Analysis Overview
SHA256
0840d659560e62fcc41cd42dec9d7aedb8359f606097b540806452ca8ad05e21
Threat Level: Likely benign
The file jfxrt.pack was found to be: Likely benign.
Malicious Activity Summary
Drops file in Windows directory
Enumerates physical storage devices
Suspicious use of FindShellTrayWindow
Enumerates system info in registry
Suspicious use of SetWindowsHookEx
Suspicious use of WriteProcessMemory
Suspicious behavior: EnumeratesProcesses
Modifies data under HKEY_USERS
Modifies registry class
Suspicious use of AdjustPrivilegeToken
Suspicious use of SendNotifyMessage
Suspicious behavior: LoadsDriver
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-16 08:56
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-16 08:56
Reported
2024-06-16 09:06
Platform
win11-20240508-en
Max time kernel
595s
Max time network
598s
Command Line
Signatures
Drops file in Windows directory
| Description | Indicator | Process | Target |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setuperr.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagerr.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagwrn.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setupact.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\setuperr.log | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagerr.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
| File opened for modification | C:\Windows\Panther\UnattendGC\diagwrn.xml | C:\Windows\System32\oobe\UserOOBEBroker.exe | N/A |
Enumerates physical storage devices
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133630018214091967" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365268" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (data) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = 99ebff004cc2ff000091f8000078d4000067c000003e9200001a6800f7630c00 | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4290799360" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "191" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292114432" | C:\Windows\system32\LogonUI.exe | N/A |
| Key created | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292114432" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365268" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" | C:\Windows\system32\LogonUI.exe | N/A |
| Set value (int) | \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" | C:\Windows\system32\LogonUI.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3001105534-2705918504-2956618779-1000_Classes\Local Settings | C:\Windows\system32\cmd.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001105534-2705918504-2956618779-1000_Classes\Local Settings | C:\Windows\system32\OpenWith.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-3001105534-2705918504-2956618779-1000_Classes\Local Settings\MuiCache | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: LoadsDriver
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
| N/A | N/A | N/A | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\OpenWith.exe | N/A |
| N/A | N/A | C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe | N/A |
| N/A | N/A | C:\Windows\system32\LogonUI.exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\cmd.exe
cmd /c C:\Users\Admin\AppData\Local\Temp\jfxrt.pack
C:\Windows\system32\OpenWith.exe
C:\Windows\system32\OpenWith.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffa89dab58,0x7fffa89dab68,0x7fffa89dab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2184 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3040 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3136 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4228 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4544 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4584 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4120 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2720 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3488 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=872 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=1504 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5076 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5064 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffa89dab58,0x7fffa89dab68,0x7fffa89dab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1692 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1988 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2208 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2944 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4112 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4452 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4604 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4624 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4460 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3344 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffa89dab58,0x7fffa89dab68,0x7fffa89dab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1608 --field-trial-handle=1832,i,15564448287706600841,17668455113017839997,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1892 --field-trial-handle=1832,i,15564448287706600841,17668455113017839997,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2192 --field-trial-handle=1832,i,15564448287706600841,17668455113017839997,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3044 --field-trial-handle=1832,i,15564448287706600841,17668455113017839997,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3172 --field-trial-handle=1832,i,15564448287706600841,17668455113017839997,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4196 --field-trial-handle=1832,i,15564448287706600841,17668455113017839997,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4552 --field-trial-handle=1832,i,15564448287706600841,17668455113017839997,131072 /prefetch:8
C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe -k UnistackSvcGroup
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
C:\Windows\System32\oobe\UserOOBEBroker.exe
C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe
C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding
C:\Windows\system32\LogonUI.exe
"LogonUI.exe" /flags:0x4 /state0:0xa390a855 /state1:0x41c64e6d
Network
| Country | Destination | Domain | Proto |
| GB | 104.86.110.113:443 | tcp | |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.4.4:53 | google.com | udp |
| US | 8.8.8.8:53 | 4.4.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.4.4:53 | google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.8.8:53 | google.com | udp |
| US | 8.8.4.4:53 | google.com | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 104.86.110.98:443 | tcp | |
| GB | 104.86.110.98:443 | tcp | |
| GB | 104.86.110.98:443 | tcp | |
| GB | 104.86.110.98:443 | tcp | |
| GB | 104.86.110.107:443 | tcp | |
| GB | 104.86.110.107:443 | tcp | |
| GB | 104.86.110.107:443 | tcp | |
| GB | 104.86.110.107:443 | tcp | |
| GB | 104.86.110.107:443 | tcp | |
| GB | 104.86.110.107:443 | tcp | |
| GB | 104.86.110.114:443 | tcp | |
| GB | 104.86.110.114:443 | tcp | |
| GB | 104.86.110.114:443 | tcp | |
| GB | 104.86.110.114:443 | tcp | |
| GB | 104.86.110.114:443 | tcp | |
| GB | 104.86.110.114:443 | tcp | |
| GB | 104.86.110.99:443 | tcp | |
| GB | 104.86.110.99:443 | tcp | |
| GB | 104.86.110.99:443 | tcp | |
| GB | 104.86.110.99:443 | tcp | |
| GB | 104.86.110.99:443 | tcp | |
| GB | 104.86.110.99:443 | tcp | |
| GB | 104.86.110.104:443 | tcp | |
| GB | 104.86.110.104:443 | tcp | |
| GB | 104.86.110.104:443 | tcp | |
| GB | 104.86.110.104:443 | tcp | |
| GB | 104.86.110.104:443 | tcp | |
| GB | 104.86.110.112:443 | tcp | |
| GB | 104.86.110.112:443 | tcp | |
| GB | 104.86.110.105:443 | tcp | |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| GB | 104.86.110.106:443 | tcp | |
| GB | 104.86.110.106:443 | tcp | |
| GB | 104.86.110.106:443 | tcp | |
| US | 8.8.8.8:53 | browser.pipe.aria.microsoft.com | udp |
| GB | 104.86.110.106:443 | tcp | |
| GB | 104.86.110.106:443 | tcp | |
| US | 8.8.8.8:53 | browser.pipe.aria.microsoft.com | udp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| US | 8.8.8.8:53 | browser.pipe.aria.microsoft.com | udp |
Files
\??\pipe\crashpad_2976_MGXFZLKKPXDZVXTL
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | c039fd81ec5059002e770dcaee8698b3 |
| SHA1 | 1eb6b17bbd53fd365b1e23c779781633ccad1a6e |
| SHA256 | 1cd2813d9003942a966a5c5cf024a17da39b33903a5cbbb7ef37619c64b5ac83 |
| SHA512 | 5de9e784ccd45ba7230867ef514778dbd73c2ce32206543df6c47721f77515864aece4162bf9c8f3d6d2e3fb3da0b16ee6c5d53f6985be94913e40b2684c3c3a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7a57e2ebbba76f255b7968377db6bc84 |
| SHA1 | b205552eb6b0acb3e0c7ed742526e4f074def2f9 |
| SHA256 | cff985628fbe4b46c6dee807ca52e063c830092708d7c11754e02eb164f025ef |
| SHA512 | b255e0e94e7441a626d2862dc55e903c5aaf68187986dbfc78aa40449ac22791cd56d3bb6a5fdcdeb5b9ef10b126ffc8f478405c03ce852147e8c00f7fa761e4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 72c479a50afcb34ff1bccd3c169ceafd |
| SHA1 | 423410608e6f1511b2ca358170408e2bcd0faf08 |
| SHA256 | 217c8c345465e2a8a926609e2af5145da2dba1adcaf8f11150cba4e79635e9e5 |
| SHA512 | 9e5479f3eecd8eb57ac8b0ef99b4d744f08535b560ae80f69408ca7deb90d516b3874fc49c6f88856e79460156f452545b1b0e7060626e10513c3bc572d5c399 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 3278bcfa6fdc875f1e1ef912675f5d42 |
| SHA1 | f10e496dea65c6b1a240133a548e4240145494bb |
| SHA256 | 56b6e741e46e931dad32539981ef389c6137c6c1f44fe8f4e80c1ef3e62d1fa3 |
| SHA512 | 5ae1c7c4673a153eb85ca6afae9e10bccc2fb365c00ba68ceaac72a9e5c124c66341eacb698e7c12bfc25edd7cc47da34436d3cdc087bef1d88a889f3a51726b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 3f717df6176cb3151bd23ca6a9bf309c |
| SHA1 | 40bfe7d4a4dec43c956930ffb9c8c396b4cdf276 |
| SHA256 | 3bc7ee8701fe13d4e4781f14673fe8f45ac58d6a3610f4d99a856a3f34167893 |
| SHA512 | 03decaa671da4b2a5672effcaf8050a61a67f23ed133152d7c5db9a1482f18d3c2be0047bfcc7a2aeb547b5c19fbdf9fc6dfee9024d9a6867c54358bde2310d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 6b5895380d9b686ea87a9c039cbac84b |
| SHA1 | e56e95b078a076d90a7429468d9f998ad4a54bb6 |
| SHA256 | 7e242b0df947c3864ec737fa45e83bcaef84edd0cc8109a7c60cd5f8a3f9573f |
| SHA512 | cc2427555bece14188a0854d00bc01aaa6a6f5408e6423609e7a498e7c89b8d01885117dad0e402fb46ec1a091874baf5d24a6f7ef324ad359a0cbcb48cff90b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | 6f173fb313c5c3cda760afca0c0669be |
| SHA1 | 97fd444d371a93433f71aa6167ab6a55a73c028b |
| SHA256 | 4a291c1680881dd145f3ac7e89802a255778dfcace98646f238ede95ae80bc6b |
| SHA512 | ef6b34ec47ba465971d0f53a6732ec483436ab64732ce601335e944b0b64e332721c81e7bceacf018499d781415194444d70b04faad6bb4cd6d9ecdb6a8ef52e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | bbdce7283f8c8e7d66ccf5cba06bcfdd |
| SHA1 | c2e2d0145906f8992455ad7819275db251f1a482 |
| SHA256 | ac592c3e751c5521f73447f2f32b6d4fda91635f349431f89f975c1e3208537e |
| SHA512 | b8fa50f8201bdbf43b9065e9a9f0ce5cc1a182ab5da6ce275afe823b3ea4cca84c7c43e7e09ec47523fda2013c8af5081656378326cc148c89eded6dd62e0a37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | 009b9a2ee7afbf6dd0b9617fc8f8ecba |
| SHA1 | c97ed0652e731fc412e3b7bdfca2994b7cc206a7 |
| SHA256 | de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915 |
| SHA512 | 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
| MD5 | 067b31f917300aafd2b617d980c40557 |
| SHA1 | bade9270c59f0aa809d26c2938143ccf5d79ac6f |
| SHA256 | c27554d3aaf99ab9b65cf922086e46dd781567da34a347da35800f53157d7764 |
| SHA512 | 0622875df5c54c39f7d23d3da88b5bf5ce3629ae636c1d9143b451e65696309ad64b84e6308a087c989c34ee903048f0b12f06c8afb6d7d5d2fa0d0614eb30e0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log
| MD5 | 6d6f66dd4c4cfc9010875491750dcddf |
| SHA1 | e2e6d6dcfb8d6b708b993860a8cbec03557f4965 |
| SHA256 | 638cfc9b592fc1be7e4f1f2fc519a04392ba7d471a698410ddef251937149e43 |
| SHA512 | 860e9246c040b211eaeafce90c91e9611231ffcade0d40c626d5948492e1d061e715cbd5a04478d8790d9059b1716e35ab2a4c9e5de3ab22636ffd75553c504a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG
| MD5 | bce77ba0ea9d6bdaaa78c7d90593a0d2 |
| SHA1 | 8b5c477eac5acf0d985ad7ae5bd9b3c8991dbc28 |
| SHA256 | d50ea65361e6a6a7f24f918107a5c624ab50bdef70e4fce55bf79bf1da67bffd |
| SHA512 | af9d24d77cb09725be7b4e51761f88a666d9a80a1b0c23873b170f2fc989f1cfbc0bde11e3a0b1de2eb8df4f1cf2d3e09cfb3dd4dd16b9cc82afa00774727ef2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | 8769d604353e36bf9d871bb74c903252 |
| SHA1 | 39979fa87908d6c0ac935527f9952f870b9b6865 |
| SHA256 | fb3f5f334dca5270ff9bb6ab890304e7a35daa1170f9e69558b5f4b00435e7d5 |
| SHA512 | af652b8db8a7fdc9bd929677024a00ff1195baa1d69682e21a7bbee82c0311fdeb57018af8bed27167a97cc0f7b08a6b068d10dd91e8253ac0fd3572cd539e0f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | bada08d57412862436c05dc46c31b82b |
| SHA1 | e035374f1e39dd07ae2ad12af6d326200a72d920 |
| SHA256 | 688c9272b6a64894df61b47ed4f37d92c6e0c9362bb11615430a385f7eec622e |
| SHA512 | a81af67f5482773b6225969fe2c7da21cf6e006047798c3c0c0f1fe160e353bde911356d346f40cc190422724bdeb5d2f9d871c5fa26cce255fb08b8bd57865a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1
| MD5 | 5349460b80e4db276836e3863550e07c |
| SHA1 | 4688fa9ec6c203bf09aa5b57f6b27dfa00e98984 |
| SHA256 | 9f7d2bbf15e494295f2f07cd77ebe548ab4d406f985da5809e8f7e42399dd09d |
| SHA512 | b17eb3a5aaa54445ae17d4c6d254bacf2d64027b6107dd5baf27a10b69bb1e59c4154656a087edea0e3bb9f468f01ce2fb55dd4d30201c583cca803a657238d3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13363001902815463
| MD5 | ddb1e50b6b6c75cf099ff63435d25245 |
| SHA1 | ef835d1cd4fa7266d65a2827c57a8f3e189133dd |
| SHA256 | e81eb7da056cda20b20e6f466a41b9b1dca655e54006b127efc59e45c80c0635 |
| SHA512 | da5b4411b5552bd7923089cd560f3e6133f142289b93777eb05ec5318f86b3fe9905c470ef259fc274ea755ef7b56e411018625974ebd06278773c30b3a428c8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
| MD5 | bd30471656c9eb2e25e32866eceaa057 |
| SHA1 | 819cf613ad01f2795561fbcf2f4650c0ffe9b642 |
| SHA256 | be4073c263fb4e95ea8e306ac733946ba8035a162d7dea01ad7f85810f4472fd |
| SHA512 | 6a4990f51cdc5473ee235cc079b5f374c304d58e563bf5602dadb8be668aecc31bfa3b846ede3af050fc989619a2f7f894aa09b765babc9254e1ec6b718dda65 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | e9f3a4b697a8d06bd06f067e3be2b843 |
| SHA1 | 33104bb73fd31eccaec95bd502232813649134ef |
| SHA256 | ebbb9f3483d59828688a57c458b55c6285f1db3f62b60561105382c058ff5872 |
| SHA512 | c9663c7ebf13338133661e10ac816325478ba85a6bff7a72151f728e77392ed959bbaac40f98abe1f68991d77763f15fba9853321ffce27cfff99f2d57622ef6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3
| MD5 | 2ba16690cff4be8c3cd01e61c612932a |
| SHA1 | b672fb5a27a9643041d079d81735f92bc6454a95 |
| SHA256 | 6c42765278852d02c224b7a50d41e25ab8d0f15b5d852cfc6607085bb830d4d9 |
| SHA512 | 0d1cee84b891f261f98409b2e9a132a239298276a0a3ec63e0752bdbccfa1a80b42d091c17ddb51764b1c10452b2fac0d0fe8b20dbdfb5ec6dd24d9fb1fe0538 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1
| MD5 | 6e741e98e0b6730dd865ad8ae15205f0 |
| SHA1 | e496f35d91dec21d8266d4082cca5d130ab8f10b |
| SHA256 | 870fa72598dcf7073e9afd2cd5860b5bf8bc771004a5e951ae7622ceefdf2f8f |
| SHA512 | f3736245728aa82dd5256b96bbbe1c0ce747513e742e0348bdc58fd5f690a409fedf080eaa7ba4040f1ccb539fb1e28752850b06aef2a80130f417dff2479ead |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0
| MD5 | 809678f2848a173127e9c42c944fde57 |
| SHA1 | 623657a64d07f2b50ce862a124b4eb8f7461f8db |
| SHA256 | 636c7d306bc33a7e1cd39a2ab58d56c26a27cc30d5c1482e557a194e234fdc22 |
| SHA512 | e8363f94b2475fff08ee843597b9deb2e0b5dc4ba98e350129a1b7445635782ef1adc7875154bd4b2c182233ea49a30d20b024a04355bcaafee0aa16daa9c148 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log
| MD5 | 3013c8910cf35af499f70c53904c805b |
| SHA1 | 5b947e49ff8e69f3717dbb4338f1661745340663 |
| SHA256 | a01cb6de49c662243beeca85410ec257beeebd1b7fe4e5315cb666a26342fc8f |
| SHA512 | 9ad07814508e146a1d55b206613cd76979d42297ef264a2ddb9f6d31854d337142b176dbb7023d2cd1e2ea431483e6d814ac0e5630a163533eceea2c1d39cf1a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
| MD5 | a0d15c2b024fa5892fdd0a77e4351773 |
| SHA1 | b25a492e47c05c572470e99cc4de5ad79efbb373 |
| SHA256 | c1be9c05caf30154619f997fe1058d4b04fc40abda09a8acb016024d953f8587 |
| SHA512 | d141b670bc83343a7856f478dd6651b8c1b026fdb09865a60ee9b6fc26909fbd34b34acccffc6c36f0d320f7d89929dda64735aecbe88b72196a2c68dc9b63a5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
| MD5 | 4e8ab83e3b3627956240cb002aee01db |
| SHA1 | 9ec72a1b2a8dc48dc6002412f513d57177bfdbca |
| SHA256 | c41c46d709fc53120ae09cdb9f44b4bbd14b124239b841aecdbcc56c53b1e977 |
| SHA512 | d493f0793aff7bfd9085cc6dfb035aaf09f86811c1b3edf13ccecdd5c61b2fbb389b5cecf9e7ec226f0707df3137a257c977a28ddbce91a490dd884cdbe435cd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | 70059b7fb67c6240645792e85236789f |
| SHA1 | 119c6d0ddb1aaa93daae2616d923d22915de7847 |
| SHA256 | 2d9868fc010d79b98f57ed514608f11e3cc33ef4a3678089b444cb6b1c37c5a8 |
| SHA512 | ea40c7d2391d822c639028164a588ea67c6f5004b3cb7fb3cd093b6e7a88243d533b781aa7c8874d93bdb58343aa577541096d62b80b93066938ea6636ed54a4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
| MD5 | cc3ca2fcb7c049a1b5d0d5f43a866551 |
| SHA1 | 86a907040f83b33381e222c5ae20617552a5413b |
| SHA256 | 375d986acc64a97b532414cf82c4505fc6375e8242fa1f867f045a6d831a6ccc |
| SHA512 | b352e32a44c0458bd6d0115d4fcb68468f6d33b4ac891482d2bee867a947ffd9b9ad53023cd61421b9d0cd1dd75b8db895147bad494acfb76ab36cfb9d1524dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log
| MD5 | 8a30a1fdd0459d9ea8b1e78a8e636856 |
| SHA1 | 9d7225e97f9cfcfb225cfbfd0b0bba21d4efdd20 |
| SHA256 | 88fe1d31608930f2738d102d45c75dc77acdf01a1b69bfb7e7c0281575b75e33 |
| SHA512 | b529bce870cd8165bf82f3ebf94f07552467bd0993b9d35145182e54e26fb2ae8e7bb167d88267b632757e2146f27dfddf8867db0c66e5dcc306db12ec6b7bef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG
| MD5 | 08a37c123f32291bdea1822c3af8c5dd |
| SHA1 | 124d275dcffeb8b27140809d682b285faa7e718d |
| SHA256 | 8ab6f0b786bc8c48190468b7aedea793705cf1e9b13ec16c4b0ba85ddc900f5c |
| SHA512 | 8573a9b7866fafd7486d06aa1f4ed9ba6025b1713f56ab92d793e3addffca11d1d37692fabbc8e57eb37146eeae1fd6ef9acc04d67c5560cf4a4b042f9ec4cd3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG
| MD5 | 234a449bcd5c244eff7804b4511ca841 |
| SHA1 | babd43cb05e1cd82fd048998e46da216b8b3da6c |
| SHA256 | 4114e5ea4a55958ff322f726ca5c582db0edd13d8def5da4243b17bf6a87d3a4 |
| SHA512 | 01a9c1f861708c6b8bb6bd40e1c6c9eb63794ed81632df81b9f0ae0981e4a407392511a923db7a22e9da29a891f052b0bb63de975a3f2e9460da80d0d1ee6a92 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13363001820635896
| MD5 | d754389a2efd28ca8fa8a07cd4dcb108 |
| SHA1 | 2e0cb5496ae62ecf8ba9ba30540ab8c6caaa9afb |
| SHA256 | c16a368fbb8e0e2ef6e7314b938bb8a6520a5b2f47d1e91772a79e32e457a550 |
| SHA512 | ae9a08374a25523124754b841b9ae1c588094575487e4f878d0cb4aaf2fb9b17e181111ae2a52eb105cfe3e2ac935a3fd0b8bdc8ffbe76d8c115177448162abb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt
| MD5 | 6e204bffdac23a85e8ff686f302b4aa9 |
| SHA1 | 50e75ab3eb482683498746c5b2cb7cbdc109d112 |
| SHA256 | a9c6e1687ccc7d047333ca7e1c636b2dcee25c24254435fb10cf42ba2e396302 |
| SHA512 | 359b3fc20aee006510fd9865f708b7380df6939b37f866bb835b000e3ee554e565ca6445e5061cb5b3ccaff3a4c76ce10ed94be599bcecac6de7aef01f10f4ea |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor
| MD5 | f162ff75abbed1c2c60e8919beae0ae9 |
| SHA1 | e9c38911d8742cf578bdc26ee9b633a638a22ed7 |
| SHA256 | 1105b60ee7ae4b280b3cbc75816d2fd33a0c864f88cbdc683de91c23f679da28 |
| SHA512 | c5042fb8c71305b0d5dc7dcabeec6b4c10b60b02999cbe9829957abc17126328ead5f800d14fe5161546876fb7933abe42122119ec13415358b1cf315a4ae764 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser
| MD5 | de9ef0c5bcc012a3a1131988dee272d8 |
| SHA1 | fa9ccbdc969ac9e1474fce773234b28d50951cd8 |
| SHA256 | 3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590 |
| SHA512 | cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG
| MD5 | ee5130901dbceee10b894457fa7d2ba2 |
| SHA1 | f32491a040078071676504f8f446108e8a85431e |
| SHA256 | ee0ffed2b1d78201d432d03b20fb5bdbc03019e064a3623337d134015c20ddcf |
| SHA512 | a5a31f9fb1e12b779a43ad430f83b391bd69a5cb53c2bfb52988cb1c012889a2d99b2da4c98516586274eb2516038c5bfc2c94c47baa72efa0158380de3f16ca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal
| MD5 | e1c19acbdcec5e93ff16eb1128f8aea6 |
| SHA1 | 3d28e0c3293500fe47cc454e5efcd850381eb991 |
| SHA256 | 3c1d6464d09e8bf3535aeb97cf017fdc3e013d667d314783bb3729c3ecd850b5 |
| SHA512 | aaafcc1c20f189a7dd07d2fe055049f0b156f32d2cf1ee3a1ed6a7d5eda4e09a90e7f2fd7ede75421cda6910a0768296bc3140c9784e84e98fef6818b6a2840b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | c8eb73a5f494ca1f2a17b8effd2d2e0d |
| SHA1 | 020345a4b583d00cdac843578b80d557a5ff3dca |
| SHA256 | 2ab518da3d50c99b01b89f3794b2559187300412a2880617463bb527560bbec0 |
| SHA512 | e3acf031e3edd7fdda019086287bb3549b62bdc81568ff180f3179ef857424424ee8417bb8a41311bd9700bf3484f55b9075cae30d2e409ef88ee0de248b1274 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 837716581709eca3d15b724bd34c35c4 |
| SHA1 | 1632bdd39fc7663bc410db72f2ab6ad16191d2d5 |
| SHA256 | a25340d0435e45c4136f0bdc75a8635a802b489023cdc291a96c0c8c4a3559ea |
| SHA512 | 901f25b1ea9dc9e06482128d39d6eb00e3c7cccc4c7d000c8ed6044d0afc6a7424e440b168a47dd82cc374c7b2ac5d59901af0d0d89e0ec7a772b41df6c15783 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f9741d2ec2274e97681cd9318dd9cccf |
| SHA1 | 8dc4e76f9d9be7748b3d5d2fb1394ac98cb47900 |
| SHA256 | 7ea7e2c5ca33edff4b86b8fec0e74dcfc998f7595c9fdeb80c60009ce4790175 |
| SHA512 | df1e6aad4a6a9f5411b2d762978ee6bc93198ef499449d0be5003fa2056ad9852c52f2a358d410f89b9924948f3d51fd0868bce72ee038c4f18e867e18f3563c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | 1b90db66a9f858fae60d96ccef0baac9 |
| SHA1 | e238916e3cc28b05b9c1e5e96265576329e5ca14 |
| SHA256 | cf507730d3a01db4de5bebc0e4901375f74c5c691aa27be15ee81058b13c9ba2 |
| SHA512 | 2b96928889f3789947c4bcbe88e9ff02606127404e01593a96af4d9597c38c8525e2f65ce6442cc2b96058bb0b2a19a13f7a8efa29b1c3856f028898dcf82406 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 90b0430bd2c2d617bcb8c797cdf6f65f |
| SHA1 | 35fd7242dcc88254107f1e31abab115ae66a97be |
| SHA256 | 2e828935d5996ecaa7d709ec9340e52b4bd819ad23e771c5aaa42f2fdb2c987a |
| SHA512 | 51b0893c0f82978dceefa2eb913e80a345876c492cbbb57359462e82d1a11682d4dd0d0e637a8d5d018a4ef60219297e7f35e06275b655be6c5035010cf512b0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 0b68f9282118db10a8ab97b11adc94ae |
| SHA1 | 88498db16c55c4de9e7d7661e432bb34e00de05e |
| SHA256 | dad944e3de6edd3d97a269041a2d6a59276678fab9912f94c08bfee24354db39 |
| SHA512 | 6253f256a00e2ba8ab99c1b26f001247b22a05c0653f458a86f579f89405972ec4068b63a6c3f586b89d554f9b37b3cbbc272740ac5e03b69954d82c5e720bca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 1b5fb1d0898493a53d4e89e1d25c7230 |
| SHA1 | 0e819f940c10a53d845a558a5d07208ccb8af239 |
| SHA256 | f00559d8ab8d2e2945523b7d76eadcb7e91b75152d2b15421be353cdb81a370f |
| SHA512 | 404ddfa44bf6fbf808bdba4a62d6e4b9dacf15e4f9ffa860bfccfe8319a9ac112ab37f683e05de159856aa63b679233ac65dfbc28022c5405fecd8c6b5c07a0e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\27b99670-2f74-429c-b55a-5ca806192303.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | a0abe033811d8dc62b378b17a60d3eb7 |
| SHA1 | a660bc1af58e8536889c10b4b540f7b5c49eb695 |
| SHA256 | f2cfd2098d4351e223d4952fbf90b37659f87ed6a3f5041f74dbfc81ea52d25e |
| SHA512 | 513b0a026907144dd4e8d60d71861511db40420135a1220d79f1a8ac3d028a465ad1748e772fc6ecacd49a2b52ba2d05a4e1170e881ef6fbd632fc27ecdc244b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9c645ae083fa420bc5a88a585f1e791a |
| SHA1 | dd90cab4de4651e9184e3376f7280ee846eac04e |
| SHA256 | c0d3de766ea56b0a6f0097dc75be07be14af30c495f61aacb040629219c57e04 |
| SHA512 | 1be22b409d3baf3da1482cfdd22ce4e951b495740f9e1ee4ad191eec201c26194eec51ef1e1cb94108b3a43f288c86c59bf95398126794d75ebf79c40758fbc2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
| MD5 | f3d11edf3219fa879706035d619f508e |
| SHA1 | fbce46880d6060d706c226aa566ba790f7fbf1b7 |
| SHA256 | 39d43347885230915f4ef1785af021954edfd67eca3200a03d15f400ec5534be |
| SHA512 | e4f51e3b6669ef5293377f5b64b64369d9ee1c64038e22ee908bb25df0a74e88f35e29722943282bf9e4f62848a3e092ddd471fae8ce6b07ca513c0c71fbe9ef |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
| MD5 | bb94d12b48ccfed637b7e6bec1d27a70 |
| SHA1 | 79c698e011969de91a2031d5eed0564e798300b8 |
| SHA256 | 16da3109cea76dc3aa7a132c4ca30ba704491524bfbaa15928031de7d4d0498d |
| SHA512 | f8518e8b6d64e346fe6ebb9ff33a7e179182d8e8ecafb437367255f6bbb8255ee0cdc0e928283487d07d6b7a3f805970d5328e5b35cd6f9b00071e53f8d1f7b4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | ab96555c237136273033e3ab034cd232 |
| SHA1 | 1bd2db5ad10e825d2f070a1d8b56f34c93a8c83a |
| SHA256 | 27bcc9a7ad5fbdea9eac928ea415365a195a3f22415e181affb0f31861add4ea |
| SHA512 | 6e4d630365bab692ce4f4929a1f0459d3a8a810ed177710c42ad02c9fabe1c67b4a025e67330aa11eeb28b88d4c8e6328835de4f72c54fbc39a900e06ad8ae64 |
memory/4928-461-0x00000151C8EB0000-0x00000151C8EC0000-memory.dmp
memory/4928-477-0x00000151C8FB0000-0x00000151C8FC0000-memory.dmp
memory/4928-493-0x00000151D1320000-0x00000151D1321000-memory.dmp
memory/4928-496-0x00000151D1350000-0x00000151D1351000-memory.dmp
memory/4928-495-0x00000151D1350000-0x00000151D1351000-memory.dmp
memory/4928-497-0x00000151D1460000-0x00000151D1461000-memory.dmp
C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat
| MD5 | cd56e155edf53e5728c46b6c9eb9c413 |
| SHA1 | 14b1b0f090803c9ee39797aed4af13dc7849566d |
| SHA256 | 70a6cf268c013fb4d907bedc12af3e5f802f179f0cc8353c7b8227dde840d31a |
| SHA512 | a4ada455d44a89fd2baa505aa9266b70913967b839522ef5da8d7afd31af6662c3ad96ac3e3531d82a72be7d019c9d88f1ce391c5b5fa0e4422a634c51491165 |