Malware Analysis Report

2024-10-10 07:31

Sample ID 240616-kvz2jsxdla
Target jfxrt.pack
SHA256 0840d659560e62fcc41cd42dec9d7aedb8359f606097b540806452ca8ad05e21
Tags
score
4/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
4/10

SHA256

0840d659560e62fcc41cd42dec9d7aedb8359f606097b540806452ca8ad05e21

Threat Level: Likely benign

The file jfxrt.pack was found to be: Likely benign.

Malicious Activity Summary


Drops file in Windows directory

Enumerates physical storage devices

Suspicious use of FindShellTrayWindow

Enumerates system info in registry

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Modifies data under HKEY_USERS

Modifies registry class

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious behavior: LoadsDriver

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-16 08:56

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-16 08:56

Reported

2024-06-16 09:06

Platform

win11-20240508-en

Max time kernel

595s

Max time network

598s

Command Line

cmd /c C:\Users\Admin\AppData\Local\Temp\jfxrt.pack

Signatures

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\Panther\UnattendGC\setupact.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setuperr.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagerr.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagwrn.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setupact.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\setuperr.log C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagerr.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A
File opened for modification C:\Windows\Panther\UnattendGC\diagwrn.xml C:\Windows\System32\oobe\UserOOBEBroker.exe N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133630018214091967" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglow = "3288365268" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent C:\Windows\system32\LogonUI.exe N/A
Set value (data) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentPalette = 99ebff004cc2ff000091f8000078d4000067c000003e9200001a6800f7630c00 C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\StartColorMenu = "4290799360" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\EnableWindowColorization = "191" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationGlassAttribute = "1" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationAfterglowBalance = "10" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Themes\History\AutoColor = "0" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Accent\AccentColorMenu = "4292114432" C:\Windows\system32\LogonUI.exe N/A
Key created \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\AccentColor = "4292114432" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColor = "3288365268" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationColorBalance = "89" C:\Windows\system32\LogonUI.exe N/A
Set value (int) \REGISTRY\USER\.DEFAULT\Software\Microsoft\Windows\DWM\ColorizationBlurBalance = "1" C:\Windows\system32\LogonUI.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3001105534-2705918504-2956618779-1000_Classes\Local Settings C:\Windows\system32\cmd.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3001105534-2705918504-2956618779-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3001105534-2705918504-2956618779-1000_Classes\Local Settings\MuiCache C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe N/A

Suspicious behavior: LoadsDriver

Description Indicator Process Target
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe N/A
N/A N/A C:\Windows\system32\LogonUI.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2976 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 3048 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 1848 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2976 wrote to memory of 2828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\cmd.exe

cmd /c C:\Users\Admin\AppData\Local\Temp\jfxrt.pack

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffa89dab58,0x7fffa89dab68,0x7fffa89dab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2132 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2184 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3040 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3136 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4228 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4544 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4684 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4584 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4120 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2720 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3488 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=872 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=1504 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5076 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5064 --field-trial-handle=1812,i,11922862107018041785,1189473741792904968,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffa89dab58,0x7fffa89dab68,0x7fffa89dab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1692 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1988 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2208 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2944 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3012 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4112 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4452 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4604 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4624 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4460 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3344 --field-trial-handle=1792,i,18175731227562380330,8903339239535652281,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7fffa89dab58,0x7fffa89dab68,0x7fffa89dab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1608 --field-trial-handle=1832,i,15564448287706600841,17668455113017839997,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1892 --field-trial-handle=1832,i,15564448287706600841,17668455113017839997,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2192 --field-trial-handle=1832,i,15564448287706600841,17668455113017839997,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3044 --field-trial-handle=1832,i,15564448287706600841,17668455113017839997,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3172 --field-trial-handle=1832,i,15564448287706600841,17668455113017839997,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4196 --field-trial-handle=1832,i,15564448287706600841,17668455113017839997,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4552 --field-trial-handle=1832,i,15564448287706600841,17668455113017839997,131072 /prefetch:8

C:\Windows\System32\oobe\UserOOBEBroker.exe

C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding

C:\Windows\System32\svchost.exe

C:\Windows\System32\svchost.exe -k UnistackSvcGroup

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding

C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe

"C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca

C:\Windows\System32\oobe\UserOOBEBroker.exe

C:\Windows\System32\oobe\UserOOBEBroker.exe -Embedding

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe

C:\Users\Admin\AppData\Local\Microsoft\OneDrive\18.151.0729.0013\FileCoAuth.exe -Embedding

C:\Windows\system32\LogonUI.exe

"LogonUI.exe" /flags:0x4 /state0:0xa390a855 /state1:0x41c64e6d

Network

Country Destination Domain Proto
GB 104.86.110.113:443 tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 clients2.google.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.4.4:53 google.com udp
US 8.8.8.8:53 4.4.8.8.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.4.4:53 google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 clients2.google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
US 8.8.4.4:53 google.com udp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 clients2.google.com udp
GB 104.86.110.98:443 tcp
GB 104.86.110.98:443 tcp
GB 104.86.110.98:443 tcp
GB 104.86.110.98:443 tcp
GB 104.86.110.107:443 tcp
GB 104.86.110.107:443 tcp
GB 104.86.110.107:443 tcp
GB 104.86.110.107:443 tcp
GB 104.86.110.107:443 tcp
GB 104.86.110.107:443 tcp
GB 104.86.110.114:443 tcp
GB 104.86.110.114:443 tcp
GB 104.86.110.114:443 tcp
GB 104.86.110.114:443 tcp
GB 104.86.110.114:443 tcp
GB 104.86.110.114:443 tcp
GB 104.86.110.99:443 tcp
GB 104.86.110.99:443 tcp
GB 104.86.110.99:443 tcp
GB 104.86.110.99:443 tcp
GB 104.86.110.99:443 tcp
GB 104.86.110.99:443 tcp
GB 104.86.110.104:443 tcp
GB 104.86.110.104:443 tcp
GB 104.86.110.104:443 tcp
GB 104.86.110.104:443 tcp
GB 104.86.110.104:443 tcp
GB 104.86.110.112:443 tcp
GB 104.86.110.112:443 tcp
GB 104.86.110.105:443 tcp
US 8.8.8.8:53 cxcs.microsoft.net udp
US 8.8.8.8:53 cxcs.microsoft.net udp
GB 104.86.110.106:443 tcp
GB 104.86.110.106:443 tcp
GB 104.86.110.106:443 tcp
US 8.8.8.8:53 browser.pipe.aria.microsoft.com udp
GB 104.86.110.106:443 tcp
GB 104.86.110.106:443 tcp
US 8.8.8.8:53 browser.pipe.aria.microsoft.com udp
US 8.8.8.8:53 cxcs.microsoft.net udp
US 8.8.8.8:53 browser.pipe.aria.microsoft.com udp

Files

\??\pipe\crashpad_2976_MGXFZLKKPXDZVXTL

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c039fd81ec5059002e770dcaee8698b3
SHA1 1eb6b17bbd53fd365b1e23c779781633ccad1a6e
SHA256 1cd2813d9003942a966a5c5cf024a17da39b33903a5cbbb7ef37619c64b5ac83
SHA512 5de9e784ccd45ba7230867ef514778dbd73c2ce32206543df6c47721f77515864aece4162bf9c8f3d6d2e3fb3da0b16ee6c5d53f6985be94913e40b2684c3c3a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7a57e2ebbba76f255b7968377db6bc84
SHA1 b205552eb6b0acb3e0c7ed742526e4f074def2f9
SHA256 cff985628fbe4b46c6dee807ca52e063c830092708d7c11754e02eb164f025ef
SHA512 b255e0e94e7441a626d2862dc55e903c5aaf68187986dbfc78aa40449ac22791cd56d3bb6a5fdcdeb5b9ef10b126ffc8f478405c03ce852147e8c00f7fa761e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 72c479a50afcb34ff1bccd3c169ceafd
SHA1 423410608e6f1511b2ca358170408e2bcd0faf08
SHA256 217c8c345465e2a8a926609e2af5145da2dba1adcaf8f11150cba4e79635e9e5
SHA512 9e5479f3eecd8eb57ac8b0ef99b4d744f08535b560ae80f69408ca7deb90d516b3874fc49c6f88856e79460156f452545b1b0e7060626e10513c3bc572d5c399

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 3278bcfa6fdc875f1e1ef912675f5d42
SHA1 f10e496dea65c6b1a240133a548e4240145494bb
SHA256 56b6e741e46e931dad32539981ef389c6137c6c1f44fe8f4e80c1ef3e62d1fa3
SHA512 5ae1c7c4673a153eb85ca6afae9e10bccc2fb365c00ba68ceaac72a9e5c124c66341eacb698e7c12bfc25edd7cc47da34436d3cdc087bef1d88a889f3a51726b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3f717df6176cb3151bd23ca6a9bf309c
SHA1 40bfe7d4a4dec43c956930ffb9c8c396b4cdf276
SHA256 3bc7ee8701fe13d4e4781f14673fe8f45ac58d6a3610f4d99a856a3f34167893
SHA512 03decaa671da4b2a5672effcaf8050a61a67f23ed133152d7c5db9a1482f18d3c2be0047bfcc7a2aeb547b5c19fbdf9fc6dfee9024d9a6867c54358bde2310d6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 6b5895380d9b686ea87a9c039cbac84b
SHA1 e56e95b078a076d90a7429468d9f998ad4a54bb6
SHA256 7e242b0df947c3864ec737fa45e83bcaef84edd0cc8109a7c60cd5f8a3f9573f
SHA512 cc2427555bece14188a0854d00bc01aaa6a6f5408e6423609e7a498e7c89b8d01885117dad0e402fb46ec1a091874baf5d24a6f7ef324ad359a0cbcb48cff90b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 6f173fb313c5c3cda760afca0c0669be
SHA1 97fd444d371a93433f71aa6167ab6a55a73c028b
SHA256 4a291c1680881dd145f3ac7e89802a255778dfcace98646f238ede95ae80bc6b
SHA512 ef6b34ec47ba465971d0f53a6732ec483436ab64732ce601335e944b0b64e332721c81e7bceacf018499d781415194444d70b04faad6bb4cd6d9ecdb6a8ef52e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 bbdce7283f8c8e7d66ccf5cba06bcfdd
SHA1 c2e2d0145906f8992455ad7819275db251f1a482
SHA256 ac592c3e751c5521f73447f2f32b6d4fda91635f349431f89f975c1e3208537e
SHA512 b8fa50f8201bdbf43b9065e9a9f0ce5cc1a182ab5da6ce275afe823b3ea4cca84c7c43e7e09ec47523fda2013c8af5081656378326cc148c89eded6dd62e0a37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations

MD5 961e3604f228b0d10541ebf921500c86
SHA1 6e00570d9f78d9cfebe67d4da5efe546543949a7
SHA256 f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed
SHA512 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 009b9a2ee7afbf6dd0b9617fc8f8ecba
SHA1 c97ed0652e731fc412e3b7bdfca2994b7cc206a7
SHA256 de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915
SHA512 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG

MD5 067b31f917300aafd2b617d980c40557
SHA1 bade9270c59f0aa809d26c2938143ccf5d79ac6f
SHA256 c27554d3aaf99ab9b65cf922086e46dd781567da34a347da35800f53157d7764
SHA512 0622875df5c54c39f7d23d3da88b5bf5ce3629ae636c1d9143b451e65696309ad64b84e6308a087c989c34ee903048f0b12f06c8afb6d7d5d2fa0d0614eb30e0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log

MD5 6d6f66dd4c4cfc9010875491750dcddf
SHA1 e2e6d6dcfb8d6b708b993860a8cbec03557f4965
SHA256 638cfc9b592fc1be7e4f1f2fc519a04392ba7d471a698410ddef251937149e43
SHA512 860e9246c040b211eaeafce90c91e9611231ffcade0d40c626d5948492e1d061e715cbd5a04478d8790d9059b1716e35ab2a4c9e5de3ab22636ffd75553c504a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG

MD5 bce77ba0ea9d6bdaaa78c7d90593a0d2
SHA1 8b5c477eac5acf0d985ad7ae5bd9b3c8991dbc28
SHA256 d50ea65361e6a6a7f24f918107a5c624ab50bdef70e4fce55bf79bf1da67bffd
SHA512 af9d24d77cb09725be7b4e51761f88a666d9a80a1b0c23873b170f2fc989f1cfbc0bde11e3a0b1de2eb8df4f1cf2d3e09cfb3dd4dd16b9cc82afa00774727ef2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log

MD5 8769d604353e36bf9d871bb74c903252
SHA1 39979fa87908d6c0ac935527f9952f870b9b6865
SHA256 fb3f5f334dca5270ff9bb6ab890304e7a35daa1170f9e69558b5f4b00435e7d5
SHA512 af652b8db8a7fdc9bd929677024a00ff1195baa1d69682e21a7bbee82c0311fdeb57018af8bed27167a97cc0f7b08a6b068d10dd91e8253ac0fd3572cd539e0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG

MD5 bada08d57412862436c05dc46c31b82b
SHA1 e035374f1e39dd07ae2ad12af6d326200a72d920
SHA256 688c9272b6a64894df61b47ed4f37d92c6e0c9362bb11615430a385f7eec622e
SHA512 a81af67f5482773b6225969fe2c7da21cf6e006047798c3c0c0f1fe160e353bde911356d346f40cc190422724bdeb5d2f9d871c5fa26cce255fb08b8bd57865a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

MD5 5349460b80e4db276836e3863550e07c
SHA1 4688fa9ec6c203bf09aa5b57f6b27dfa00e98984
SHA256 9f7d2bbf15e494295f2f07cd77ebe548ab4d406f985da5809e8f7e42399dd09d
SHA512 b17eb3a5aaa54445ae17d4c6d254bacf2d64027b6107dd5baf27a10b69bb1e59c4154656a087edea0e3bb9f468f01ce2fb55dd4d30201c583cca803a657238d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Tabs_13363001902815463

MD5 ddb1e50b6b6c75cf099ff63435d25245
SHA1 ef835d1cd4fa7266d65a2827c57a8f3e189133dd
SHA256 e81eb7da056cda20b20e6f466a41b9b1dca655e54006b127efc59e45c80c0635
SHA512 da5b4411b5552bd7923089cd560f3e6133f142289b93777eb05ec5318f86b3fe9905c470ef259fc274ea755ef7b56e411018625974ebd06278773c30b3a428c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log

MD5 bd30471656c9eb2e25e32866eceaa057
SHA1 819cf613ad01f2795561fbcf2f4650c0ffe9b642
SHA256 be4073c263fb4e95ea8e306ac733946ba8035a162d7dea01ad7f85810f4472fd
SHA512 6a4990f51cdc5473ee235cc079b5f374c304d58e563bf5602dadb8be668aecc31bfa3b846ede3af050fc989619a2f7f894aa09b765babc9254e1ec6b718dda65

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

MD5 e9f3a4b697a8d06bd06f067e3be2b843
SHA1 33104bb73fd31eccaec95bd502232813649134ef
SHA256 ebbb9f3483d59828688a57c458b55c6285f1db3f62b60561105382c058ff5872
SHA512 c9663c7ebf13338133661e10ac816325478ba85a6bff7a72151f728e77392ed959bbaac40f98abe1f68991d77763f15fba9853321ffce27cfff99f2d57622ef6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3

MD5 2ba16690cff4be8c3cd01e61c612932a
SHA1 b672fb5a27a9643041d079d81735f92bc6454a95
SHA256 6c42765278852d02c224b7a50d41e25ab8d0f15b5d852cfc6607085bb830d4d9
SHA512 0d1cee84b891f261f98409b2e9a132a239298276a0a3ec63e0752bdbccfa1a80b42d091c17ddb51764b1c10452b2fac0d0fe8b20dbdfb5ec6dd24d9fb1fe0538

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1

MD5 6e741e98e0b6730dd865ad8ae15205f0
SHA1 e496f35d91dec21d8266d4082cca5d130ab8f10b
SHA256 870fa72598dcf7073e9afd2cd5860b5bf8bc771004a5e951ae7622ceefdf2f8f
SHA512 f3736245728aa82dd5256b96bbbe1c0ce747513e742e0348bdc58fd5f690a409fedf080eaa7ba4040f1ccb539fb1e28752850b06aef2a80130f417dff2479ead

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0

MD5 809678f2848a173127e9c42c944fde57
SHA1 623657a64d07f2b50ce862a124b4eb8f7461f8db
SHA256 636c7d306bc33a7e1cd39a2ab58d56c26a27cc30d5c1482e557a194e234fdc22
SHA512 e8363f94b2475fff08ee843597b9deb2e0b5dc4ba98e350129a1b7445635782ef1adc7875154bd4b2c182233ea49a30d20b024a04355bcaafee0aa16daa9c148

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\000003.log

MD5 3013c8910cf35af499f70c53904c805b
SHA1 5b947e49ff8e69f3717dbb4338f1661745340663
SHA256 a01cb6de49c662243beeca85410ec257beeebd1b7fe4e5315cb666a26342fc8f
SHA512 9ad07814508e146a1d55b206613cd76979d42297ef264a2ddb9f6d31854d337142b176dbb7023d2cd1e2ea431483e6d814ac0e5630a163533eceea2c1d39cf1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG

MD5 a0d15c2b024fa5892fdd0a77e4351773
SHA1 b25a492e47c05c572470e99cc4de5ad79efbb373
SHA256 c1be9c05caf30154619f997fe1058d4b04fc40abda09a8acb016024d953f8587
SHA512 d141b670bc83343a7856f478dd6651b8c1b026fdb09865a60ee9b6fc26909fbd34b34acccffc6c36f0d320f7d89929dda64735aecbe88b72196a2c68dc9b63a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 4e8ab83e3b3627956240cb002aee01db
SHA1 9ec72a1b2a8dc48dc6002412f513d57177bfdbca
SHA256 c41c46d709fc53120ae09cdb9f44b4bbd14b124239b841aecdbcc56c53b1e977
SHA512 d493f0793aff7bfd9085cc6dfb035aaf09f86811c1b3edf13ccecdd5c61b2fbb389b5cecf9e7ec226f0707df3137a257c977a28ddbce91a490dd884cdbe435cd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 70059b7fb67c6240645792e85236789f
SHA1 119c6d0ddb1aaa93daae2616d923d22915de7847
SHA256 2d9868fc010d79b98f57ed514608f11e3cc33ef4a3678089b444cb6b1c37c5a8
SHA512 ea40c7d2391d822c639028164a588ea67c6f5004b3cb7fb3cd093b6e7a88243d533b781aa7c8874d93bdb58343aa577541096d62b80b93066938ea6636ed54a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 cc3ca2fcb7c049a1b5d0d5f43a866551
SHA1 86a907040f83b33381e222c5ae20617552a5413b
SHA256 375d986acc64a97b532414cf82c4505fc6375e8242fa1f867f045a6d831a6ccc
SHA512 b352e32a44c0458bd6d0115d4fcb68468f6d33b4ac891482d2bee867a947ffd9b9ad53023cd61421b9d0cd1dd75b8db895147bad494acfb76ab36cfb9d1524dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\000003.log

MD5 8a30a1fdd0459d9ea8b1e78a8e636856
SHA1 9d7225e97f9cfcfb225cfbfd0b0bba21d4efdd20
SHA256 88fe1d31608930f2738d102d45c75dc77acdf01a1b69bfb7e7c0281575b75e33
SHA512 b529bce870cd8165bf82f3ebf94f07552467bd0993b9d35145182e54e26fb2ae8e7bb167d88267b632757e2146f27dfddf8867db0c66e5dcc306db12ec6b7bef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Local Storage\leveldb\LOG

MD5 08a37c123f32291bdea1822c3af8c5dd
SHA1 124d275dcffeb8b27140809d682b285faa7e718d
SHA256 8ab6f0b786bc8c48190468b7aedea793705cf1e9b13ec16c4b0ba85ddc900f5c
SHA512 8573a9b7866fafd7486d06aa1f4ed9ba6025b1713f56ab92d793e3addffca11d1d37692fabbc8e57eb37146eeae1fd6ef9acc04d67c5560cf4a4b042f9ec4cd3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Session Storage\LOG

MD5 234a449bcd5c244eff7804b4511ca841
SHA1 babd43cb05e1cd82fd048998e46da216b8b3da6c
SHA256 4114e5ea4a55958ff322f726ca5c582db0edd13d8def5da4243b17bf6a87d3a4
SHA512 01a9c1f861708c6b8bb6bd40e1c6c9eb63794ed81632df81b9f0ae0981e4a407392511a923db7a22e9da29a891f052b0bb63de975a3f2e9460da80d0d1ee6a92

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sessions\Session_13363001820635896

MD5 d754389a2efd28ca8fa8a07cd4dcb108
SHA1 2e0cb5496ae62ecf8ba9ba30540ab8c6caaa9afb
SHA256 c16a368fbb8e0e2ef6e7314b938bb8a6520a5b2f47d1e91772a79e32e457a550
SHA512 ae9a08374a25523124754b841b9ae1c588094575487e4f878d0cb4aaf2fb9b17e181111ae2a52eb105cfe3e2ac935a3fd0b8bdc8ffbe76d8c115177448162abb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\chrome_shutdown_ms.txt

MD5 6e204bffdac23a85e8ff686f302b4aa9
SHA1 50e75ab3eb482683498746c5b2cb7cbdc109d112
SHA256 a9c6e1687ccc7d047333ca7e1c636b2dcee25c24254435fb10cf42ba2e396302
SHA512 359b3fc20aee006510fd9865f708b7380df6939b37f866bb835b000e3ee554e565ca6445e5061cb5b3ccaff3a4c76ce10ed94be599bcecac6de7aef01f10f4ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor

MD5 f162ff75abbed1c2c60e8919beae0ae9
SHA1 e9c38911d8742cf578bdc26ee9b633a638a22ed7
SHA256 1105b60ee7ae4b280b3cbc75816d2fd33a0c864f88cbdc683de91c23f679da28
SHA512 c5042fb8c71305b0d5dc7dcabeec6b4c10b60b02999cbe9829957abc17126328ead5f800d14fe5161546876fb7933abe42122119ec13415358b1cf315a4ae764

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Browser

MD5 de9ef0c5bcc012a3a1131988dee272d8
SHA1 fa9ccbdc969ac9e1474fce773234b28d50951cd8
SHA256 3615498fbef408a96bf30e01c318dac2d5451b054998119080e7faac5995f590
SHA512 cea946ebeadfe6be65e33edff6c68953a84ec2e2410884e12f406cac1e6c8a0793180433a7ef7ce097b24ea78a1fdbb4e3b3d9cdf1a827ab6ff5605da3691724

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\LOG

MD5 ee5130901dbceee10b894457fa7d2ba2
SHA1 f32491a040078071676504f8f446108e8a85431e
SHA256 ee0ffed2b1d78201d432d03b20fb5bdbc03019e064a3623337d134015c20ddcf
SHA512 a5a31f9fb1e12b779a43ad430f83b391bd69a5cb53c2bfb52988cb1c012889a2d99b2da4c98516586274eb2516038c5bfc2c94c47baa72efa0158380de3f16ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network Action Predictor-journal

MD5 e1c19acbdcec5e93ff16eb1128f8aea6
SHA1 3d28e0c3293500fe47cc454e5efcd850381eb991
SHA256 3c1d6464d09e8bf3535aeb97cf017fdc3e013d667d314783bb3729c3ecd850b5
SHA512 aaafcc1c20f189a7dd07d2fe055049f0b156f32d2cf1ee3a1ed6a7d5eda4e09a90e7f2fd7ede75421cda6910a0768296bc3140c9784e84e98fef6818b6a2840b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 c8eb73a5f494ca1f2a17b8effd2d2e0d
SHA1 020345a4b583d00cdac843578b80d557a5ff3dca
SHA256 2ab518da3d50c99b01b89f3794b2559187300412a2880617463bb527560bbec0
SHA512 e3acf031e3edd7fdda019086287bb3549b62bdc81568ff180f3179ef857424424ee8417bb8a41311bd9700bf3484f55b9075cae30d2e409ef88ee0de248b1274

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 837716581709eca3d15b724bd34c35c4
SHA1 1632bdd39fc7663bc410db72f2ab6ad16191d2d5
SHA256 a25340d0435e45c4136f0bdc75a8635a802b489023cdc291a96c0c8c4a3559ea
SHA512 901f25b1ea9dc9e06482128d39d6eb00e3c7cccc4c7d000c8ed6044d0afc6a7424e440b168a47dd82cc374c7b2ac5d59901af0d0d89e0ec7a772b41df6c15783

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f9741d2ec2274e97681cd9318dd9cccf
SHA1 8dc4e76f9d9be7748b3d5d2fb1394ac98cb47900
SHA256 7ea7e2c5ca33edff4b86b8fec0e74dcfc998f7595c9fdeb80c60009ce4790175
SHA512 df1e6aad4a6a9f5411b2d762978ee6bc93198ef499449d0be5003fa2056ad9852c52f2a358d410f89b9924948f3d51fd0868bce72ee038c4f18e867e18f3563c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 1b90db66a9f858fae60d96ccef0baac9
SHA1 e238916e3cc28b05b9c1e5e96265576329e5ca14
SHA256 cf507730d3a01db4de5bebc0e4901375f74c5c691aa27be15ee81058b13c9ba2
SHA512 2b96928889f3789947c4bcbe88e9ff02606127404e01593a96af4d9597c38c8525e2f65ce6442cc2b96058bb0b2a19a13f7a8efa29b1c3856f028898dcf82406

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 90b0430bd2c2d617bcb8c797cdf6f65f
SHA1 35fd7242dcc88254107f1e31abab115ae66a97be
SHA256 2e828935d5996ecaa7d709ec9340e52b4bd819ad23e771c5aaa42f2fdb2c987a
SHA512 51b0893c0f82978dceefa2eb913e80a345876c492cbbb57359462e82d1a11682d4dd0d0e637a8d5d018a4ef60219297e7f35e06275b655be6c5035010cf512b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0b68f9282118db10a8ab97b11adc94ae
SHA1 88498db16c55c4de9e7d7661e432bb34e00de05e
SHA256 dad944e3de6edd3d97a269041a2d6a59276678fab9912f94c08bfee24354db39
SHA512 6253f256a00e2ba8ab99c1b26f001247b22a05c0653f458a86f579f89405972ec4068b63a6c3f586b89d554f9b37b3cbbc272740ac5e03b69954d82c5e720bca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 1b5fb1d0898493a53d4e89e1d25c7230
SHA1 0e819f940c10a53d845a558a5d07208ccb8af239
SHA256 f00559d8ab8d2e2945523b7d76eadcb7e91b75152d2b15421be353cdb81a370f
SHA512 404ddfa44bf6fbf808bdba4a62d6e4b9dacf15e4f9ffa860bfccfe8319a9ac112ab37f683e05de159856aa63b679233ac65dfbc28022c5405fecd8c6b5c07a0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\27b99670-2f74-429c-b55a-5ca806192303.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a0abe033811d8dc62b378b17a60d3eb7
SHA1 a660bc1af58e8536889c10b4b540f7b5c49eb695
SHA256 f2cfd2098d4351e223d4952fbf90b37659f87ed6a3f5041f74dbfc81ea52d25e
SHA512 513b0a026907144dd4e8d60d71861511db40420135a1220d79f1a8ac3d028a465ad1748e772fc6ecacd49a2b52ba2d05a4e1170e881ef6fbd632fc27ecdc244b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9c645ae083fa420bc5a88a585f1e791a
SHA1 dd90cab4de4651e9184e3376f7280ee846eac04e
SHA256 c0d3de766ea56b0a6f0097dc75be07be14af30c495f61aacb040629219c57e04
SHA512 1be22b409d3baf3da1482cfdd22ce4e951b495740f9e1ee4ad191eec201c26194eec51ef1e1cb94108b3a43f288c86c59bf95398126794d75ebf79c40758fbc2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 f3d11edf3219fa879706035d619f508e
SHA1 fbce46880d6060d706c226aa566ba790f7fbf1b7
SHA256 39d43347885230915f4ef1785af021954edfd67eca3200a03d15f400ec5534be
SHA512 e4f51e3b6669ef5293377f5b64b64369d9ee1c64038e22ee908bb25df0a74e88f35e29722943282bf9e4f62848a3e092ddd471fae8ce6b07ca513c0c71fbe9ef

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 bb94d12b48ccfed637b7e6bec1d27a70
SHA1 79c698e011969de91a2031d5eed0564e798300b8
SHA256 16da3109cea76dc3aa7a132c4ca30ba704491524bfbaa15928031de7d4d0498d
SHA512 f8518e8b6d64e346fe6ebb9ff33a7e179182d8e8ecafb437367255f6bbb8255ee0cdc0e928283487d07d6b7a3f805970d5328e5b35cd6f9b00071e53f8d1f7b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ab96555c237136273033e3ab034cd232
SHA1 1bd2db5ad10e825d2f070a1d8b56f34c93a8c83a
SHA256 27bcc9a7ad5fbdea9eac928ea415365a195a3f22415e181affb0f31861add4ea
SHA512 6e4d630365bab692ce4f4929a1f0459d3a8a810ed177710c42ad02c9fabe1c67b4a025e67330aa11eeb28b88d4c8e6328835de4f72c54fbc39a900e06ad8ae64

memory/4928-461-0x00000151C8EB0000-0x00000151C8EC0000-memory.dmp

memory/4928-477-0x00000151C8FB0000-0x00000151C8FC0000-memory.dmp

memory/4928-493-0x00000151D1320000-0x00000151D1321000-memory.dmp

memory/4928-496-0x00000151D1350000-0x00000151D1351000-memory.dmp

memory/4928-495-0x00000151D1350000-0x00000151D1351000-memory.dmp

memory/4928-497-0x00000151D1460000-0x00000151D1461000-memory.dmp

C:\Users\Admin\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\TempState\SearchHoverUnifiedTileModelCache.dat

MD5 cd56e155edf53e5728c46b6c9eb9c413
SHA1 14b1b0f090803c9ee39797aed4af13dc7849566d
SHA256 70a6cf268c013fb4d907bedc12af3e5f802f179f0cc8353c7b8227dde840d31a
SHA512 a4ada455d44a89fd2baa505aa9266b70913967b839522ef5da8d7afd31af6662c3ad96ac3e3531d82a72be7d019c9d88f1ce391c5b5fa0e4422a634c51491165