Malware Analysis Report

2024-10-10 07:27

Sample ID 240614-11ssesxgnd
Target 60_free_config_drop_ni9neware.rar
SHA256 bb2c1c7361d1e6d46fe769c7252e069b6757bb2e245164f5ec84a8b58d0b0617
Tags
score
3/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
3/10

SHA256

bb2c1c7361d1e6d46fe769c7252e069b6757bb2e245164f5ec84a8b58d0b0617

Threat Level: Likely benign

The file 60_free_config_drop_ni9neware.rar was found to be: Likely benign.

Malicious Activity Summary


Enumerates physical storage devices

Suspicious use of WriteProcessMemory

Modifies data under HKEY_USERS

Modifies registry class

Suspicious use of SendNotifyMessage

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-14 22:07

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-14 22:07

Reported

2024-06-14 22:10

Platform

win11-20240611-en

Max time kernel

150s

Max time network

151s

Command Line

cmd /c C:\Users\Admin\AppData\Local\Temp\betacfgsemilegit_9_1.cfg

Signatures

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133628764830631498" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000_Classes\Local Settings C:\Windows\system32\cmd.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2198854727-3842442895-2838824242-1000_Classes\Local Settings\MuiCache C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2198854727-3842442895-2838824242-1000\{579180AE-4B3A-41C5-8746-68FE0AAB8D4F} C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1608 wrote to memory of 492 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 492 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 4456 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 2324 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 2324 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1608 wrote to memory of 3344 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\cmd.exe

cmd /c C:\Users\Admin\AppData\Local\Temp\betacfgsemilegit_9_1.cfg

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff85042ab58,0x7ff85042ab68,0x7ff85042ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1608 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2084 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2192 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3052 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3080 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4244 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4252 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4548 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4468 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4792 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4672 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4900 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4864 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4080 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5004 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4692 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=2548 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4080 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4800 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=4964 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4388 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3092 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4888 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4336 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=5112 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=4528 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5404 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5548 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=3240 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5952 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=5764 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3440 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=4848 --field-trial-handle=1828,i,9124783097001249641,18083662918612279141,131072 /prefetch:1

Network

Country Destination Domain Proto
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.179.238:443 play.google.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.187.238:443 clients2.google.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 ogs.google.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.234:443 content-autofill.googleapis.com tcp
US 52.111.227.14:443 tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
GB 142.250.179.238:443 play.google.com udp
US 104.26.12.121:443 pics.soap2day-day.co tcp
US 104.26.12.121:443 pics.soap2day-day.co tcp
US 8.8.8.8:53 greatandmighty.top udp
US 104.26.12.121:443 pics.soap2day-day.co udp
US 8.8.8.8:53 ajax.googleapis.com udp
NL 185.177.92.29:443 greatandmighty.top tcp
US 104.26.4.122:443 pics.soap2day.day tcp
GB 142.250.179.234:443 ajax.googleapis.com tcp
FR 212.83.147.46:443 hutchintheground.top tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 172.240.108.68:443 fastidiousilliteratehag.com tcp
US 172.240.108.68:443 fastidiousilliteratehag.com tcp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 122.4.26.104.in-addr.arpa udp
GB 142.250.179.234:443 ajax.googleapis.com udp
RU 77.88.21.119:443 mc.yandex.ru tcp
RU 77.88.21.119:443 mc.yandex.ru tcp
FR 185.93.2.248:443 image.tmdb.org tcp
NL 185.177.92.29:443 greatandmighty.top tcp
GB 142.250.179.234:443 ajax.googleapis.com udp
US 104.17.24.14:443 cdnjs.cloudflare.com udp
US 172.240.108.68:443 fastidiousilliteratehag.com tcp
US 172.240.108.68:443 fastidiousilliteratehag.com tcp
GB 142.250.187.246:443 i.ytimg.com tcp
US 172.240.108.68:443 fastidiousilliteratehag.com tcp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.212.226:443 googleads.g.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 216.58.212.226:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 www.nontongo.win udp
US 172.67.159.150:443 multiembed.mov tcp
US 104.21.234.115:443 www.nontongo.win tcp
US 104.21.64.103:443 vidsrc.to tcp
US 104.21.13.153:443 vidsrc.me tcp
US 104.21.13.153:443 vidsrc.me tcp
US 8.8.8.8:53 150.159.67.172.in-addr.arpa udp
US 8.8.8.8:53 115.234.21.104.in-addr.arpa udp
US 8.8.8.8:53 103.64.21.104.in-addr.arpa udp
GB 142.250.179.238:443 www.youtube.com udp
US 104.21.64.103:443 vidsrc.to udp
US 104.21.22.90:443 vidsrc.net tcp
US 172.67.188.249:443 streambucket.net tcp
US 104.21.234.115:443 www.nontongo.win udp
US 104.17.24.14:443 cdnjs.cloudflare.com udp
US 104.21.22.90:443 vidsrc.net udp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
US 151.101.193.229:443 cdn.jsdelivr.net tcp
US 172.67.174.214:443 vidsrc.stream tcp
US 104.21.47.247:443 vidsrc.stream tcp
GB 89.187.167.9:443 www.intelligenceadx.com tcp
US 104.20.19.71:443 s10.histats.com tcp
US 172.67.188.249:443 streambucket.net udp
US 151.101.193.229:443 cdn.jsdelivr.net udp
US 8.8.8.8:53 c.adsco.re udp
US 8.8.8.8:53 s4.histats.com udp
US 208.95.114.100:443 intelligenceadx.com tcp
US 104.21.47.247:443 vidsrc.stream udp
US 8.8.8.8:53 90.22.21.104.in-addr.arpa udp
US 8.8.8.8:53 229.193.101.151.in-addr.arpa udp
US 8.8.8.8:53 9.167.187.89.in-addr.arpa udp
US 8.8.8.8:53 71.19.20.104.in-addr.arpa udp
US 8.8.8.8:53 214.174.67.172.in-addr.arpa udp
US 172.67.165.20:443 acscdn.com tcp
US 104.17.166.186:443 c.adsco.re tcp
CA 54.39.156.32:443 s4.histats.com tcp
DE 18.194.54.118:443 proftrafficcounter.com tcp
US 172.67.208.217:443 recordedthereby.com tcp
US 104.22.75.171:443 whos.amung.us tcp
US 162.252.214.5:443 4.adsco.re tcp
US 162.252.214.5:443 4.adsco.re tcp
US 104.17.167.186:443 c.adsco.re tcp
CA 54.39.156.32:443 s4.histats.com tcp
DE 141.101.120.11:443 e.dtscout.com tcp
US 162.252.214.5:2087 4.adsco.re tcp
US 104.17.167.186:2087 c.adsco.re tcp
US 104.17.166.186:443 c.adsco.re udp
N/A 185.200.118.51:443 tcp
US 104.17.167.186:443 udp
N/A 192.243.61.225:443 tcp
N/A 38.132.109.115:443 tcp
N/A 185.200.118.51:443 tcp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp
US 8.8.8.8:53 udp

Files

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 a05de6626e878c11872bcf9a152a692c
SHA1 8e2e338228d149511acd9740a84d5310c33f7f2c
SHA256 2b028061471208157f927bc0495bd6814ebce7edb5c6a0cf5f6d8d065845d704
SHA512 9f73b10f2acb9d22d8c02428f55759d55c4a6d8f4521f2c8f698c7d20280aded26a3e2ecd565507d5e8334ba4843076fbc42e3df74b49a8bc20eeb71d9ceb520

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 04e8a3d8a68180d333616221b1c3ce23
SHA1 250882a5cf5fb13a41c89742983cc6e263a95645
SHA256 fad863aa020f3e56c0e90e9339a8f8c5d319f75dc2bbb4314696ae7e0e1f2205
SHA512 4aa6633818ffa987b4b6e23967fc9c502f772e0cf2bfa2c203ed551f3b9b215296e333c342b85a57b6d768b78759d3c4e53e620c5f0d3215d27b9f30c6b19ebf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 576d6ce317c1972af5be7a568b6a9356
SHA1 e62a584c2707a082cec7d95f1ae90e8e122b035b
SHA256 a8e63dc8610cf94f25903c1f86234d8a7777665c3569301e56ab5ee468aade2f
SHA512 b624144ab09cefd38ae4f9dd708e108c443357e027ae18968f31252a3ea2fe72db19bec456cdece17393bf328ced80e4191acbd21feeb374d65ccf44a9cfe993

\??\pipe\crashpad_1608_HXBRASKRWLNTQTEG

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c7d0cd5eb9dce36fe716a866c651d372
SHA1 de4788e0ff24142f1307dcc4fe6b6025c254ffe9
SHA256 c0cc8577a88f3a36744329037194b8ebe47967fe380162db77fd3644b9f404ae
SHA512 bc6fcdc2ba776dfae7d13c5a603cf63357a43e44da4123a227b0bf9a800834665772216a710c55e060a09a7b38e24d787ffa7e15319aea042c70003d7ae6d16e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 213dac0dadba283857ed6fe8b79adf38
SHA1 028437982a06200d19daaa96e4658f3c21be6082
SHA256 afd3cbe548ac5e8305d6057d37a07576dfd2cb49fcadc579a08619aa08add7ab
SHA512 d906c5de36038fa426ba6586b110cc4b74930366b98737d75542219acb43f8e6ad9c6419df2ff98821b439e21e384870a850c51fd3cf940ab9a2d275b342e211

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1bd77e11484f47ca1832c7caf2134b89
SHA1 a4145c35722ddcb3f67375e8b1c921474e56c32b
SHA256 50e51adc91b48663aa96ce6ee85720ace6a500a124bc3286fe758211def40ad7
SHA512 3dce36dab602a8d06d7f634b0ef03786510af469715a2afc71016ef4a079707aa2e3836c6001cb343d3420deac68f33988c34d487efda849ad14026ae7895ae6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 fbc68f7e0d015b779d27401dfd4f6cfa
SHA1 762c314da57e4ce146f2bef2f2e85a70332eb3ba
SHA256 aa43a5c6b3f76c2eb5d226c2cebed38f9718fc95d5785ce6daee3b43e7c86d10
SHA512 ea06e2aab3b9e6ba45facc19975b6cc224de8b1d6480f499f9ed87d9e441f3236c64f87ff78dae28ecbb0079dbcbb7e7da6c82383a31a6c6f1ac69a43cdc5778

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 99916ce0720ed460e59d3fbd24d55be2
SHA1 d6bb9106eb65e3b84bfe03d872c931fb27f5a3db
SHA256 07118bf4bbc3ba87d75cbc11ddf427219a14d518436d7f3886d75301f897edaf
SHA512 8d3d52e57806d1850b57bffee12c1a8d9e1a1edcf871b2395df5c889991a183a8d652a0636d5452068f5ef78d37e08ce10b2b2f4e05c3e3c0f2f2230310418a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9e5430d0756e76efc61e66632622bad6
SHA1 b2e3b3d2ea7da3fccdc606d94158718108d654bc
SHA256 32f456494ee4e3858e7c0286df5b3b8df43c1d531896e0633f815ffece34e855
SHA512 f6d4d0b8981e0940c15af8f84c8ac1adfc6135948d48eda71c427b0c1b756c063e1fc8d4fe044dc242b6411a0790cf420f486da3173cf24244405074a389726f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 79a6d3177e11512d576f9f34be67aee1
SHA1 016d447d58af8588a0d40f9ee6e3c590a553bc0e
SHA256 5387eef0f99d1168d314f93df070ff72d1d768182c92007a1277de4fae04afae
SHA512 c17eb7b632186a19a608353e452605f63cedc840126b26bc8a4013965f2bddc16f14436be77a94e4b997b1922823db367252fa929eefa8b2911213cab656eec7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58c975.TMP

MD5 ce3ad2cfcade64f3a50495870cd0d9ff
SHA1 48ca715c53b3797e99b9a63ae2fe46b95fee5c18
SHA256 70cdc08f0dcbd5a37fcd0df3ea2f28c15cbf28cb30bed1cb563f73f77103ba47
SHA512 a0ab15a5947d920b1f5dd0942ab143c54c7cf8ce1c70ac4e4203e744943cd40d9ea106ad53285f477dde29ee451a9a89f5570a2f4383868b63e0473ac26eefc0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 f2ac25b5e98572b93443313c90c59748
SHA1 c769c764dc3a9bec3295a6f04cb6b24ec3309613
SHA256 241186d5d2ac3b370508c8b65759b1cf9644bcc2ae59485fb49414ab7a7b3424
SHA512 82485742c9e9273f57722318aecd740abbb5dd8abf90bc85a361ebc2b07e0133f56bd830361f7d7ec6a9424847955321a8b75d3cddd6cf15e3cf021104049f83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 67ad70741d02414961fba535006e8e47
SHA1 0f01d37ed28a6e28319707132d08a1402f8c8b44
SHA256 b345780b3b430b0fe9ad0c9626b5371c70163917b292db44eb9b2c139718c826
SHA512 83d70f147f8965585c3fe11f8d8e1a5ac428f3fd3d41ce8aebb76388520c706f318c3d693504de02f91a865fc8feb9f8d52ba23d051fffcba68be54ba6b23c59

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7d9da47c86a513bd8403a429357f3116
SHA1 bbe2c409647b74aa2de9a4efb33eb498d1098d6a
SHA256 e3f10b8424ee349bea23afa6e201a8218c99314c788093799092db59f7b46817
SHA512 6e543e14408e99cda91e39e56665a567023b82bf47ecaddbf29574fc2646709e6d77f2eb32c41d9ffc618e91542b171442f16af19c7b5f90708b593d89bf661d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0c08e7b4d52d17d4c167c426d32bf324
SHA1 c9d869870bc01dc4c914a6763f053d6217156290
SHA256 e78749b6f1eecac09a15ec01eb80da5bcbd5fb33e3842de90ffebd15c6427274
SHA512 18bd486ddefd9b77340bc9be903669992cf539325bfb24d6dc2e997bbfa1ad9187297cabf73210da79bd35e628b80dadf87ba07ba6e2d8b68913746dd96978a0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8ccbe4ee0cf76bfc5af98762aba82fe5
SHA1 e8eb275d3c0ab01d3990388d0991cd976971067b
SHA256 b8bfa70fc5a56d0788a672da3344c529fe390272b7d1da955703c6d22f832f30
SHA512 28a66435c0eec6d55defe26946f5a08235927aa8b36d92cfd5eb11ff115472509dba9d4b88eae72133dbffd5d68ed6dc38f5122394b0e0df8ec1ba6c1ca81624

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\2899944a-a3e6-4ca6-83dc-5500081fffb9.tmp

MD5 0f12b0161cbf8fa5b26bd18b14d947b1
SHA1 a548c692a0fdcda75fb82fd997364daf8a6930c3
SHA256 802e65697831468be014c0dcf4422fdb8b5cefeb16758dba90e21a0bed8840c4
SHA512 9ed58633440b787ea89dfa7338da8b04985e622ee01855058a2abeae0e2a96b70afb494821e1da7d332fbcce4cf8b1dc940b63ab07ac39b90016b9b871e3af83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a99aa7d68da0566749bf68122960df3d
SHA1 6704fd21385a261a41b598e95ed8481555ac9c8f
SHA256 404e157f1a5037cf4ae928976baf0099d59035345922da9e8d2c9808e7f69f77
SHA512 717b83d099d71bf61bc982e6a10906846efe752a59547ecb17e01714b6cd7a549df454a8b59cb59618651f9ecb420819b4f2f464894465a3421d095edc6c7406

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0430a313e9363c4943f7aca0b9c61274
SHA1 3bd74d9b409b2a9cb8c55f5f62e84311dba0109d
SHA256 f2ca614ffc236ad2717da5aca641ff98fe5bb8b3280af5d1048a6bfe088ecd84
SHA512 0d92d7d45c5e05a4fd7900503ed9aa970a4415849e1c0333747b88b39d11e7e51b5861477d7b26d2e085d776f3a4d483fcc84827e3ce70f35f07f960eb9e4d93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 371c9ca8012e485e92c9c490d401a1d4
SHA1 ac801c7df46656c8a954bf61fdebc897146e2930
SHA256 13275ae9b5a696d7e3826e8eaeb344e20bdd70a88764ac3368afb4b2f1160a4f
SHA512 c74cafd16aa04c6edd700aa5baa7db1e317c39865c8a3cb68483a9148d8805c092d1d07e79b526558b7c1744840eea93daf0aa5fee82884c371b588ed7899aee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a6e1853d937ffdbfae1e342f9ca3b7cd
SHA1 a15adf031ce62f793711c1eedd6287c1e6aabe8f
SHA256 30b3883bd526c32df851b82dd7173de7829c1299d48289d1485d938839692aaa
SHA512 8b3faf95baadb948025a6b00d70a9fe7aad6894c54703980f4bb8d6cac9974cfef7f6ac9ce397f07068b81c6587809732551f85d55be000a3611c4f80b8ccb25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\t\Paths\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2cba5791b3ce1aeff344c81c6d19e18e
SHA1 7048c90af1932a594f71e908911fa7795cc7c6f1
SHA256 d267eee6d35cfa2825599311ddf99a8cf89be78f943fce1f23642d52e1e15aad
SHA512 a4a1f6207a5b698f8b24398c2495ee91a61e0364fe8dc35020d32f334a1865d95e186d9393fc77280dd8bb932729cbd9d6e14b1a0dc2f83f3cdc89c96f81b487

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bc9a3298610fd08a0a147be323aaa342
SHA1 a5ef6a2ac87435bc81387d6caaadb50b0c5a5328
SHA256 db3e438e754fb2bd372ba384800cc54a77f175862e62ff39eb9bd1de05120d94
SHA512 a5639d32b96f71e4cecbcd396148473455df65a135b091f1a4510b0523bba7d8e819cce4813885f88d0d4f2b1b5e1554a206d071c2a60e6853a4e59582e71258

C:\Users\Admin\AppData\Roaming\Microsoft\Spelling\en-US\default.dic

MD5 f3b25701fe362ec84616a93a45ce9998
SHA1 d62636d8caec13f04e28442a0a6fa1afeb024bbb
SHA256 b3d510ef04275ca8e698e5b3cbb0ece3949ef9252f0cdc839e9ee347409a2209
SHA512 98c5f56f3de340690c139e58eb7dac111979f0d4dffe9c4b24ff849510f4b6ffa9fd608c0a3de9ac3c9fd2190f0efaf715309061490f9755a9bfdf1c54ca0d84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 efd1969b5ddb00c123fa921a9c4041cd
SHA1 1adb56a9a7cb04dd2728cc0b008f732a1f1f1e8d
SHA256 e6c6e825e3b758c816843f2663c1afad83a47a3d669725ccc12b4310bbfa897b
SHA512 0c72bf3a989ed06cd1edefb4d24ab625a89d31b5bdba7ebf687f996e3698735a8a1ba61160c6316330ff08576ff5ae8d28fcd9e8b2e8d2b2a8e4fd1d5071f309

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 34355946956fd1c762ff5bd98c66f2b6
SHA1 258138cd845f60e29f94ed7c72d4e83848e73eff
SHA256 1f77136711b374562b8ab2c67e1319eef695de6ea266eaf362fa6c1a4df05818
SHA512 6860168f5e26e6e333a5edc28771a4af103978da4740b8df495ae1d2168125b0366b3c24a53bb1c21bc26ac7d36a72997dff5e4c4dbe9e94f4b9935894718c7e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

MD5 447858e73690c46defc09caf024f6c98
SHA1 85b42fd09c814d9c062f411c730e1cf59b0468ae
SHA256 33a307fff1eefcb11885d79401d76941ae8f7bead7a1b0432d54e87c5efd8b67
SHA512 95e72a580c4fe17f2d04c37c93042c39218f431bdccfc79630d7fe60dd62d02372090657ea3eadb53566622ca1817fb0fff789d8afa6790ab45b82cf44ab21a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b6f48def1ad0dc727f479ce8ffec8a6b
SHA1 488a3d7c23f20d7c90d9cd3010d31836d67b4028
SHA256 88b9c140ca5cdbc682401e0cd009ef606ef17510c596d69c12b629f720543aec
SHA512 ff657c31fa12c36894ac6002bbc33c3263739b9727aa255687ff9299087d47b2a6b390cd0bb6ce588b992c245e497f5e9178de97bec3c72a2d696160dd9f3a9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5a1bc7.TMP

MD5 6f37b16e12d82290c46a065b8a58de42
SHA1 843e72bd3c09582bea79d50b65480dbf5aba4065
SHA256 d827b98956521ee89977963f8bb0f5412e3243e0fef7f3830d3b2e687d5aef21
SHA512 93be67507dd37c0f9eac056c90ac3f139a1554b058c2ebaed328802eef4b542d2557bd0984dd790d0e46386a3eea4691143ad42a46284c799a2ab246644ad098

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 62bd0094713dd733452e4abd9a73e5b0
SHA1 5751eabf6552d0709b6cbd5aa0c93fc3ef7efb6c
SHA256 ebff096f282dd41a5320ac9886e01142377702c4ecf3b4f84430baf874ac8880
SHA512 70e5862b1f1e19efa4c8e5fc0edfa0e886d078a063948cdaa5965acf1ef416918912ba84bac2bcfd42a05dd3a70175095e8b8c2fe9523e5e9d1a9cb02fd1bdd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 f0011e67fb648ff539594e6e4e47d197
SHA1 5a68bd42cd80550389b919356dfe35aab3ff101f
SHA256 3509f887804116c37a4a78cde1745b0734da047027fa0389d3ba3fa0ecc2ac8c
SHA512 ecb6eaea37dda378c15879e374ad591b0ea9088bb3c28635920c4fc116792daa95d897f3f701c825073e94e531b3789921086ed0c8c4387dd7d8241e5abaaf6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 afbeda728da99542abce227bc9fb34cc
SHA1 a967a815e9cb17c68acd27541591ecfcb482ef6e
SHA256 4d33b3ea864f6ad1047e7251e10f4f9a0c1ab9233e1df48f5eb252407eaeff85
SHA512 e0a4d3c7b7b505a8d5a1bcc6b3e230d881b688be996ff6cb553d520d29d1722c6a4aa83dc967fec4fa17e2e4c159ccf0f354c3b71b340d7b4ea849a30c982f82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 49d1588a7e7ec2fd331439c881bbe74b
SHA1 1a1e440151e44569d4bf47f601eddc66acac83a0
SHA256 42c54438528624b0a3afef605e352827ce8923f462f8bf8854fd52457e8ff8bb
SHA512 13cb4c94ba2d78bb1617f6d021dda2364cb01bbe077dbf006c7fa7d353812d7dd1aa9cb81ba089fc8dcfebb99cfa669f27f05b60b985c2bea5a1e29a39a494d4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000044

MD5 bf2c9b4c340827cb10ac21e17f3db378
SHA1 2203a03b53ed7ee3ef8f7a4835694a3d313becff
SHA256 d66c19bcc3bae147b4606eb1cf98fdf16427865451b9b5f41ca685215abed254
SHA512 d2e87455aca2b99bb29fc5f4940a64a78ddc6da47703a02f8b46d51b4bdbd301b67532165af9d0afa48afbf1b4785b714e00bdd33f67a80a8d68250b0e4037c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\ba23d8ecda68de77_0

MD5 3a328c58a4506feaf495f9bca1a33145
SHA1 0886ae4e53e80b8496e62b0aa1123a31a2b05bc9
SHA256 7a13a2070b0e4734a6345ebb1b69ea4a0a5209a2e522d46482ce224ada285325
SHA512 fe58657592f041b96424d784b0511a34b04f9a9c7a90db2f9ee9be10b0dade561896cb51b305b7c9188d1123db2590346b197bc7ba939450e7e749ea390fdc55