Analysis Overview
Threat Level: Likely malicious
The file https://turbowarp.org was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Checks computer location settings
Executes dropped EXE
Writes to the Master Boot Record (MBR)
Legitimate hosting services abused for malware hosting/C2
Enumerates physical storage devices
Modifies registry class
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Modifies data under HKEY_USERS
Suspicious use of SendNotifyMessage
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Enumerates system info in registry
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-06-15 08:56
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-15 08:56
Reported
2024-06-15 08:59
Platform
win10v2004-20240611-en
Max time kernel
150s
Max time network
150s
Command Line
Signatures
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| Key value queried | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | raw.githubusercontent.com | N/A | N/A |
| N/A | raw.githubusercontent.com | N/A | N/A |
Writes to the Master Boot Record (MBR)
| Description | Indicator | Process | Target |
| File opened for modification | \??\PhysicalDrive0 | C:\Users\Admin\Downloads\MEMZ.exe | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133629154502845310" | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3665033694-1447845302-680750983-1000\{FED33DD8-7A14-4DB5-8588-FA8A337A2A84} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key created | \REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-3665033694-1447845302-680750983-1000\{BDAE5531-FE96-4EBA-800C-EFE4E218B439} | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://turbowarp.org
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=16 --field-trial-handle=4064,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=5016 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=15 --field-trial-handle=3852,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=5092 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=17 --field-trial-handle=3384,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=5332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=5396,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=5500 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5356,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=5644 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=5980,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=6032 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --field-trial-handle=6036,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=6184 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x378 0x3a4
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=22 --field-trial-handle=6156,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=4272 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=6800,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=6720 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=24 --field-trial-handle=3856,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=6872 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=25 --field-trial-handle=6900,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=6932 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --field-trial-handle=7060,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=6604 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=27 --field-trial-handle=7080,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=6672 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=28 --field-trial-handle=7200,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=7224 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=29 --field-trial-handle=7108,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=7252 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=edge_collections.mojom.CollectionsDataManager --lang=en-US --service-sandbox-type=collections --field-trial-handle=7480,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=7492 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --enable-dinosaur-easter-egg-alt-images --disable-gpu-compositing --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=1 --renderer-client-id=31 --field-trial-handle=7388,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=7468 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.FileUtilService --lang=en-US --service-sandbox-type=service --field-trial-handle=7804,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=7820 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --field-trial-handle=8020,i,11069752405888604640,8928124405695604965,262144 --variations-seed-version --mojo-platform-channel-handle=7956 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=125.0.6422.142 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=125.0.2535.92 --initial-client-data=0x23c,0x240,0x244,0x238,0x260,0x7ff95ed54ef8,0x7ff95ed54f04,0x7ff95ed54f10
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=3200,i,1811923708392294953,10813327340655211156,262144 --variations-seed-version --mojo-platform-channel-handle=3196 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --field-trial-handle=1964,i,1811923708392294953,10813327340655211156,262144 --variations-seed-version --mojo-platform-channel-handle=3388 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.92\elevation_service.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.92\elevation_service.exe"
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --field-trial-handle=2288,i,1811923708392294953,10813327340655211156,262144 --variations-seed-version --mojo-platform-channel-handle=3644 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.92\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.92\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --field-trial-handle=3328,i,1811923708392294953,10813327340655211156,262144 --variations-seed-version --mojo-platform-channel-handle=4536 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.92\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\125.0.2535.92\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --lang=en-US --service-sandbox-type=none --field-trial-handle=3328,i,1811923708392294953,10813327340655211156,262144 --variations-seed-version --mojo-platform-channel-handle=4536 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff977acab58,0x7ff977acab68,0x7ff977acab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1776 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2196 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2304 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3140 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3020 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4424 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4580 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4400 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4212,i,1811923708392294953,10813327340655211156,262144 --variations-seed-version --mojo-platform-channel-handle=4784 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=entity_extraction_service.mojom.Extractor --lang=en-US --service-sandbox-type=entity_extraction --onnx-enabled-for-ee --field-trial-handle=5096,i,1811923708392294953,10813327340655211156,262144 --variations-seed-version --mojo-platform-channel-handle=5144 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4596,i,1811923708392294953,10813327340655211156,262144 --variations-seed-version --mojo-platform-channel-handle=5184 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4948 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5076 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4668 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5568,i,1811923708392294953,10813327340655211156,262144 --variations-seed-version --mojo-platform-channel-handle=5584 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --instant-process --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5560,i,1811923708392294953,10813327340655211156,262144 --variations-seed-version --mojo-platform-channel-handle=5620 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --pdf-upsell-enabled --enable-dinosaur-easter-egg-alt-images --lang=en-US --js-flags=--ms-user-locale= --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5600,i,1811923708392294953,10813327340655211156,262144 --variations-seed-version --mojo-platform-channel-handle=5840 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4748 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=4764,i,1811923708392294953,10813327340655211156,262144 --variations-seed-version --mojo-platform-channel-handle=5108 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --field-trial-handle=4784,i,1811923708392294953,10813327340655211156,262144 --variations-seed-version --mojo-platform-channel-handle=5484 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --field-trial-handle=4888,i,1811923708392294953,10813327340655211156,262144 --variations-seed-version --mojo-platform-channel-handle=3156 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4676 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4520 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4472 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3356 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5268 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5344 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5592 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5300 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4564 --field-trial-handle=1956,i,18078100761355403690,15358961208258356964,131072 /prefetch:8
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe"
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /watchdog
C:\Users\Admin\Downloads\MEMZ.exe
"C:\Users\Admin\Downloads\MEMZ.exe" /main
C:\Windows\SysWOW64\notepad.exe
"C:\Windows\System32\notepad.exe" \note.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ff977acab58,0x7ff977acab68,0x7ff977acab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1748 --field-trial-handle=2028,i,2115762891261559945,3873903069713092962,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1880 --field-trial-handle=2028,i,2115762891261559945,3873903069713092962,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2264 --field-trial-handle=2028,i,2115762891261559945,3873903069713092962,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3048 --field-trial-handle=2028,i,2115762891261559945,3873903069713092962,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3056 --field-trial-handle=2028,i,2115762891261559945,3873903069713092962,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4352 --field-trial-handle=2028,i,2115762891261559945,3873903069713092962,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4544 --field-trial-handle=2028,i,2115762891261559945,3873903069713092962,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4672 --field-trial-handle=2028,i,2115762891261559945,3873903069713092962,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | turbowarp.org | udp |
| US | 8.8.8.8:53 | turbowarp.org | udp |
| US | 8.8.8.8:53 | turbowarp.org | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| US | 172.67.134.124:443 | turbowarp.org | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 8.8.8.8:53 | business.bing.com | udp |
| US | 13.107.6.158:443 | business.bing.com | tcp |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 124.134.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 56.104.245.94.in-addr.arpa | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | bzib.nelreports.net | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| SE | 184.31.15.40:443 | bzib.nelreports.net | tcp |
| CZ | 2.19.217.218:443 | www.microsoft.com | tcp |
| NL | 23.62.61.155:443 | www.bing.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| GB | 51.140.242.104:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | www.microsoft.com | udp |
| US | 8.8.8.8:53 | 22.160.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 76.234.34.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.205.248.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 40.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 218.217.19.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 155.61.62.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.242.140.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | trampoline.turbowarp.org | udp |
| US | 172.67.134.124:443 | trampoline.turbowarp.org | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | c.s-microsoft.com | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 8.8.8.8:53 | edgestatic.azureedge.net | udp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 13.107.246.64:443 | edgestatic.azureedge.net | tcp |
| US | 172.67.134.124:443 | trampoline.turbowarp.org | udp |
| US | 172.67.134.124:443 | trampoline.turbowarp.org | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 204.79.197.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 237.197.79.204.in-addr.arpa | udp |
| NL | 23.62.61.171:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 8.8.8.8:53 | wcpstatic.microsoft.com | udp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 13.107.246.64:443 | wcpstatic.microsoft.com | tcp |
| US | 8.8.8.8:53 | 26.35.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.61.62.23.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | r.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| US | 8.8.8.8:53 | th.bing.com | udp |
| NL | 23.62.61.171:443 | th.bing.com | tcp |
| NL | 23.62.61.171:443 | th.bing.com | tcp |
| NL | 23.62.61.155:443 | th.bing.com | tcp |
| NL | 23.62.61.155:443 | th.bing.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| NL | 23.62.61.171:443 | th.bing.com | udp |
| NL | 23.62.61.171:443 | th.bing.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| IE | 40.126.31.69:443 | login.microsoftonline.com | tcp |
| US | 8.8.8.8:53 | login.microsoftonline.com | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 8.8.8.8:53 | services.bingapis.com | udp |
| US | 13.107.5.80:443 | services.bingapis.com | tcp |
| US | 8.8.8.8:53 | 80.5.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 69.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.159.190.20.in-addr.arpa | udp |
| US | 172.64.154.167:443 | www2.bing.com | tcp |
| US | 8.8.8.8:53 | 167.154.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.109.133:443 | avatars.githubusercontent.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.109.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| US | 140.82.112.21:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.111.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | dl-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.69.228:443 | dl-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | 133.111.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 228.69.165.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 171.39.242.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-mobile-static.azureedge.net | udp |
| NL | 23.62.61.171:443 | www.bing.com | tcp |
| US | 13.107.246.64:443 | edge-mobile-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | 35.15.31.184.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 21.236.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 234.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
| US | 8.8.8.8:53 | 238.179.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 142.250.187.238:443 | clients2.google.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| US | 8.8.8.8:53 | api.edgeoffer.microsoft.com | udp |
| IE | 94.245.104.56:443 | api.edgeoffer.microsoft.com | tcp |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| US | 8.8.8.8:53 | nav-edge.smartscreen.microsoft.com | udp |
| GB | 172.165.69.228:443 | nav-edge.smartscreen.microsoft.com | tcp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| GB | 142.250.187.238:443 | ogs.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.169.3:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 8.8.8.8:53 | edge-consumer-static.azureedge.net | udp |
| US | 13.107.246.64:443 | edge-consumer-static.azureedge.net | tcp |
| US | 8.8.8.8:53 | 3.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.111.133:443 | avatars.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | 154.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| US | 140.82.112.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| GB | 172.217.16.234:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | 234.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 22.112.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | raw.githubusercontent.com | udp |
| US | 185.199.111.133:443 | raw.githubusercontent.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.179.238:443 | play.google.com | udp |
| GB | 142.250.179.238:443 | play.google.com | tcp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | fe2f94ccae76dc46862feb3a084cc564 |
| SHA1 | f178b203b8ca3f2d2f6f704ad0dc97fd1661455c |
| SHA256 | f28013684ce7be638167ad1bd73817d7fe3ad6cfd733e5f8b993bb458b313c20 |
| SHA512 | ed5520cbd3684eb965b7ba68863d0908420d11163805169773261a4141eaff1a49686580e9b238c69c60e340a808df1e8ae78aa591b7b2e462fed7eff932c638 |
\??\pipe\crashpad_4792_PGDWERZTVDAANZHW
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\DualEngine\SiteList-Enterprise.json
| MD5 | 99914b932bd37a50b983c5e7c90ae93b |
| SHA1 | bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f |
| SHA256 | 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a |
| SHA512 | 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 7df69059ad7ecd30603cc79d88d8fb45 |
| SHA1 | ac9fc869214e08560988167d3045dd7b55d8f42b |
| SHA256 | 0f91681071f3a2b93ba7539701851383e9e7186ba69eded5f0770dfdbf3f08da |
| SHA512 | 0c0178f947d553e0f7a3c310380ff2039f13ac5897c5610d4f95ac118cc4fa121626f3ffdc9bb9469bd69c73291c234124589091071a2f9de6b602dcae046399 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | be43f8fc39c2d190259e1de0d25315ec |
| SHA1 | 173cd4b5a84cc6ec59ac621abdcb7b4f27b9ce08 |
| SHA256 | a6f516df7ff7bb59d929687dd1899ed55f021f104da22603bd317f9d3d23348e |
| SHA512 | 6b3f8bd3dbc8b4194682492402beec9fcdc26a94742ed0c0ea3b4d45f70a5c6f51dfda1b504fe338ca80f7108f26ef93383c64e543003348e95142589fc7535c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\80502ab4-b042-4850-89c2-08f9d0575178.tmp
| MD5 | 2edbd484491cdb551181ebf990765541 |
| SHA1 | fcfaac4db2b271ce55e1cd56d8a9d18cf26fbd18 |
| SHA256 | 94cad322d2bd07e116e616cc624361974640c0e07dc61eeea2ea19090adf881e |
| SHA512 | e0636b37cc645aec760d3922be9809a3057486895739c365af14333254de796bba68b027845089d365ae67347904015ab1c32411e775c680e2933a7b71c2b749 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\12acd505-def7-43a6-bd16-956a3417648e.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | fc41c2682d7217df58a65aa236031a0f |
| SHA1 | 8c094c2731482dddb689ec4f74083ebaf8a0a692 |
| SHA256 | 869ed8cfe5ce2698eba9edb2bce0e6de22ad75d0bc4bbcbafeef9a9866cc5c9a |
| SHA512 | ed93384730786a434109c28f9d94ce1bae5daee5cf7470ad8ef6dd837b4a5dd9303f1809e3a02d9368cb94a2d09e9723508c92911e748281ba0d86b0c889c43e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d35b3117ef5554bd1756fcd93279613a |
| SHA1 | 8e07e598d1db5150a9edf869f7ecbe9b100b8c59 |
| SHA256 | b9d64ccbb4be9a5b0f966368adcef26881064dda6baae927439798f7464243b8 |
| SHA512 | 96e07681a35f05883d0da55b133875cfcd2ef4b0cdf69aa02752cca609383cea1f1f9c46fa24c1c1d660c2c0fabfb878823da66d57bf206db7c1bb8fba5bb13d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 428e1d9f93e4e6681a9d67e18dcac978 |
| SHA1 | d6a830f56d1c3b8d3962da007e2f6ff377dca290 |
| SHA256 | 2dd51945dfa6539978ca773749f3ab8c90ca09c1d683ab544d1f04c60dc58946 |
| SHA512 | 4d8e09beed399674cf1175aab573b3a401c1bb620809ffbe881d316416a061d1822cebbada40600dd95be7bcc9a6c14e587822ddc7a4f4937f8928d7e634cfc6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | e3b6bf33c76ff6a3d97530740cd2ab55 |
| SHA1 | 7be23d533d04fff41dab8b03fe333c37d5b36be0 |
| SHA256 | 150c0e23f7d3e6c632fe9c5fa5c38d410d42b89234c1f165f89991e3fc35fd3c |
| SHA512 | 6bdb65a01eec22700b1b83fdfa347d7c521d3d6c88abdfff7fdd1feca677c8e79f35eb17a0ce10d7d340d31492a5f79e197b526d2f7d42333219c8a226c7372e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a0b4f571d143f0d054f1472c9c1f485f |
| SHA1 | ff7f18fc3c1386d6a64e6ecfc4db99fe5d23b5ae |
| SHA256 | 3598c89997770f601de5e955d87139c63b82349779166192e4e62bd0cc83af31 |
| SHA512 | 487b75af9ab0b3d0660c478fc3b1d1498290212dad28851263770b673f2440b702e263d6011c2096e2779454452bfe7ed32dd6f535c8c69e2410bdab3d6870c9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b798734fc95a566288f37635d03a1924 |
| SHA1 | aff89e920116ecdcf2a4d68a43a6cfb2c5b3682f |
| SHA256 | f2665fd229c829845dc312cdcc9bcfc75d085a652b424dd4cd89804495639a77 |
| SHA512 | 56ecdbfce19cf624766297f072c90b8c465383110df30271abe2cea15c8a469182f8f46c53800268014b630302c9747b5228d08d3aec39b34a2d49ab0be09bee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 18e1ee8e30faa2d2b5863cd02e12aae2 |
| SHA1 | 5fd5c22b412fb9fddbba5d8f95aab10c623750f8 |
| SHA256 | 3870f37bb6b9022b9b1e1a9c45c78397b086f91fe194dee34ea170b3e4b7d37a |
| SHA512 | 6d241b7897caa92d7e95f08495c5b2caf603cbecbd52ea5ca0528bf7defd315aa87232c80fd9fd5f7aa3d23f3134585d3c0f85c5ef2be28eb7b7c42dc45bf354 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7691bf5f878acb9d37c28880b260122f |
| SHA1 | 547bb8d1281a11247e3992f6018def0ffa536202 |
| SHA256 | 1b8cf62c13adad600ee3cdaa219e3bfb277eebb5b3e1bf464cd91032ec695f53 |
| SHA512 | 728c4daaa16d6657c8aa61bd80ca77f56eaf774404c2d60d58b427dbebce5e0a7e69c32160841f8feafef2e421cac8162cea80da4e36c7bb7fcc1ff334da0ab1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 3c960b6539087b83fe4cb7a056e44c3e |
| SHA1 | d4572feb9b7e8c8c24b2f63574d960545f4a33b5 |
| SHA256 | 3ba7ddfd13f32b5c3e387e95cb7216589045cfde440aa0e346a190ed53e4ff02 |
| SHA512 | 1fcf89f1e6e8c8131cb67a3234a837c406a69f649c59ba6ef644c7fee16d91fc071ae3d450c85376408dec024ffd458c29f1ad058e0339dcfbe5629d963ee9e6 |
C:\Users\Admin\Downloads\MEMZ.exe
| MD5 | 1d5ad9c8d3fee874d0feb8bfac220a11 |
| SHA1 | ca6d3f7e6c784155f664a9179ca64e4034df9595 |
| SHA256 | 3872c12d31fc9825e8661ac01ecee2572460677afbc7093f920a8436a42e28ff |
| SHA512 | c8246f4137416be33b6d1ac89f2428b7c44d9376ac8489a9fbf65ef128a6c53fb50479e1e400c8e201c8611992ab1d6c1bd3d6cece89013edb4d35cdd22305b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 38cf0085fc755a566b1609d1706d0d4b |
| SHA1 | 9886ab30ab0b5055a8bb3e6d8117784585893143 |
| SHA256 | 9ae5859a736a2f3198d281c3f684feb3a67e39346b4584c4688122804878faee |
| SHA512 | ae51e0a6b5719e56fa49253acb9d13322db90e3856ccc0417aaf0aef2571a9fd1c37f9308dddbb371f02bf8cf225546894a737e3b9525264879a5e760d1df7cc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | bc88b0226b864cf1f0c88771bf2436e0 |
| SHA1 | 235487173bca71df5d8148523be1a07e90b1b0e0 |
| SHA256 | c72ecda624c15b4c8db125655c67780228e8eb4b372cd7ab1f7383e2e410abf6 |
| SHA512 | 21ef5acb5d23b3894f56503c9c1bb33b5eb12b8090573d880f98627cf38920c333de1200e106cdd4540bdf7a971ce57c209dbebf8959a022c678b81cd4340954 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 8b28833cbdaf0f98f862f4b8d5ce49a8 |
| SHA1 | 8455fa9c5811b9a518ef701a675f5c8534210097 |
| SHA256 | bd8f2e849dfd96980deb580ffd43391fc56af9e7f2e3ed7a33968bab82e7592b |
| SHA512 | 5ef871d64612ef0815e9a9f1fa3e292a3975b391c2edde63aa5bcb3afc0e42d3ec4cfb8e6010d34617ed2c1da241985e76425c96c4e2aca18cf92e29fbbbea76 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | f2fcf83ed55fa7540654e6061ab5dc94 |
| SHA1 | 32414edd58a5517a10faf966cf9c603cf655f1df |
| SHA256 | e199bd076a65ba9861e5b9006ea36647496ac5d2deafbcac3f3db77dd8ad9b4c |
| SHA512 | f03b280ab3e8e9830a9995970f3eb2c3238ceace4817c8a488f28008fdccbac913b56984062290ed7f6b647ec47c06d3dab41cc750b6a4dc10248fad36669ff3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | c662023dfba6b83b349fa7b78f6a4abc |
| SHA1 | 73248a5c4b66a7571941f9eb2146829943d2e315 |
| SHA256 | ff4c63925b2723d8dc7072920178c5b82eb5a22c76a96895a222cb88205dcaa9 |
| SHA512 | c5a448256b34386590f191371dcb0a1076b7334cf8d4ab75cdbc42948dcfcf89f2cce9b354edb96eb607621975b973eda861ee6fbf4b1de8c38022936ffba966 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network\Network Persistent State
| MD5 | b16746f80ab9d606e8c4714030830255 |
| SHA1 | 66ead14e069795cf816d3d4dc1c0e73020bfce87 |
| SHA256 | 326403ad88f6eff9b2a1e5bcb9789812f82c7abcb9718f39f040b271c374d2f5 |
| SHA512 | 439ba630e7fbf7fe1bbaab1f2f4f0ce1e8ccd55675274cea8846c7e167043bc7dd23dddc3780d165f6f0ad138676ca8f802014dd9843a128e92a8daaffe3ec61 |
C:\note.txt
| MD5 | afa6955439b8d516721231029fb9ca1b |
| SHA1 | 087a043cc123c0c0df2ffadcf8e71e3ac86bbae9 |
| SHA256 | 8e9f20f6864c66576536c0b866c6ffdcf11397db67fe120e972e244c3c022270 |
| SHA512 | 5da21a31fbc4e8250dffed30f66b896bdf007ac91948140334fe36a3f010e1bac3e70a07e9f3eb9da8633189091fd5cadcabbaacd3e01da0fe7ae28a11b3dddf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 64d7569e7e9cd59b61724e5ca8024d2b |
| SHA1 | 7e567c8f3a278f528fd7d85d462cce4e56bb8e79 |
| SHA256 | 8adde9c0e5b89d0b9041d73f1c9ef531e668cdc1d020e7625e45f7063569ab1c |
| SHA512 | b4425d6dea07aaa95039db3491ace66ff0e4e64232309b2c7dfe29200823454c3f91391db09b01b83edeb298dd3a9ff1dd0198c13230763553160e5a2607efb2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | bc6142469cd7dadf107be9ad87ea4753 |
| SHA1 | 72a9aa05003fab742b0e4dc4c5d9eda6b9f7565c |
| SHA256 | b26da4f8c7e283aa74386da0229d66af14a37986b8ca828e054fc932f68dd557 |
| SHA512 | 47d1a67a16f5dc6d50556c5296e65918f0a2fcad0e8cee5795b100fe8cd89eaf5e1fd67691e8a57af3677883a5d8f104723b1901d11845b286474c8ac56f6182 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | bea29fdcdfc28e50ff3332ff430173ca |
| SHA1 | 094af7fb566393d68845b1dc638b9f100d11703b |
| SHA256 | 120c1b9e904b9fa92bf095fc046e1aa849b0146c4be6ce49d5b7e5462718425b |
| SHA512 | 5666e93dff50f6043728112e32ceaa70132fb31d0d343e2f08a780c06f1c313ed99b09f20defdf49e5ae672d80545e74b2479fb5c62d264714a281cfda86e2f8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 0e56a115eb931a803f4be3d36f13672c |
| SHA1 | 5a1ff3f9606be496239d50fbf6e4c2ae6978e0eb |
| SHA256 | 8ba6257330b6f767a5aaaea11ca9de941057b196a816eecc82f03cd56abac2e4 |
| SHA512 | 092eadbf5a17e57885ddc84d0c2fdca822f92d2052d1951607f508e08bc466f430b10b7d22a2858cb4d17b06a9a52d5119e4fc6eeb816c486268f52b621a0fbc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
| MD5 | 3c9eb2abc59562777e053713fac6b6f4 |
| SHA1 | 41fd043bfdd10923a44c694e580d0eae50e0b209 |
| SHA256 | e7e3bba86bb285ecba5d4cae38d52ac292487f2394dcf3604d38dd7fa86c9440 |
| SHA512 | 1aab5b9609c3b5147a1d6bc2cfd1890d7ee5d0c4d574b548049c289ed29454d9db9d10bdbb21bae57067a7307c74d704cebde49005671e77ac4871b074966edf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
| MD5 | f9b284fd2d587bd15e3bbd8f5ea95cef |
| SHA1 | e471e5a7d116184b4971e6c42b3aa924d7a3fc85 |
| SHA256 | c7480683c6542f6a406500334ce3ba16644139a29c9db26afdcff14522906002 |
| SHA512 | c7a340f0618f1049e38af5cba2039c766edef4a5972a59aebf2177d3d66b24dd8c2572523fb334d54091a167863492317a339b5756286e3a91b678957d891fda |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | 009b9a2ee7afbf6dd0b9617fc8f8ecba |
| SHA1 | c97ed0652e731fc412e3b7bdfca2994b7cc206a7 |
| SHA256 | de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915 |
| SHA512 | 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c
| MD5 | dd242f4737b2737ecad98bc2028b544a |
| SHA1 | 065a4e6f50f16e5986df7f582d4839e59c4338a4 |
| SHA256 | cc8950f8d690094464d97041d919cab9ec3af790437c6e3febb754e245171cd6 |
| SHA512 | b393c7f0da53d9ae875743cb564b223b2031767844db1de296b6e652492bc29f8e19bae002b66e987c00b11009ac7df0bff7a36d661f7846e8bd8c9a0957a272 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b
| MD5 | f0c27286e196d0cb18681b58dfda5b37 |
| SHA1 | 9539ba7e5e8f9cc453327ca251fe59be35edc20b |
| SHA256 | 7a6878398886e4c70cf3e9cec688dc852a1f1465feb9f461ff1f238b608d0127 |
| SHA512 | 336333d29cd4f885e7758de9094b2defb8c9e1eb917cb55ff8c4627b903efb6a0b31dcda6005939ef2a604d014fe6c2acda7c8c802907e219739cf6dab96475b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a
| MD5 | a208ef431109f211b3785db791af5de5 |
| SHA1 | 693f78f8d336ffccf1424001c5295585257f1e58 |
| SHA256 | c1f0e3d84b0261d2253819800d33f9dd50d678ef634f542f6ea155b52ccbd956 |
| SHA512 | 6e49111428e62c4eeae943a5087f33d44b8d0b85562c1f5b89e76caa06de4c9edd7a1fccbe07a960ece256f8a015f9a13d825978c96a902d3e3d4c56465041de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009
| MD5 | 87c2b09a983584b04a63f3ff44064d64 |
| SHA1 | 8796d5ef1ad1196309ef582cecef3ab95db27043 |
| SHA256 | d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0 |
| SHA512 | df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008
| MD5 | bb738ce85941bd77a72cdba423f8a240 |
| SHA1 | 2005093fe8c394d9e18d954e0c9dddb974991378 |
| SHA256 | 7ecaa1b1ee68a78e8ec1d0fad57cf18d2edf4b9b149aa6fc8272585a8364c69c |
| SHA512 | 9ee323cd3b91e197a26dde4e40f1f9b8df91af8ae3b38e749bc58277e23bd5f0bf4119297febddb7e829d6cfc6f936afdc680c43ed50b5f018dbf633beb68eb5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | 387ed93f42803b1ec6697e3b57fbcef0 |
| SHA1 | 2ea8a5bfbf99144bd0ebaebe60ac35406a8b613e |
| SHA256 | 982aac952e2c938bd55550d0409ece5f4430d38f370161d8318678fa25316587 |
| SHA512 | 7c90f69a53e49bad03c4cefd9868b4c4ba145e5738218e8c445ff6ae5347153e3a2f2b918cbe184b0366afd53b984634d2894fea6f31a4603e58ccb6bfa5c625 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | a52fc2e39001aa4ae74c3f8e6501ad51 |
| SHA1 | 68c5cc872b5c873b85b472ee81f61812d5adaa0b |
| SHA256 | 8ff6f8494a64f2af01e5c03460d13c3fd50318acc003282f994d43fc17d6052b |
| SHA512 | dfbe8646a6db853a68a7e1ecb13c603d246c5086f4b2ab15c052ec081a38e2c0265f1cb113b3329f4ae42771c3300db39f60484f651b472d809fa96a24b1046b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | 4be1e3ddf50f2689343be4678e824989 |
| SHA1 | 5bf898eb7d402d5e25a6d126c845906b6afb918f |
| SHA256 | bf9ee4d1875ce58454160246d5c74c1ac064a7da41ecedbbcc121f3caa963e97 |
| SHA512 | e8d7686fb54d0ef4e6081383a3fe6ba026be88684dac9418a4549267dd382f09e29c8c4c5ba2a6282e850b545e7e857f0c4cc0d7ce0d5e700d79875a0c5f3fe3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3
| MD5 | 1c9218c432058c256fa08c1b025ffb39 |
| SHA1 | 3900c49048d26aff0db8ab4f7df5aa1fbd501350 |
| SHA256 | 2d6b068c1980aecbc11f6025e2acfe0407ae88fe53032d1b0fc3669080f1c195 |
| SHA512 | 98f3de9b571de451fcafa0fb4d77d40516f39a8d8854048e5f9d6af1dd26d94cfe2ff2213a14a90f40c1600132d6da8d65c1aed3a301f8336b8924d80e967cb1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2
| MD5 | 612f1bcd644a1598f44b16bc7a2b4dd4 |
| SHA1 | f1278195f546e3caa02e34a741e0d28d04b395c8 |
| SHA256 | 459649d29b55e17c2f332bb24426407179def30d593d013aa77f34ca6a0b2b48 |
| SHA512 | 4568ae221c84b6af4f3f55d1fd2f81fdc8bae538d9d5171aa6c959ed5051b4fd3c21944c77db0c03504db0b25c05d7da0193bd38659d1d201076f07293a64f29 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Favicons
| MD5 | 017cbe0e09c46bb07b57591142294363 |
| SHA1 | 4d1ff1c969edddd8f88f4763e2702863afc60657 |
| SHA256 | fa3a410a2e224425d62e1679193b727810ad0f294b3b2d3d3bf0a66455b9d9a8 |
| SHA512 | a40aaf21023e14332a675fc76ad6da6cd8a0db16a20fcc14d490c476436201aecffd41dc0d6310715180d46909300664bb4775a20ad04fcedf42ca408491f4b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | 85f00729e8237114696abc10d4b2586e |
| SHA1 | a7d29f295ccdcf919affa1d2d87044bc0ad3c3d8 |
| SHA256 | 98d8ea4aeaf019faca7686ae340ff1f0c4e8c7e77d09441e877ca01b6892570b |
| SHA512 | 0de0fc4aecb438e18f1d5d17024d23425a91398aa8dd61411009c5d81c27b842b1974aeaf66ea52982e0de2eadd7653a3d8589279e92fd83cd0e50b1cd024085 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 78fbf4a681db98efe4dc0455cda03761 |
| SHA1 | 287546175935b2bfe67c742adf280b5da2859b78 |
| SHA256 | 3ba99ae61b4f06e1e91d623ce31d8570ef88e6c6b280c4fc91feda9feac316db |
| SHA512 | 3f72e017a2968ca9c2d66ac5d37e500e4c5e7c81af15acd1b920cddbc68df3ce26830baf4ffc58ce65a4058a6a5d524cc3fa6a9dbbbeedfd1f8ada135fea2dae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 77853a52767c043fba5da7efb34acdb1 |
| SHA1 | ba443da5acac68fafed4385b5435a33408ac35c8 |
| SHA256 | 829a2dd329c576a7227f422bd53d6d82fec93b5919d62b7253e95c690f4c9070 |
| SHA512 | 4e5d8f90b8a8cf4a0456a7c26843af1f5f175ea6578a6bf14c32375f1903f6a85facec088451ae977d8a882d428b0136ca8145dfa07bed4b5beb155e66d87584 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 4d1c25bce504e8fa3a94bad4ce997188 |
| SHA1 | 45773c84c9d378ac44c6ffb143510da90c2e5313 |
| SHA256 | 0a2250328fed774ddcb728bf163712e43115f5b760dd8b0c4242da64935431e3 |
| SHA512 | 3662749a4bd74a0e18bb0ffd263c0f7a0ca79113084e9b03e06f6393bd20deb29d4b11cce878b663e4f6c424e2c5c5f47d969d459e096c0ab09c7ce45aa90926 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\15b4dd57-d142-470a-b006-63dde4897c43.tmp
| MD5 | 842ca873de2061d9553887bc374e7e00 |
| SHA1 | 9a089ab76b0be41017ff143430acb89a0f1ed86e |
| SHA256 | d24be3bcd27aea6323f067153cdc5a1694b2339b33b4dbd3cd96f45b8dd45311 |
| SHA512 | 50fccd3387886cd8534d80fab2ff5b52482508a55da2168d83d1cd3932a37a468882046d7e18402111fdbf5cdf74587f6519ca66a60410d9f1805fb5486f35c6 |