cf0846d383d0b1da993726ce3601ef6ce |
| SHA512 | f7e58a0e17637faab67e612b743bcb25b7e84fca56f9b8002d651824f72d7d326610d65d73dcf87519e0e14f93c13bf756cb62fca5ff76e0ba541f346c5fda35 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\30e7d2ca-9c65-497c-b137-34ae3f4d291a.tmp
| MD5 | 51a178c6a59f2012795397013e6c642b |
| SHA1 | a3591b266ee0412d754cec28a57230e9462ddf63 |
| SHA256 | 3b923f12c6352846bd1c0c149708da7c0c718b9da33cb54070df7246a47abd0b |
| SHA512 | 7fd6acd668c5d66cc227621294a389cc5311a7314c6198ac619aea61a562e85c10f806b8ab33e4087a783fe02f3d49114d056f4f384c5f4af87d70b0364a3bd5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 9bd6d75b88957b0c026aa31b9a11754c |
| SHA1 | 3e574e49887c48cf01de3e68ec63b1613c54ed25 |
| SHA256 | ea7604504f5ee769dc1d784343e1c31cf298abf72e8ac3357ff527324f26d3a1 |
| SHA512 | 59161c93e4221c413f2d50e588a551d2c4df37da1256a49240e2d256cbf429c0f9e11e39c4260e754043939fa57ef4624fe8ffdedf1370174ae5f0f34c291c41 |
C:\Users\Admin\AppData\Local\Temp\TCD2C8D.tmp\sist02.xsl
| MD5 | f883b260a8d67082ea895c14bf56dd56 |
| SHA1 | 7954565c1f243d46ad3b1e2f1baf3281451fc14b |
| SHA256 | ef4835db41a485b56c2ef0ff7094bc2350460573a686182bc45fd6613480e353 |
| SHA512 | d95924a499f32d9b4d9a7d298502181f9e9048c21dbe0496fa3c3279b263d6f7d594b859111a99b1a53bd248ee69b867d7b1768c42e1e40934e0b990f0ce051e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | 94275bde03760c160b707ba8806ef545 |
| SHA1 | aad8d87b0796de7baca00ab000b2b12a26427859 |
| SHA256 | c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968 |
| SHA512 | 2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe584476.TMP
| MD5 | 08f022a6ddf6e76937154611640acb59 |
| SHA1 | a4c74ba9eafa6e8a3eec8bc227e6efacc7f9a268 |
| SHA256 | 776fa428aa5b1769cc1f278267c1dbb891cee26d252fcaef7b08c66336686746 |
| SHA512 | e6374d38d620160a99dcc7356f22af0fbbe99ba92c543516a1a250b9ed4bc5291b479b332138ed985a21cbe3b3119fce0b294225a5352f5a764b36f2f4ec4f3a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | e5ee67bfc3f2fa71c0b4244fadd6e7a4 |
| SHA1 | 41d5618e3c58fa27f38b5dae16097bba269093dc |
| SHA256 | 09895330f9cb12b589117680c97e200509579da3d9a002dc675e90c86dea1bdb |
| SHA512 | 466c9ccc7703a5d5b4bef19a77454c85d3fadb49b17d5df91ea56fc234924cd3a1da63b3d7b8b758e2941e05306e62d26644049c33d3f4aa0aa9e90acf696974 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f4fbefb9bd806c3cc04d7df81e949ffd |
| SHA1 | eb975c2b4acb59373968c71cc6dc8c8a79a67e24 |
| SHA256 | 22cdfc90c11e219f57ed3321003530d76d58aa97e0b81c3bf068a1d80ef138eb |
| SHA512 | ea6d9d12eb99b595f62ac7fb5eb404b93072555adb1aa6130830fb6727919dd8748fd951c4682fea041f1a70ac653afc7528232ced8571252c3e1df8b379a54d |
memory/404-737-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-738-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
memory/404-739-0x00007FFDB18D0000-0x00007FFDB1AC5000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c603fb78b1ad28e9f24cdb52356089bd |
| SHA1 | ccfda9ffb105841251b2eb2a7fc19af26f917686 |
| SHA256 | d61ddcd906c9244d4d74d695ed1395d9eab47baf264e14b894f37295e41c8d90 |
| SHA512 | f481ebdd603586606c9e1b9e1bd55d254e5343569f839bc220d30c822a273ced4655be92099831a9bd00468ab1428c4e35b3ecc6c4b3c15a582b6cf81cd4a768 |
C:\Users\Admin\Downloads\Desktop Goose v0.31.zip.crdownload
| MD5 | eaad0961b52b14d9a323f092ef307d8a |
| SHA1 | feb3aedf16432b063ff93c90623a865a1fd5214a |
| SHA256 | e66264065923676807fd6d7b36f7c9dc52db9ef1c5399b2811738eb5e22a30f6 |
| SHA512 | fc42d2ed6a8a8efee0898236526dbe46218dbec657caa5e70bcb18433345d56a010903c155c726a5c9e117e1759cae42560e18da49d5bbfe4e99048fbd326330 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 925c01bb6c49594cb87fdb98a12a9b6d |
| SHA1 | fec50585a084fb695b1a17b97e5d38695e7e783e |
| SHA256 | fee4945e13303724c05edf1ada7dfb11b81cbd985c758247b4f052dc9567cc50 |
| SHA512 | a0d5b7c7091efca7df2854c4809b4ed424c500abfebadc1ac0962348991d62a66599c6504c8d59fbdd16d24e5485142fc289be64d08932ec20e7add3ee34d77e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 112133177ccf42a670a5e5eed689b5a1 |
| SHA1 | 5ffbb53e72af69b7ec33f7b27733f85dc5766b8a |
| SHA256 | 69c4ca2ca12dd34e8da4215a12a31c12591f6173b1a1a964b83eb405c6362410 |
| SHA512 | 6fb1fa97b1798cba7cb7efa01f057117966b16d2e76857538907ff3a09fba78950a933b6c079922b280bb85ad6946c252914458765108ea59667eddee76b366a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 81a9f88e082056e22e284c08c72d897d |
| SHA1 | 6456fb924ff2cdaba79c67f2512cb04b8ee0c0f8 |
| SHA256 | fd3973f3370d5f5fe2a0b03baa29d31f52cc30985bb2b58db9ecc26a4434c487 |
| SHA512 | c40ecdf6d406e27d32980f4128e4a0e7bcb6df6c50ca3b1b56200a7263d13aed538ccdd1a094d857d1a9998b9d1103672d57092c116655051a78c503f0373d44 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58c128.TMP
| MD5 | 81ae34655ae06415c62cabd976682d79 |
| SHA1 | 88e840d9aad17692dcd9322bdafaf8cd247e553b |
| SHA256 | f00d55d6865a6fadd3ac25f8beeaa3f7803df149408ce88329f0766eb72611fd |
| SHA512 | 318749d8bfbdc8248af663d2d06d983385eed1a217add0d5439824e173790677af3750918e6d88e64f68522cc8bcd5a462d86105fcdc1950fbff0cf62b7ec8f9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8dd16a3d807e659d5921b7d86314e7e9 |
| SHA1 | 1ea286b1c7f1745b9bd9d3177be45ebda7805f3e |
| SHA256 | 9788b19ea4ee2ae69ff2ad88344dc39e408ba82a6a572c0f676266debdffa02a |
| SHA512 | 713220a0eb1534e03c7882542783eb95423605312c3f77c4b5f57d01bdc549b3a613e7c0f8dbc686b7ace0a897f08edccd7db3ec03a8d3a1bf00fb7ffe250458 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 6e0f7d0ce8e3b2ae1d3de76c28b2c3dd |
| SHA1 | baf36cf50d61cdb921d3a70aaa71f69c716a38d4 |
| SHA256 | 85be7e04395138adc3d14d0f0b20a46d8797c51f3032194ae8d230fbca59a85e |
| SHA512 | a29c16df139db1429c4c1f0766424fdb259f34cbe170af5e9e24e6e788e110d8d882b7b3a5031aaa6d682b22de0af7cac6cca8100d06105d3daf5ea9307eb4a8 |
memory/1332-946-0x00000000003E0000-0x000000000041E000-memory.dmp
memory/1332-947-0x0000000004E20000-0x0000000004EB2000-memory.dmp
memory/1332-948-0x0000000005470000-0x0000000005A14000-memory.dmp
memory/1332-949-0x0000000004DD0000-0x0000000004DDA000-memory.dmp
memory/1332-950-0x0000000005430000-0x000000000543A000-memory.dmp
memory/1332-951-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-952-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-954-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-953-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-955-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-956-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-957-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-959-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-958-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-960-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-961-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-962-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-964-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-963-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-965-0x0000000007580000-0x0000000007590000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 858f57d35e49ae711b1c141cb33a3440 |
| SHA1 | 7f11a20091469d05bd9ece37bceaa29aae90a7b6 |
| SHA256 | 6acdb6379e991b4660bce6f7380115d56a787ef240bf361a6e2d8b2f68955ff9 |
| SHA512 | a3bda61c2bb37a9a6fa84d08f2ec1ce0ee713e94e8eb7f205bea7b2de4af0aa52e636f8166d3a1ff1e87c9d5619280cc74612b1d99657572c6db814b0ffac31f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 676ee370b46f9c61bd223fe61722f60a |
| SHA1 | c9ee885a06c01db1da9fddc0b0db8309cb8bf2e4 |
| SHA256 | 3c97a085ac18c987c3fe96d01f4b8b18ddd8c78a5bf51671ea264fcea0b9e319 |
| SHA512 | 29298c091e4d3e26a8347645a016847cf2416645e90144439fe8c1be27f1d19c7cb174e81cc19900cbe24a4d8f462ebda83475a7ee49d4073992036d51e321c0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3eba05d07596fc1d7b2516ee03e1b8bc |
| SHA1 | 7149ff2930cbcc3f81234c0f544341cadf9576b8 |
| SHA256 | 9216893273a2185c65a9d347664ec0130594c302af5978788586a5835351a197 |
| SHA512 | 7e453b8e4f5baae1dae7031d2b1881bb391bf2cf2e489f95ab50866e82cecc974c86f43b5ca5c2c3fa3290220666451603763eb8d9e4b5c516a6c18f5ccf1651 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 58ae690b1f10a9d7a95b12c2cc98c099 |
| SHA1 | 537bdb799bb457849988b954bc04dbf994576606 |
| SHA256 | 6142320e504cfd4f90e3563aec5b3426fcdb01fe6b3b1bf0e3954d7953733734 |
| SHA512 | 3034bbaa4444e6c590a06273f8c7ca2dbacd0f323c7fed19bbf60fff091acabca2306103d0898ee1435ed7d065c820da8a2c89dbede4e381f25fbb498073ec86 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1062e31c8a07c65b5a93e115499d3962 |
| SHA1 | c61e8849dc3136ec0712c99dcaed6536693f0d3a |
| SHA256 | b03661b794cc95872cdc1951b134ee231001553bff471abf3cb74f26d3844ebe |
| SHA512 | c0e1ef0f4bd16c0dd2c053e48a24e39fca52faa64dd4d1d718adbec2e30d9596abce70949306f9de394050c7f39ddaf38f31a3a5d19217039cf79b910f5f293d |
memory/1332-1255-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1258-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1257-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1256-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1259-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1260-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1264-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1263-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1262-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1261-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1265-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1269-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1268-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1267-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1266-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1275-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1276-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1278-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1277-0x0000000007580000-0x0000000007590000-memory.dmp
memory/1332-1279-0x0000000007580000-0x0000000007590000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 7e056213f0ce1b6caf03f4bec35229eb |
| SHA1 | da4be1b419b09cd902330de7d54633b0aa11063b |
| SHA256 | 3bcd4d8e972532117e0d0fbb6ff2516ffd4005516c0a3d55b8cb0e089cc10fb2 |
| SHA512 | 6fc32d1a613c9c20acf3915d42aa046534a0a16172be8d8bf285c75152734b25635eecaea481864584f810d289c682201bf6d966e46ae370582ea23c35a88523 |
C:\Users\Admin\Downloads\Unconfirmed 71444.crdownload
| MD5 | 1b54b70beef8eb240db31718e8f7eb5d |
| SHA1 | da5995070737ec655824c92622333c489eb6bce4 |
| SHA256 | 7d3654531c32d941b8cae81c4137fc542172bfa9635f169cb392f245a0a12bcb |
| SHA512 | fda935694d0652dab3f1017faaf95781a300b420739e0f9d46b53ce07d592a4cfa536524989e2fc9f83602d315259817638a89c4e27da709aada5d1360b717eb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 9942b324c10053e909acd1bacf05cf09 |
| SHA1 | 0c674949813ad5be70052ccb74fd3a97544a10bf |
| SHA256 | 6a59888ba8cfe50d39765c6d0d09105a2ae4f52bca63d216ebe1e9030ebe4416 |
| SHA512 | 3673f75c4591bc9b08f8957034eec89c7e99d318559a06b4f8a70e5d61ec451017bd461d7e734117fabc2dc4a52cb6667a5e79eb347c15bf6fd18c1212e0adbb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 797fe10f55bc5ff249c8d678d6b17f1d |
| SHA1 | d8c001a32951a01fa15b67dde6d4a4be901bae4b |
| SHA256 | 9306d0f47acccd60820e722ee784c833bee1fe128ed15585b4c54bfc6a98950d |
| SHA512 | cdde79a60c043d4452939419dea1020400f5a9643f5c35fe90cdcca975f05c11db28818e45ebc1b554800424411e2fb5bc1556008d61da63cf58524b28e31e6d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | d4a0e26acb6945360ec14a92960c952a |
| SHA1 | 1224275128a83297f79e63e5a41a2b1523894e06 |
| SHA256 | f34980ab6fb41135d9ee99d1b0661f985265a1a7c25f94989ee87e719f369c38 |
| SHA512 | 73cf1ccfb135938cc745077f52e5cfb409b62a1aecfbf4284f1fbce33a868e3bc9ef4ee1ebd6c6d437e495908d79f304211d293b4afc685d18ccd3b94cd49dc4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2dbf9bc816deb4ee05ef95fd1a92c33c |
| SHA1 | 1c2680f877a96d433c5ca285671d2b737f7c46e4 |
| SHA256 | 0b0a83aa33328c06c3442ef177ae7ebae26a811f7afdc84f1f55dbf8a36a9292 |
| SHA512 | 5ab54f2d4fa380bf876331bc9df31a857143f88a22f366f00ad3bd26a97cf616f47795cd1101a1f323d746403a2a1cdb958bac97198bb8d25f0adfa08053ef65 |
C:\Users\Admin\AppData\Local\Temp\nsp258D.tmp\System.dll
| MD5 | a36fbe922ffac9cd85a845d7a813f391 |
| SHA1 | f656a613a723cc1b449034d73551b4fcdf0dcf1a |
| SHA256 | fa367ae36bfbe7c989c24c7abbb13482fc20bc35e7812dc377aa1c281ee14cc0 |
| SHA512 | 1d1b95a285536ddc2a89a9b3be4bb5151b1d4c018ea8e521de838498f62e8f29bb7b3b0250df73e327e8e65e2c80b4a2d9a781276bf2a51d10e7099bacb2e50b |
C:\Users\Admin\AppData\Local\Temp\nsp258D.tmp\nsDialogs.dll
| MD5 | 4e5bc4458afa770636f2806ee0a1e999 |
| SHA1 | 76dcc64af867526f776ab9225e7f4fe076487765 |
| SHA256 | 91a484dc79be64dd11bf5acb62c893e57505fcd8809483aa92b04f10d81f9de0 |
| SHA512 | b6f529073a943bddbcb30a57d62216c78fcc9a09424b51ac0824ebfb9cac6cae4211bda26522d6923bd228f244ed8c41656c38284c71867f65d425727dd70162 |