Malware Analysis Report

2024-10-16 06:40

Sample ID 240617-t87szszenm
Target 213ole.txt
SHA256 ed094abf4305b61b980383a861135e6349b83de06be3259da6c178fed0fb17ea
Tags
bootkit persistence evasion
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral4

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral8

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral9

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral5

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral6

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral7

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral10

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

SHA256

ed094abf4305b61b980383a861135e6349b83de06be3259da6c178fed0fb17ea

Threat Level: Shows suspicious behavior

The file 213ole.txt was found to be: Shows suspicious behavior.

Malicious Activity Summary

bootkit persistence evasion

Writes to the Master Boot Record (MBR)

Resource Forking

Suspicious behavior: GetForegroundWindowSpam

Opens file in notepad (likely ransom note)

Suspicious use of SetWindowsHookEx

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of AdjustPrivilegeToken

Modifies registry class

Suspicious use of WriteProcessMemory

Checks SCSI registry key(s)

Modifies Internet Explorer settings

Modifies data under HKEY_USERS

Suspicious behavior: AddClipboardFormatListener

Enumerates system info in registry

Suspicious behavior: EnumeratesProcesses

Checks processor information in registry

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-06-17 16:44

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-17 16:44

Reported

2024-06-17 17:07

Platform

win7-20240611-en

Max time kernel

951s

Max time network

1261s

Command Line

C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\213ole.txt

Signatures

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2716 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2296 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2632 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2716 wrote to memory of 2388 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\213ole.txt

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef6899758,0x7fef6899768,0x7fef6899778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1124 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1508 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=1592 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2284 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2292 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1516 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=2196 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3456 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3576 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3576 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --reenable-autoupdates --system-level

C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\Installer\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x13f997688,0x13f997698,0x13f9976a8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3768 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=3576 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=1156 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=916 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2096 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2100 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=3568 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=3860 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3800 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=776 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4148 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=4208 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=2584 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=1752 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=2720 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=660 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x558

C:\Users\Admin\Downloads\simpleunlocker_release\simpleunlocker_release\SU.exe

"C:\Users\Admin\Downloads\simpleunlocker_release\simpleunlocker_release\SU.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=4300 --field-trial-handle=1380,i,1734463261484886349,11270035361722031096,131072 /prefetch:1

C:\Users\Admin\Downloads\simpleunlocker_release\simpleunlocker_release\SU.exe

"C:\Users\Admin\Downloads\simpleunlocker_release\simpleunlocker_release\SU.exe"

C:\Windows\system32\wbem\WmiApSrv.exe

C:\Windows\system32\wbem\WmiApSrv.exe

C:\Users\Admin\Downloads\simpleunlocker_release\simpleunlocker_release\bin\AntiGDI_Injector.exe

"C:\Users\Admin\Downloads\simpleunlocker_release\simpleunlocker_release\bin\AntiGDI_Injector.exe" 332

C:\Users\Admin\Downloads\simpleunlocker_release\simpleunlocker_release\bin\EasyHook64Svc.exe

"C:\Users\Admin\Downloads\simpleunlocker_release\simpleunlocker_release\bin\EasyHook64Svc.exe" "3zI31E5jetmB0dyhMeB8hGM"

C:\Users\Admin\Downloads\simpleunlocker_release\simpleunlocker_release\bin\AntiGDI_Injector.exe

"C:\Users\Admin\Downloads\simpleunlocker_release\simpleunlocker_release\bin\AntiGDI_Injector.exe" 332

C:\Users\Admin\Downloads\simpleunlocker_release\simpleunlocker_release\bin\EasyHook64Svc.exe

"C:\Users\Admin\Downloads\simpleunlocker_release\simpleunlocker_release\bin\EasyHook64Svc.exe" "1qUXOLU20KViPG6Fa0XyS"

C:\Windows\system32\calc.exe

"C:\Windows\system32\calc.exe"

C:\Windows\system32\LogonUI.exe

"LogonUI.exe" /flags:0x0

C:\Windows\system32\LogonUI.exe

"LogonUI.exe" /flags:0x0

Network

Country Destination Domain Proto
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.187.238:443 consent.google.com tcp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
US 8.8.8.8:53 id.google.com udp
GB 142.250.178.3:443 id.google.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.201.118:443 i.ytimg.com tcp
GB 216.58.201.118:443 i.ytimg.com tcp
GB 216.58.201.118:443 i.ytimg.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.201.118:443 i.ytimg.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.2:443 googleads.g.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 172.217.169.2:443 googleads.g.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 172.217.169.2:443 googleads.g.doubleclick.net udp
GB 142.250.179.234:443 jnn-pa.googleapis.com tcp
GB 142.250.179.234:443 jnn-pa.googleapis.com udp
GB 172.217.169.46:443 www.youtube.com udp
GB 172.217.169.46:443 www.youtube.com tcp
GB 172.217.169.46:443 www.youtube.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 google.com udp
GB 142.250.178.14:443 google.com tcp
US 108.177.122.94:443 beacons.gcp.gvt2.com tcp
US 108.177.122.94:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 beacons.gvt2.com udp
US 192.178.49.195:443 beacons.gvt2.com tcp
US 192.178.49.195:443 beacons.gvt2.com udp
GB 172.217.169.2:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 beacons4.gvt2.com udp
US 216.239.32.116:443 beacons4.gvt2.com tcp
US 216.239.32.116:443 beacons4.gvt2.com udp
US 8.8.8.8:53 google.com udp
US 108.177.122.94:443 beacons.gcp.gvt2.com udp
GB 142.250.178.14:443 google.com udp
GB 142.250.187.238:443 www.youtube.com udp
GB 142.250.187.238:443 www.youtube.com udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
GB 172.217.16.225:443 lh5.googleusercontent.com tcp
GB 172.217.16.225:443 lh5.googleusercontent.com tcp
GB 172.217.16.225:443 lh5.googleusercontent.com tcp
GB 172.217.16.225:443 lh5.googleusercontent.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 172.217.16.238:443 www.youtube.com udp
US 8.8.8.8:53 id.google.com udp
GB 216.58.204.67:443 id.google.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.201.118:443 i.ytimg.com udp
US 8.8.8.8:53 img.youtube.com udp
GB 172.217.16.238:443 img.youtube.com tcp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 216.58.213.6:443 static.doubleclick.net udp
GB 142.250.200.34:443 googleads.g.doubleclick.net udp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 simpleunlocker.com udp
US 172.67.147.163:443 simpleunlocker.com tcp
US 172.67.147.163:443 simpleunlocker.com tcp
US 172.67.147.163:443 simpleunlocker.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 8.8.8.8:53 cdn.datatables.net udp
US 8.8.8.8:53 ajax.googleapis.com udp
US 8.8.8.8:53 js.nicedit.com udp
US 104.17.25.14:443 cdnjs.cloudflare.com tcp
US 104.26.8.123:443 cdn.datatables.net tcp
US 104.26.8.123:443 cdn.datatables.net tcp
US 104.26.8.123:443 cdn.datatables.net tcp
US 172.67.159.216:443 js.nicedit.com tcp
GB 142.250.200.42:443 ajax.googleapis.com tcp
GB 142.250.200.42:443 ajax.googleapis.com tcp
US 8.8.8.8:53 apps.identrust.com udp
US 8.8.8.8:53 apps.identrust.com udp
BE 23.14.90.91:80 apps.identrust.com tcp
BE 23.14.90.73:80 apps.identrust.com tcp
US 104.17.25.14:443 cdnjs.cloudflare.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.169.42:443 content-autofill.googleapis.com tcp
GB 172.217.169.42:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com tcp
US 8.8.8.8:53 simpleunlocker.ds1nc.ru udp
US 172.67.129.68:443 simpleunlocker.ds1nc.ru tcp
US 172.67.129.68:443 simpleunlocker.ds1nc.ru tcp
US 172.67.129.68:443 simpleunlocker.ds1nc.ru udp
US 8.8.8.8:53 mc.yandex.ru udp
RU 93.158.134.119:443 mc.yandex.ru tcp
US 8.8.8.8:53 mc.yandex.com udp
RU 93.158.134.119:443 mc.yandex.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
GB 142.250.178.14:443 img.youtube.com udp
GB 142.250.178.14:443 img.youtube.com tcp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.111.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
RU 93.158.134.119:443 mc.yandex.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.111.133:443 user-images.githubusercontent.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
GB 172.217.169.42:443 content-autofill.googleapis.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.111.133:443 user-images.githubusercontent.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
RU 93.158.134.119:443 mc.yandex.com tcp
RU 93.158.134.119:443 mc.yandex.com tcp
GB 216.58.201.118:443 i.ytimg.com udp
GB 216.58.201.118:443 i.ytimg.com tcp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 142.250.200.34:443 googleads.g.doubleclick.net udp
GB 142.250.200.34:443 googleads.g.doubleclick.net tcp
GB 20.26.156.215:443 github.com tcp
GB 216.58.212.202:443 jnn-pa.googleapis.com udp
GB 216.58.212.202:443 jnn-pa.googleapis.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.111.133:443 user-images.githubusercontent.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.111.133:443 user-images.githubusercontent.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
GB 172.217.169.42:443 content-autofill.googleapis.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
GB 172.217.169.42:443 content-autofill.googleapis.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
US 8.8.8.8:53 simpleunlocker.ds1nc.ru udp
US 172.67.129.68:80 simpleunlocker.ds1nc.ru tcp
US 172.67.129.68:443 simpleunlocker.ds1nc.ru tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github.com udp
US 185.199.108.154:443 github.githubassets.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.111.133:443 user-images.githubusercontent.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp

Files

\??\pipe\crashpad_2716_VBJOHXMAQWLHGOPC

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000007.dbtmp

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000006.dbtmp

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\CURRENT~RFf7de0be.TMP

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0e55a02a12375cef420abb0b770e64d2
SHA1 bbac3bf595d2560741d559f9e3a1dacd6956f6b9
SHA256 27d18cb0f0e375892f31ff92159876f225e42c2dc777f7a165bdc951fde554a7
SHA512 eada53ae92ff8d171da79c3fbea8b209ee28ac3ac99dba67b4b61844b2ff7247db0c281173deeda0995d43cfd0bf3190667ed7bf73b228a578ad637dd2fae49e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6237b985a10088c748c0ae7b2e2039ac
SHA1 2291d6bc05a27ae5516cb86966e7bcb49624cf9e
SHA256 745cf685b88f61a3c35e9fa5705ebbe822bb66aa8a4d0eccec3782f447852a0e
SHA512 9c44252ebdfdddd261f791e72461231eeb0c13c2c8f93ec3fd4246f3be1ea6913161f99713701bceb169ee3020cdfdbe8bd7f38049b7f3559edaf82e6be9daee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 dc22ca81ca87cfe2c5d059ae82bf9753
SHA1 0130c8a491d9ea5651d80f49f49eb49e3d8cf574
SHA256 4f4a8f6a3fc643c3cdc493cbfe0e0e02f8490c0c2f9f296ee7857f2a4bad9838
SHA512 a530e33bd83bd9d3a6a4ac87f9d9cfd9f4eef301da25bc54a17c4125a6cace73a5b9cec2bebfaf286938c0c0d784f0cdbf67ca2c7dc85ba7f0715fc830a588ca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7bf062248c318696a6631eb1c0d2f5b9
SHA1 f660315bab7bc8b83cb71eaad3d56e061596ce80
SHA256 3039cfbefe1bfcd0abbfa54df82378b4bc48a1b5a43583592e4d4f44f5a0bb84
SHA512 4085cc05d8143a27f87f36a53d62cbdcc6c839b50f44494377b230d744e5646d1e600cd798f5a3d122855e8587bf989e6f05965b5fbc152bfa4aedf6af1b5f72

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 2c1bd0e7d1495a8026a5bfcb6eb773fc
SHA1 71ef227d41fbaeb4eca033b2ff09cb22874ab2a4
SHA256 9be37f4e81f717d87b117db566ce63d4a5eaa83a86ce445d674b6c7a8facb502
SHA512 36238b646da8b4a4c5e481a2c7993ce295683e06dc51ad3520c28d76295dd1caee46947817e20ecd5f9ca235c430cb53091390c93231b0fb44a6c1a3983c70e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c810b7a2023672f9378e0fda01e1e49f
SHA1 bc67808e168a7bc3c2fef2cf0c5a5a5b6c061233
SHA256 e746c4c0e3818188a7c086d2b027b759929ba05b2e7747e4c7b8db3f26d3afa1
SHA512 ba1cac89984a269dcacf0a6980c828ce0d615f932789b9d4c7fc8e45cc2a5dd2668ed93dd23b0628dbdc60a86778ca67d1b98c2c77b49867e645d5979c86d27a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e8a93f9b747608236c431020d1338503
SHA1 0859fc9210119ba5fb2166e5d7e41b7abdefbea0
SHA256 1b9a34e3391e1858357cf6404840cc8e915a3c87c55467dd5ca5c9df1572aa8c
SHA512 afc9086afcae6664a7bd80e8c7580f97bf793c5d2c3e1a9aaee7cb7f199742d19b6c0e18210d71166944e43b1f014430ecbea6b03e141257f68179872ea93108

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d75b28cc439b8e1c1bea287c3c94617e
SHA1 7a96e3fdef53cc9e68cbf938e8b650e380b5cec5
SHA256 7740ac8a7ac3371a477349842d30270e641f9ba1dac000c02056018f63d47283
SHA512 3197f668ca9cd1ecb8f4b05493780db9636aad326cca15c94643955a333f18c83db41f791acaeed1a45b7d28ee74eb6212ad8333aeede19b94205b2ff4ce9c51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 f2d1781ee1f6245e7ed7f6ee18050f48
SHA1 4ed9610f29d2a1cf9d9be9a23ef24d5e134b0a74
SHA256 868707e00e6d23b78cff1b5403dc4922c8221c30a75cf2d0d725c421e29cc821
SHA512 b049bb167005faa4cd7971d97555d9d0b2b425e7845fbb245f8792c3738ffba3409a66148409cfa5ec88fda9dad7b1906e9ce46ff574d75ccc2c20fba84f2262

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 3fd41793735ca2716d3a7f6b902dde7c
SHA1 cbc6acb0aa0d9353f997b9e1abe861b927a2a703
SHA256 ca38dbaf702e5cff826d5544a5367c147dd9352b800cb80c5f2ae5756c637d9a
SHA512 b88af2d92332ccbf34030f19fa4923add5998ac1b9362db0b044c42878c00f8b92bbd0ead1d5fe9b85e0b607c6547469dc9e5502d00fd4e09f227f0b0eacba1c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 f0c27286e196d0cb18681b58dfda5b37
SHA1 9539ba7e5e8f9cc453327ca251fe59be35edc20b
SHA256 7a6878398886e4c70cf3e9cec688dc852a1f1465feb9f461ff1f238b608d0127
SHA512 336333d29cd4f885e7758de9094b2defb8c9e1eb917cb55ff8c4627b903efb6a0b31dcda6005939ef2a604d014fe6c2acda7c8c802907e219739cf6dab96475b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 abfb8213050668e4eed5213d30afb01f
SHA1 57a2a159a41f4b5455d4a7f0516feddf5763140e
SHA256 24fa4420a6eb4be63d6124982ff9957c5e4f280142c90dc90ababebeb53db902
SHA512 087dee651441510f1e6745912789591de2bd437c277edd0a84b2ca7bd4352089d6a0fca239fb1c0f5a01b58f61af2b5b1f1273afb36d83487b1395608312fa20

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 ae1bccd6831ebfe5ad03b482ee266e4f
SHA1 01f4179f48f1af383b275d7ee338dd160b6f558a
SHA256 1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649
SHA512 baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b9bd07e0f37cc159e7c0b3e264894b96
SHA1 fc382db47e7d7ca410891dcbb1541343fa54faa1
SHA256 92272bc156bbe6ba50c184bf28fe3d47ed75fc156eefa80d1261afe4772f24e2
SHA512 624b5352914d7469d71cd2ea9d329af2f3796d16430ddc611c014331680f21ce22b4d893bbbc50bf68649e20f258d698c9b362dfdd807912211dd62e5e5889fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b9e19e3fa2a29305db110e706cfa5b91
SHA1 b8d2680798ab105ba0090b6d394bf212aecc658e
SHA256 2e52a4cd30d6dd0b1d41ed3e9800f3e658aad6d535b4768915af6f1fc62bc149
SHA512 4a0f45f10d5dfb895646c56414d3df51465253af833d6df8d2dfe40cd538509ca3b2258dd8dd882b1689cb70eb37c8d8b19bf47ac747809644168356b27c7e22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 e9df1a79d16e8861a7eca769acf8f23b
SHA1 d15e2f9a4170ee43da31878581b3cba03fe7007f
SHA256 a68cfce68accc1df373a15ce3588bb592948eb5be34db8f26b78e49eaf554f92
SHA512 362652f61b177d8758968acb6888e378c228e0036cd86a2922f875457b2e292aa5c2f74e44e893950397fbdb4dbf40a9586f0e727b770f97a487ba1df0b85c54

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 3dda883b89b1f31dd1e8e0be2d4250e9
SHA1 ff69000e8307afcb2b4db7d6117b47975f9de06a
SHA256 e60268695e6c66a62ad318850e45954bb22d21f2ae62fe9f0c5490dcb1e69f9b
SHA512 25176c5acc9cf658129508ccc1b7fc8e93777cc59a404caf06a0e0eeb7c10b5276923aa51d56a99ebfd45d9f05b16f598794fb31ea0aa39565770b3c3b8c8c43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000015

MD5 fe595d87988ffd97cb63978a7149baff
SHA1 86ea25dbebfbc3cb03702efc02fe6b6c7c42e824
SHA256 edf823d3465a5a6436cee1ea0f267b0fb0c2e9cca63199a570b213bbd260f8c6
SHA512 fe41673a42ae666d14b4507196763886c2a597c03fc628cf455a166683a41f6695a9342d99bd4956a774630ca7ecfe92e0a60dcec2d9a07d7196107eb7dce870

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 426c1fc92850e571031aa500de27a500
SHA1 7d31fdd1c13d1ce693d28e29f8df30fbf3aabcbd
SHA256 3585d53af1b7da71aa6e7f6965800ad49bc85d5780fa9d37d31f0d0216fe3a3d
SHA512 6464c87298927c9f5e6d36297a104a06ba372e1dd31df3416a541fcc4eaa1ccc90909b7eebe5f71d981467bddedcd1b07ab8d51167a12f17d97f3fd16cec07d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 dbd9dd191e9564d7d74aea80a980c271
SHA1 9f6a0448d1e8b7c5f3ae3c4d7cb2deaafe506b60
SHA256 930da1c4342c2b2b291575e9f17636bdca069a0402c2eb01c0209be785be4069
SHA512 2c4927383d659c68f480191829947d7899fb442c100507c65b9751a06a94a5218fe2c370a4dcefa51e377283445d915cfdbd29f41ada7309b122666d9c1bbff4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 3c194e31fc10a7fc730836e95abfe571
SHA1 0eb78b073dcc7085fb972dbfdd44ae5b0dca84b1
SHA256 e92855a2f307c3c85bf57f2da111664f855deb6a1ba31edc6b5bfd9ee4246f80
SHA512 a0a8cb9bcff7ab3836486192b41c077b9b131906255afc1258e058b438bf389c4612c920f9abc432f9b1823d723d862b26deba5f6c4831b041b280c7098bf3f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 048955202821a4ebbb8861a6a46f4c54
SHA1 6774bf1b6f13f5593cee6aeff93078c7d636ea46
SHA256 025e6b4f27f1c3513ef8d875c9f4e77167e856b94776061620e0d1c1e8c83d04
SHA512 e6629d4994f71bd0744cf9849079fa06e5cf86d5bbc4da7186adbc5528cdcb3c9ff704181b9f41da98f46f7088d10ed03f63a76d30de2a5309e016856d230e90

C:\Users\Admin\AppData\Local\Temp\Cab126A.tmp

MD5 49aebf8cbd62d92ac215b2923fb1b9f5
SHA1 1723be06719828dda65ad804298d0431f6aff976
SHA256 b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f
SHA512 bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

C:\Users\Admin\AppData\Local\Temp\Tar1328.tmp

MD5 4ea6026cf93ec6338144661bf1202cd1
SHA1 a1dec9044f750ad887935a01430bf49322fbdcb7
SHA256 8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8
SHA512 6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 722eb150bb12a9118237b1423d7cabe6
SHA1 8fa7cb701771f4e84ef7cb9979d3bcf77961a2c7
SHA256 f8e8a6f48b7c0a4d8c1756c864872f92ff3d405ee5b8565286efb6f6914f8bbf
SHA512 b3cbb863255c065705fb575b37683c4d18cd96fd47f575020b28cc4879e8db346573ee5c36b3a28d659f860144c406339201a4ee3f6a23172ea5d35cc504976b

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 b60e4fd028076be49b7540728f5ca6c6
SHA1 d0d9ace53d8c56937d47d3bba49dadcc9d651394
SHA256 503cd0dcd5aeb884698c2e545bd03e703b9aa4055204ce8d46ea085dd4a7c253
SHA512 82e2d4fc5909e9586bce48be0ee6d33a02059bbb086fb4644be9a5b36247a15c9e0cc69d787d186c250cddbdfff7028ad2d8643258ebf99c0b8f9fd4cab2b842

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 59ae1098230dd9d303cd017004e58e91
SHA1 7b236743e9b277372390afe1b42cdf474e66df82
SHA256 f5cdd4dcd586496580b9458b85ec5df32672c49b1fab8721f6a68ca373c35c0e
SHA512 f4d7dc5b63339883be15a384d95b4038fb901db482663f51fbc42d5c2608d9d842d9e2f590d87524b63f5e079dbbb917078467f3b75b312f467ac7b16350b306

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 9aa1d6f7f9738daf0604675817510bdd
SHA1 e747a660f103af2152cef0b4de1090e9e454026e
SHA256 f539270cc5b395553ae175b06bb7ac3e99f7d45a5733dd82e87833b95bac7128
SHA512 f39bfcf8415775c3fec07a5a9459ed6ea70bc50d8cc02e92a6ae6666cbc9d7acffa46b45de9bce18f98c0f3fe4dc95e0ce87c2c5fbd044c3af9dddad87320576

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a97f35d370fa2e0d65ac895d3743e6fb
SHA1 dceb7d08b2d93633062b0e3492bbc7b6e87fd1e7
SHA256 eb582ff7d5df5133f7a765651e0d0a1def573a853564e74751d64833ea2a48ca
SHA512 3beef805318643d9a32d3f996447654fdee7052fb491e041673c2f22e1dc7692b1b0a510be3934006ec116349b158059f957088d0fe8d336f57c8645019414cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 37986274549ddc6478c47c27d1e215b1
SHA1 aba5e2b536379f8be70f5564ea6e5ff9d6c1c875
SHA256 d23ec29adaf5551abd2c42e4b9e6ce1f884beab5d46b90b365de4125ad0df143
SHA512 d06bb180475f81b814dcf8dd30edba527d347e23abbd39d5c288c43596ec5d5268a696b97f6e71c46879a4da6e48f209880decdfda08fe9fea52ef3b318b1d6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f555fb989a69833564e57f0b1db43ce4
SHA1 76f5da66373b104b06cdd2e5af971451f870bac8
SHA256 47ef1e8f8938c12104bf4d6935b9f0268f3739d4aa3eae3ec8fc0c766236d071
SHA512 e1d4f220784d16760c71d9e035d7c54fa3823da8b32abdd47ef5948d972f5b9aec72d1111b476c0735989186821060977c6606b44f9c9ddcba92a9398a99f756

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\Origins\000002.dbtmp

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7493b4a93543bd4806bffbc1a2ace3f7
SHA1 73a00a741536f8462b457d1379278d3b66b9afaa
SHA256 05bb6dc3d85692821296a92b0af49887c343a0ee8cdff1f13785b8dcb2d0fc62
SHA512 fdc10f21ddd4c12a621ad1319988be11b1d30888ed34bf1069cbe31b6aff14afd5f362680895d239e9185f2fec567810cdf110481533ca3f5579569c34913c99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c9c32745dbd156bd51015152b930a6fc
SHA1 a4e445e6c3e2d5fb9ae6055c712c88fc284cc66e
SHA256 e4c194338597a5a3b28f39b4d11caec84718aadd30174c822038ade53e82d0b1
SHA512 795ed040b136699fed5ef3fe91762168401c52d13d7df2ce9f71d9b2bec6b6182de0eb78ddb7f7f0bbd3c69e3064cdb64a640a6a2cd939ceffb1219f583a3720

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 4774203907fb8c17e13bd7d953bb6e1e
SHA1 edd7ab9ef8d0259433129e058d0ecb29e5b02c31
SHA256 79730e847de58fd51d7ec11a5cfa063dfbe62ec8f6a23bf27d5b46759dce28aa
SHA512 6059227d8c35cd66470835af04e81d5aea3ae0116b43bb18a6c47ceef6255fa5ef6688f318710cf809eb730a090cdf1e3d186e019171e24f701a25ec69c0a20a

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 aa077d261d923797043fe42367bd5fc4
SHA1 879567aa2c1980e8e71552284b78c7f7e2ce34d2
SHA256 4d725255e1c5534b3ab02cfe185eb40da3e61ad497475f944e43a73cca53ff20
SHA512 83a146cd6867d06ada964db5a9c8d61398bfdedf92b0e1ac4e801c5814301e14d0bdb80be7a1b49bcf14bd7cfe755222d9e806c64b64553d18fbc5721eba1722

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 c62f233822efa80303db0ae75912e251
SHA1 93fa2d013698faa59baaee79535bc040c0036cf9
SHA256 2cca92e70e97da165d1005bbf3a4b75c62ff78ae145cc6285782b95aa6da6059
SHA512 9aa406134398d22b20eee27de535d3644a7c0508bff8f9835ac454cb28323f4e5aa5c68754380907b77e236d5f3988786debb01c8b6ad041d58edeabb8969a02

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 6932713dfe893d0a51272277993acd3e
SHA1 be99306595b4cf178372ec02a676f7a3591ede2c
SHA256 11891734b0c1ac0146ae455d451a32e77d7571a7cc43d85e2be73ec71be68026
SHA512 51359d2e1cf93cdd4e73d605d970161fe6e957819017cfb61210a02af1c9c8a314fae949851881d4a3439071858ee8f999f00b3fae341a51bee722ea10ab74f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 9050fc9dafd85bc791b82d068c8e0566
SHA1 551f6d82954c0511bd5de9d09eeff56cf9c61afe
SHA256 bc8a453f449e733c4d00881a8798bb1dd9993413053e609c04c39dd5856e27e6
SHA512 f06feb0109f29a4ddb1e64fb31de4460bd3d30f46c816811eb41b6ee7f45be29f0b2eeb12ee3840d889736bf4982c0fb8c5a5687b7c240d5cfa6a064d350686c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3798243c3f03abec2cb7e7e437cff5b4
SHA1 c1b0f5f21c64df787019a7ff92d8a5ba0e2b3e23
SHA256 2c15221f2906fa47a444072c00894880a65ae3608ada16caf2d3edd28437cfe4
SHA512 85dcaa4135a63d2821534eb660beaa8bc1fc8adcc75b868edb15ca86f20eb6821f42428bd3e746267311487005fb614931671e4c6c0fbf43b35e16a9312c99a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 10ffc07f9219cbdb36af9002786cefaf
SHA1 13e0ca4a2816efdacbd84058bc6e950a4c22fdd6
SHA256 6a06bc13ec12dd8fcfc448c84369e56303c1f59008c07e2fd7bfeaf941690d32
SHA512 5113e48356e51877db5e1575c9dcdc0179b7fe83516207d33f247584096bc7282752f35c6e25c2efa67f139b76893c5925fc06165493dde0a317a5e9670b6d3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 87c2b09a983584b04a63f3ff44064d64
SHA1 8796d5ef1ad1196309ef582cecef3ab95db27043
SHA256 d4a4a801c412a8324a19f21511a7880815b373628e66016bc1785a5a85e0afb0
SHA512 df1f0d6f5f53306887b0b16364651bda9cdc28b8ea74b2d46b2530c6772a724422b33bbdcd7c33d724d2fd4a973e1e9dbc4b654c9c53981386c341620c337067

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0e099f956938450a_0

MD5 c303c93f4f425b3348f13ac991bca1a7
SHA1 0e47596ba92469282554d61e4899da0491b8c2ea
SHA256 a4385e8d8e06c8a39e4641bfd3842e2bf77791ed6a6354bcf7bd234a98750371
SHA512 03f63d252ce72b2509d5e3565699b00807a81a21038f111819e0af70c28fe2039d40ca3fdb74a50b4c3a81ec0aae77d7b487881e2f3d246b3bb5d908daa8c5d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\38f684b213ba5289_0

MD5 27b622a170012b2c1119e37cc86c91e9
SHA1 bfd74310c91a40104daebba1895ade4990b74672
SHA256 462206facd1e4ef7f85151545e134a347b9596ac52581a313221855e869a4464
SHA512 dedfca8c81890a23c6d76edccaa4de9d88895711157226daae0079a091e014aa3ace7a45d0c4b5adbb636b76c1649c61fe0354d6130ddfe3823c1bfbcdd927b8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8eacf690979fb5d9_0

MD5 e536f6e27e07279f55651f984a7d5bf0
SHA1 2ba0f4b9a4faa8e38f2d83ce36ec3d117e90949c
SHA256 e7f6055d088729ca87475995766f6fe1cddee12e83890dab87e510b443c434d3
SHA512 e7f8e32cef9f1b845a05338829cef81498f62793c56b6fd069506910c69502e0c974f87e07fb1cf9ede995c7e6acc244f808a535b955d06bad92311eb26174de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\68ae429aa1d289ce_0

MD5 606d58ffbe11edf31b214b24dae2af76
SHA1 af7f88b084edbcf23b4b26e3efa654efe5591861
SHA256 6d8d900d8ac91d5a67796013a37a9e552babc8a54b943125db6dd1334986554a
SHA512 80b10d5452f2325846745f968fd9284854b6eae1297ce0c1241b4d100ce45cc6eecc8c364294bcceeacc19f6d585ba3bf3790d0b7a7bbeff35c95f66658cb0f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\81af08003321d975_0

MD5 052602dd8f90ec379de121d1400bc039
SHA1 8d80c1cfa283189088635ae20e204389ebd86b37
SHA256 b501fc014995afd91ac777a182251e0f929841ab1dcea9fd170fecef52d91110
SHA512 a9166740e6e0ccfdc6d611c62f76b9e7379a8182472c045edfa2c9b7b565dfedc1f0ce2868318c2b486c78ca37e827af48c9445a77feb6d3da4a0a98007f2a64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 f482894687f21bbcab96accff18015cc
SHA1 73c3540437ab20077cec6d7860fce93b25a05e96
SHA256 0258c51ce5f399c0f9a568af1d76ade551ca4b807cd4007e039e98daaad864f3
SHA512 0b8b9e1f09314abb13585206202aa12cd36ef24a7eb8dab5d75a964ed35815d6e7abdc18f0090326a9a45b1b10fc0206f85a986cb71d139e3f19cfbacafe2ef3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 14745167f9f71a0c90cc2608a0e470a0
SHA1 bf049ff489936099e55bad9f255e36865724c36e
SHA256 315b4276007df165d5aa3e9b7957209e824d990956a56a2346313b5717e87a0e
SHA512 db81d2a2ee4674e236ea1fcca572abb82ae98e3f855897416c8abc93a08124465459f25462a308a6d6d90e883ad493333b4eb9a43285f67fa6d482a39ad94fac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 c61cb257ba75e1fe6c3687ba4ac68a0a
SHA1 d4c5be04814af250bd5ee823b295bdae9e4b3dff
SHA256 a9cd4fd5eb20c784a184ba77558208a441b24bbf3d149f3f018ea87ebfee5ac4
SHA512 2e25b1a32d17bc377b5dcc42fe21b04d515e52db286484c22b33a6da54053900bd9ddf452914f371bcc7fa5f4a727ac2e747c50f5e08e72d321ab882dfb50f5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000018

MD5 6d53dd4517b48262aab18bdc2ef3a830
SHA1 9c163a2d1fec496db66789ff4ad73b35baf576bb
SHA256 81320c19b14c74cc0f4440df9b3e1872ba364c823fb5fb25c80a8af7ef7f54f1
SHA512 c3f71f748902ca950b9eece75a4114e7ae0227028cab4440b3155f2fd3dc2bc88a50531f720383f269d05575777ff0971b2b2c362eb459e4787eeee9b3a12bdc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000016

MD5 ac865eee37f90ae36b6ba301fc4b9ab9
SHA1 e7194577cbb1502ee546622f3279f1f0ccde68dd
SHA256 21061b7ca1b915e01e941d49609b631ddfbd6f666d5f891126c604e4617fa0f7
SHA512 11d112014d159ac6941a827f5c2a39bce71e40cf78fc62b8e4cae5f3f3a00559ad2c35def3946caf1e9ca94b15f9f59d8cec57519bef9ec9c0da8772d0f3dfba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000017

MD5 e4713b907513321f56ede5e56eb5b2eb
SHA1 762316d74042a2d2bbb056fe2e58de025fbe5619
SHA256 5742afa7b6e576a449f766c5a9ab5d1a158d5f906dcb49e9178af344d16dfc96
SHA512 67cf5897841983c39b020507066e44dee26b67ae6922ef89f6db53c17f6c36d65be15e859497ff35fb21a1ce98203aa269cb7b23e08c411267250fe61d09fe0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\de579ff0-1bcb-4712-9cfd-e6db02a366a1\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 11aa367cf65fc259462fab9d1df77f19
SHA1 3b536cba122e6a4e7a9c157b155c4abd0c08d309
SHA256 693790be735aea938db7536f46d3946bf4c540de551715155ec7613dfffeecea
SHA512 06746bcde02d016e7ca813314a24d6fa39a10e6a797cd3db2facd0205c7d1f254be147ef2512316d529f169043bd0187f4107aaad02a1b26103a4535b5b7b88e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1ec04cf2067a37093f2af6b3704043a4
SHA1 f1b52585da653125ab881ec9fd6391f32758a498
SHA256 3dbb5dcdce3fc0782f6aca785d75b3a8ffaf4bbe1d0cb39bd0078d576256ad83
SHA512 fa31eeb0c80674dd99a2a4e58c7f3c85a1ad7e33d7af8007f04fb4a03da73e5459d7f937f67af9f2b6939974bdb94f986a3314884380e2c249e8c65c9617f975

C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015

MD5 5a7d844b1ad1330474af6d248986605e
SHA1 9bb9024ff81975c2f730a3ee60fef4fd17d4db88
SHA256 cfc0e20cf8ef4759ecac10ec8e182d2150323202772739580c26eee0ede627fa
SHA512 a3e5f1a49f33d787764b692175a21ae85927e41d6f3277d2273413a9583db05f5d45a27e3ee23f3ad3777a823e780dc494249c3a44e92406dbe3b3227400479a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d9780e4762b5d42b8998b258858795cb
SHA1 b6c79bd43a9017f3b4bc2ea803cb0bbbb530a2db
SHA256 105ace4b64a7a8dba137ee282441506bd56eb8bbd6b1e44267856f9166bda347
SHA512 886589f54593f1c1b25f383e8b264e91c1d36019ad99e021598786ca39ec6aa4b55e165f556da68836a52bafec7cf65c00782f92c972a546765c6bcdea1ad51e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 47072ae3163388807a1bd5b83c4560e2
SHA1 493689b0287ff754aadf69bc94dd9a42475d63ea
SHA256 4f5edffa8996e7bf2909ed1e01076897e04eb0d3f16df95427550a93e155507b
SHA512 e0fdba61758e9869a8a103c13a3d9cfc2945e6582e3c02c25dfe1806aa11dd064a3708715bd35e39cc172a5350ff94adebcb325389c08e32a6670930fd05e931

C:\Users\Admin\Downloads\simpleunlocker_release.zip.crdownload

MD5 fda8602bca41e95bec1eb1ce49663f09
SHA1 1ef9f09b6f6a466882677aed95f49de927432fa5
SHA256 dbb9e16f0f70ec6e3c758b170b40076fd969767455f6a9b55c0c9178496d8d20
SHA512 4071f2659dabff72f8c9840360b3db10712da3cb0003184a3e49b4cd9c4a6fae4f5c5967cf78d4b1e31d2be80dbb0c8480e6bfad64d58ff5a0d15cd2c0874684

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 86a08b9f55ba0065ba913e46b0629e25
SHA1 7671b28df676fb37811b29c9016891136efca904
SHA256 b419b00a4257d91a723d12e61530d7aec6ca233d81a6fe8f54951f7f30dd119a
SHA512 271cb689b4ce8d8e6ec1445878a524a76db5c638793d936ac1c0665a3bd4b557b3b5bb790ce77e14e08ba9de14460f63b96246ca0afb270131e1d62a3fa0f4cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5c1f46859f09be13df66166430a549fc
SHA1 e6a79021aa6c2e8a82e3eb1fd3ec46fa90e19a4c
SHA256 8a7f8cc8375f82078da39c71de2dad768fb9abc2391160b333e4edf4ec647eaa
SHA512 3f608e3e066fd912d1ac6623174b25122b2395e0c52f5fd138497161628e484d4cb60f5daafd8f5f979d57aee2fafd38bbb19b582b9162c0e4200091191f167d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 59182038fbef6c10228e25862581d2c6
SHA1 b7466e1113538f861f47e2aef02d2aa000795bee
SHA256 074f12b0a9a3efce545fff74a0cab41a75ee3dad5355ef8ecbfff891085a6485
SHA512 c2a75fcb6d0e65b39088c95fe334d42c59537ab9f7c9933d7e6d93d90dc70b54e9956b7afd42c8c894ceaae957b8c00700d97dc8f2b3da766a64a9e0bf3ae0e5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 971127f24dcefd557e1186d17b25788f
SHA1 cfc60b2a915fd45be1d80ffa9568da541455f1cf
SHA256 f265dd280d86fa9844edbfa61afe107e210b749f1deb1ef556baf1f3c576af0b
SHA512 b12d192f7be2b07ab951ce10712ee93a8b1bb535d9ca742b77ad3485474049876c5489deff7a422869bc7adb17170ff4d6dc4e05ca2afb3dcef8e5be9cb6c8b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 4d03aa6220d231b7a59924527cff235d
SHA1 0fdbef2fdd33087e897d115f4fbabaa168a8fd97
SHA256 f0277a016e8ce30629d9fdfa1c756d770ddd6f4fce6e6fd41908d25be696e235
SHA512 fb7304cd202fe670ae945f25da044be80b546133d91ba69d713b66f1239b6e96ffbb3a437e16b3c919b4b0f875e653ed2ff968287e402c8c260359a4bf669b44

memory/2848-1298-0x0000000000130000-0x0000000000264000-memory.dmp

memory/2848-1299-0x0000000000440000-0x0000000000486000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 beec5d315ab32fe86cf4615b7c6f01a3
SHA1 80b4b47377bf8f0535b8feffbf433973d853d46c
SHA256 35dead0b4ceb3cc8cf572fb9e3c949c69cc0f40fbc1bf1497330459e940dc8a9
SHA512 ab7930c315f33af5bbeb0a0f437b899a900da3bc157d767c681f0e3652905cc2d2423db681cdb622aa6097895eab9a4c9da16d549f28c7c45ff7240dc4a63f46

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a11561acc6ae1001e04ca6663acf38dd
SHA1 79b677041f98506240c015bd6857772833e11b84
SHA256 4af952f19a5ea0e34bd1bca81b78e510a7eef9a0a0a5a73f9d049c86e6510a58
SHA512 0223aeee97d1356c576ad7ce6396aa4c21b788a79212121c669095651f1cc17df88c9554eac0e37ed736c204e5886322fa60a8560db4fa2f6a98580dfeaf9565

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 54d670b8d60d284facdd4d47baa8c83a
SHA1 7708ff53381d55ce2a087fba590adf00f1257660
SHA256 09c2bf5bbde5000383971900910f8bc40fbd7eef25faca082ef858c9b92fb5f9
SHA512 6a51040356d9ed06e2c72eee1f21ee6f922e62279c818f17703509167892412f4321885079c9e39bde133d75bd6ebcd8d7be2a584523dbdfe95440bb4f57ea25

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\204f731c-b9c8-4ed3-a85a-6f8be102d3ac.tmp

MD5 40049ded864b3efa0b9bf1bc3ff6eda1
SHA1 d1d15dab8c9da0974f035b963391745560b6ad41
SHA256 32fbe1a742db7d942b6ab694a6f627e4ed9ab509d7d179e35861f755298ece18
SHA512 5a2f27ad41dd427726f9c24919f3fe3401a10aeff47aba2cd93ab054ad1662c47bdeed6a4ee09ac4b74a5c008a0094cf90cf8d21ed013269c9d10a2b5ef1a060

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 07ebbc974c642d5394486abeb64c87eb
SHA1 c7eac06d50045ae7c8e06244a49f014007253d77
SHA256 5ed316b163539bcb7ba877449c4dc4d11b845c4c0738ef9c1fd1b6bcf9ef5dcf
SHA512 14e224319ce36ccfb824011afe82f1aed15bfda3730a5237088212203a6b587db7b045e56548072777fa1509d17ae9e2381de3e1632a6bcd7fae3cdc98c27147

memory/1808-1363-0x0000000000B10000-0x0000000000B18000-memory.dmp

memory/1808-1364-0x00000000001F0000-0x00000000001FC000-memory.dmp

memory/1808-1365-0x0000000000210000-0x0000000000224000-memory.dmp

memory/1876-1366-0x00000000009C0000-0x00000000009C8000-memory.dmp

memory/1876-1367-0x00000000003D0000-0x00000000003E4000-memory.dmp

memory/1876-1368-0x0000000000440000-0x000000000044C000-memory.dmp

memory/332-1371-0x0000000000E90000-0x0000000000E91000-memory.dmp

memory/332-1369-0x0000000000E90000-0x0000000000E91000-memory.dmp

memory/332-1375-0x0000000002360000-0x0000000002361000-memory.dmp

memory/332-1377-0x0000000002360000-0x0000000002361000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\589b2fba-2fb2-48c6-a062-03f86efd3a44.tmp

MD5 16d8d61add8250aaa000ea357e1f0bfc
SHA1 4ffe0f5a2ca0c246cd2ec63546696f6381a8cc06
SHA256 b89650f3e0a9ffa39a5d813ec9632c9e5f0c2b05f044b806c06ce748e6529a48
SHA512 dd185559d7612dfcf3501dc0dc7d221f25f5db19df29deed07ad135fbe39e45a73009f76b70bf0eecb2cf9e8b73aa635f483d25042404e85e221969392c92663

memory/2188-1387-0x0000000000EB0000-0x0000000000EB8000-memory.dmp

memory/1640-1388-0x00000000008E0000-0x00000000008E8000-memory.dmp

memory/332-1397-0x0000000002370000-0x0000000002371000-memory.dmp

Analysis: behavioral4

Detonation Overview

Submitted

2024-06-17 16:44

Reported

2024-06-17 16:45

Platform

android-x64-20240611.1-en

Max time network

5s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral8

Detonation Overview

Submitted

2024-06-17 16:44

Reported

2024-06-17 16:45

Platform

debian9-armhf-20240611-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral9

Detonation Overview

Submitted

2024-06-17 16:44

Reported

2024-06-17 16:45

Platform

debian9-mipsbe-20240418-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-17 16:44

Reported

2024-06-17 17:02

Platform

win10v2004-20240611-en

Max time kernel

998s

Max time network

1011s

Command Line

C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\213ole.txt

Signatures

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\Desktop\MEMZ.exe N/A

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\SysWOW64\Taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\SysWOW64\Taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\SysWOW64\Taskmgr.exe N/A

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\Hardware\Description\System\CentralProcessor\0 C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\ProcessorNameString C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemFamily C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemSKU C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\Hardware\Description\System\BIOS C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" C:\Windows\explorer.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133631167077064456" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByDirection = "1" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-2#immutable1 = "Conserve energy or maximize performance by choosing how your computer manages power." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fhcpl.dll,-52#immutable1 = "File History" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\FFlags = "18874385" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\FirewallControlPanel.dll,-12122#immutable1 = "Windows Defender Firewall" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-100#immutable1 = "Recover copies of your files backed up in Windows 7" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10 C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-602#immutable1 = "Change how Windows indexes to search faster" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\DiagCpl.dll,-1#immutable1 = "Troubleshooting" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByKey:FMTID = "{00000000-0000-0000-0000-000000000000}" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\Vault.dll,-2#immutable1 = "Manage your Windows credentials." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-2#immutable1 = "Protect your PC using BitLocker Drive Encryption." C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02020202020202020202 C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\MRUListEx = ffffffff C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\IconSize = "48" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15300#immutable1 = "RemoteApp and Desktop Connections" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-102#immutable1 = "Keyboard" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\inetcpl.cpl,-4313#immutable1 = "Configure your Internet display and connection settings." C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\GroupByKey:PID = "0" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings C:\Windows\SysWOW64\control.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-10#immutable1 = "Choose which programs you want Windows to use for activities like web browsing, editing photos, sending e-mail, and playing music." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\recovery.dll,-101#immutable1 = "Recovery" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\fvecpl.dll,-1#immutable1 = "BitLocker Drive Encryption" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\timedate.cpl,-52#immutable1 = "Set the date, time, and time zone for your computer." C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2\NodeSlot = "10" C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\LogicalViewMode = "2" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\powercpl.dll,-1#immutable1 = "Power Options" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sud.dll,-1#immutable1 = "Default Programs" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\sdcpl.dll,-101#immutable1 = "Backup and Restore (Windows 7)" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-45#immutable1 = "Make your computer easier to use." C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 0100000000000000ffffffff C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-101#immutable1 = "Customize your mouse settings, such as the button configuration, double-click speed, mouse pointers, and motion speed." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\appwiz.cpl,-160#immutable1 = "Uninstall or change programs on your computer." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\autoplay.dll,-2#immutable1 = "Change default settings for CDs, DVDs, and devices so that you can automatically play music, view pictures, install software, and play games." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-2#immutable1 = "View information about your computer, and change settings for hardware, performance, and remote connections." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-300#immutable1 = "Sound" C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Vid = "{65F125E5-7BE1-4810-BA9D-D271C8432CE3}" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\telephon.cpl,-1#immutable1 = "Phone and Modem" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\telephon.cpl,-2#immutable1 = "Configure your telephone dialing rules and modem settings." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\netcenter.dll,-1#immutable1 = "Network and Sharing Center" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-5#immutable1 = "View and update your device hardware settings and driver software." C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\Shell C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings C:\Windows\SysWOW64\control.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-1#immutable1 = "Speech Recognition" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-103#immutable1 = "Customize your keyboard settings, such as the cursor blink rate and the character repeat rate." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\devmgr.dll,-4#immutable1 = "Device Manager" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\usercpl.dll,-1#immutable1 = "User Accounts" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\srchadmin.dll,-601#immutable1 = "Indexing Options" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\netcenter.dll,-2#immutable1 = "Check network status, change network settings and set preferences for sharing files and printers." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\mmsys.cpl,-301#immutable1 = "Configure your audio devices or change the sound scheme for your computer." C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\10\Shell\{DE4F0660-FA10-4B8F-A494-068B20B22307}\Mode = "6" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\Speech\SpeechUX\speechuxcpl.dll,-2#immutable1 = "Configure how speech recognition works on your computer." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\system32\colorcpl.exe,-7#immutable1 = "Change advanced color management settings for displays, scanners, and printers." C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\accessibilitycpl.dll,-10#immutable1 = "Ease of Access Center" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\systemcpl.dll,-1#immutable1 = "System" C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\2 = 14001f706806ee260aa0d7449371beb064c986830000 C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 020202020202020202 C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\RADCUI.dll,-15301#immutable1 = "Manage your RemoteApp and Desktop Connections" C:\Windows\explorer.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\ImmutableMuiCache\Strings\52C64B7E\@C:\Windows\System32\main.cpl,-100#immutable1 = "Mouse" C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-3169499791-3545231813-3156325206-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 020000000100000000000000ffffffff C:\Windows\explorer.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A
N/A N/A C:\Windows\System32\NOTEPAD.EXE N/A

Suspicious behavior: AddClipboardFormatListener

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Windows\explorer.exe N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Windows\explorer.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Program Files\VideoLAN\VLC\vlc.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Windows\SysWOW64\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Windows\system32\mmc.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A
N/A N/A C:\Users\Admin\Desktop\MEMZ.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 1748 wrote to memory of 4080 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 4080 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 1408 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3304 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3304 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 1748 wrote to memory of 3876 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\NOTEPAD.EXE

C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\213ole.txt

C:\Windows\system32\cmd.exe

"C:\Windows\system32\cmd.exe"

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x12c,0x130,0x134,0x108,0x138,0x7fff88a1ab58,0x7fff88a1ab68,0x7fff88a1ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1784 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2300 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3104 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3136 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3668 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4584 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4736 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4816 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4908 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4252 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4912 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1700 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:2

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4412 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=1324 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2308 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3032 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=4912 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=4004 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4972 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=4688 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3044 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4748 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5300 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5152 --field-trial-handle=1920,i,13761110552007408228,429567558511483908,131072 /prefetch:8

C:\Users\Admin\Desktop\MEMZ.exe

"C:\Users\Admin\Desktop\MEMZ.exe"

C:\Users\Admin\Desktop\MEMZ.exe

"C:\Users\Admin\Desktop\MEMZ.exe" /watchdog

C:\Users\Admin\Desktop\MEMZ.exe

"C:\Users\Admin\Desktop\MEMZ.exe" /watchdog

C:\Users\Admin\Desktop\MEMZ.exe

"C:\Users\Admin\Desktop\MEMZ.exe" /watchdog

C:\Users\Admin\Desktop\MEMZ.exe

"C:\Users\Admin\Desktop\MEMZ.exe" /watchdog

C:\Users\Admin\Desktop\MEMZ.exe

"C:\Users\Admin\Desktop\MEMZ.exe" /watchdog

C:\Users\Admin\Desktop\MEMZ.exe

"C:\Users\Admin\Desktop\MEMZ.exe" /main

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe" \note.txt

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=best+way+to+kill+yourself

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7fff7e0a46f8,0x7fff7e0a4708,0x7fff7e0a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2068,18021924631969394079,8652504143105808794,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2080 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2068,18021924631969394079,8652504143105808794,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2068,18021924631969394079,8652504143105808794,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2720 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,18021924631969394079,8652504143105808794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,18021924631969394079,8652504143105808794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2068,18021924631969394079,8652504143105808794,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4740 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,18021924631969394079,8652504143105808794,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2068,18021924631969394079,8652504143105808794,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+to+create+your+own+ransomware

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff7e0a46f8,0x7fff7e0a4708,0x7fff7e0a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2208,3731588363521585894,17868163959572741345,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2216 /prefetch:2

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2208,3731588363521585894,17868163959572741345,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2268 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2208,3731588363521585894,17868163959572741345,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2832 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3731588363521585894,17868163959572741345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3731588363521585894,17868163959572741345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3731588363521585894,17868163959572741345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2208,3731588363521585894,17868163959572741345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3756 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2208,3731588363521585894,17868163959572741345,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5532 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2208,3731588363521585894,17868163959572741345,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5532 /prefetch:8

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Desktop\CopyHide.bat" "

C:\Windows\System32\NOTEPAD.EXE

"C:\Windows\System32\NOTEPAD.EXE" C:\Users\Admin\Desktop\CopyHide.bat

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=how+2+remove+a+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff7e0a46f8,0x7fff7e0a4708,0x7fff7e0a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2232,1567867211813425763,8137181218720039575,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2244 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2232,1567867211813425763,8137181218720039575,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2324 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2232,1567867211813425763,8137181218720039575,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2692 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,1567867211813425763,8137181218720039575,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3252 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,1567867211813425763,8137181218720039575,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3260 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,1567867211813425763,8137181218720039575,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4828 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,1567867211813425763,8137181218720039575,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=2092 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,1567867211813425763,8137181218720039575,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5304 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2232,1567867211813425763,8137181218720039575,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5304 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,1567867211813425763,8137181218720039575,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5260 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,1567867211813425763,8137181218720039575,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5408 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,1567867211813425763,8137181218720039575,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5684 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2232,1567867211813425763,8137181218720039575,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5624 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=mcafee+vs+norton

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff7e0a46f8,0x7fff7e0a4708,0x7fff7e0a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2192,8109992223810967129,2946909198467654378,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2244 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2192,8109992223810967129,2946909198467654378,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2192,8109992223810967129,2946909198467654378,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2780 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,8109992223810967129,2946909198467654378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3340 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,8109992223810967129,2946909198467654378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3360 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,8109992223810967129,2946909198467654378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4868 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2192,8109992223810967129,2946909198467654378,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5052 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,8109992223810967129,2946909198467654378,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5420 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2192,8109992223810967129,2946909198467654378,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5420 /prefetch:8

C:\Program Files\VideoLAN\VLC\vlc.exe

"C:\Program Files\VideoLAN\VLC\vlc.exe" --started-from-file "C:\Users\Admin\Desktop\DisconnectNew.mpg"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=skrillex+scay+onster+an+nice+sprites+midi

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff7e0a46f8,0x7fff7e0a4708,0x7fff7e0a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2196,6613326199037329487,14600039823761244556,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2208 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2196,6613326199037329487,14600039823761244556,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2260 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2196,6613326199037329487,14600039823761244556,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3016 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6613326199037329487,14600039823761244556,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3080 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6613326199037329487,14600039823761244556,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6613326199037329487,14600039823761244556,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4832 /prefetch:1

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x590 0x58c

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2196,6613326199037329487,14600039823761244556,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4352 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2196,6613326199037329487,14600039823761244556,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5316 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2196,6613326199037329487,14600039823761244556,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5316 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=minecraft+hax+download+no+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7fff7e0a46f8,0x7fff7e0a4708,0x7fff7e0a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2252 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2304 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2828 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3204 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4052 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3504 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5268 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5268 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5416 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5016 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3760 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5700 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3916 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5676 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3428 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6152 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5852 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6264 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6328 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2228,1726104720195750446,7582876725829424560,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6332 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff88a1ab58,0x7fff88a1ab68,0x7fff88a1ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1688 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1812 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2156 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3096 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3128 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4392 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3944 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3628 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=half+life+3+release+date

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff7e0a46f8,0x7fff7e0a4708,0x7fff7e0a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2160 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2212 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3068 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3100 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3216 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4744 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4988 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4756 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3764 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4824 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3264 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:1

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4980 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:1

C:\Windows\SysWOW64\mmc.exe

"C:\Windows\System32\mmc.exe"

C:\Windows\system32\mmc.exe

"C:\Windows\system32\mmc.exe"

C:\Windows\SysWOW64\notepad.exe

"C:\Windows\System32\notepad.exe"

C:\Windows\SysWOW64\control.exe

"C:\Windows\System32\control.exe"

C:\Windows\explorer.exe

C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE

"C:\Program Files\Microsoft Office\root\Office16\EXCEL.EXE"

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=minecraft+hax+download+no+virus

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff7e0a46f8,0x7fff7e0a4708,0x7fff7e0a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4268 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3604 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5916 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5916 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6060 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5152 /prefetch:1

C:\Windows\SysWOW64\control.exe

"C:\Windows\System32\control.exe"

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=3176 --field-trial-handle=2040,i,6505076531718770142,5790156433274098981,131072 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAQAAAAAAAAAAAAAAAAAABgAAAEAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1816 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument http://google.co.ck/search?q=is+illuminati+real

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fff7e0a46f8,0x7fff7e0a4708,0x7fff7e0a4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5488 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2148,6238249028170203552,4368489695839242912,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=6176 /prefetch:1

C:\Windows\SysWOW64\Taskmgr.exe

"C:\Windows\System32\Taskmgr.exe"

C:\Windows\SysWOW64\Taskmgr.exe

"C:\Windows\System32\Taskmgr.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
US 8.8.8.8:53 237.197.79.204.in-addr.arpa udp
BE 23.41.178.51:443 www.bing.com tcp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 51.178.41.23.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 24.139.73.23.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
US 8.8.8.8:53 144.107.17.2.in-addr.arpa udp
US 8.8.8.8:53 31.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 174.117.168.52.in-addr.arpa udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
N/A 224.0.0.251:5353 udp
GB 142.250.187.206:443 clients2.google.com udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
GB 142.250.187.206:443 clients2.google.com tcp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.187.238:443 consent.google.com tcp
US 8.8.8.8:53 195.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 accounts.server.lan udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 3.69.250.142.in-addr.arpa udp
US 8.8.8.8:53 cxcs.microsoft.net udp
BE 88.221.83.192:443 www.bing.com tcp
BE 104.68.66.114:443 cxcs.microsoft.net tcp
US 8.8.8.8:53 192.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 114.66.68.104.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com tcp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
GB 142.250.178.14:443 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
GB 172.217.16.225:443 lh5.googleusercontent.com udp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 id.google.com udp
DE 142.250.186.67:443 id.google.com tcp
US 8.8.8.8:53 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 172.217.169.86:443 i.ytimg.com tcp
US 8.8.8.8:53 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com udp
US 8.8.8.8:53 67.186.250.142.in-addr.arpa udp
US 8.8.8.8:53 86.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 2.200.250.142.in-addr.arpa udp
GB 172.217.169.86:443 i.ytimg.com udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 static.doubleclick.net udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
GB 172.217.169.2:443 googleads.g.doubleclick.net tcp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 172.217.169.10:443 jnn-pa.googleapis.com tcp
GB 172.217.169.2:443 googleads.g.doubleclick.net udp
GB 172.217.169.10:443 jnn-pa.googleapis.com udp
US 8.8.8.8:53 2.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 6.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 10.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
GB 142.250.180.14:443 encrypted-tbn2.gstatic.com tcp
US 8.8.8.8:53 www.c-sharpcorner.com udp
US 172.67.25.219:443 www.c-sharpcorner.com tcp
GB 142.250.180.14:443 encrypted-tbn2.gstatic.com udp
US 8.8.8.8:53 219.25.67.172.in-addr.arpa udp
US 8.8.8.8:53 14.180.250.142.in-addr.arpa udp
US 172.67.25.219:443 www.c-sharpcorner.com udp
US 8.8.8.8:53 www.ezojs.com udp
US 8.8.8.8:53 static.cloudflareinsights.com udp
US 104.16.80.73:443 static.cloudflareinsights.com tcp
US 172.67.170.144:443 www.ezojs.com tcp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 104.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 73.80.16.104.in-addr.arpa udp
US 8.8.8.8:53 144.170.67.172.in-addr.arpa udp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 region1.analytics.google.com udp
US 8.8.8.8:53 stats.g.doubleclick.net udp
US 8.8.8.8:53 www.google.co.uk udp
FR 35.181.89.222:443 g.ezoic.net tcp
BE 108.177.15.156:443 stats.g.doubleclick.net tcp
GB 142.250.200.3:443 www.google.co.uk tcp
US 216.239.34.36:443 region1.analytics.google.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 service.c-sharpcorner.com udp
US 8.8.8.8:53 www.clarity.ms udp
US 8.8.8.8:53 the.gatekeeperconsent.com udp
US 104.22.20.247:443 service.c-sharpcorner.com tcp
US 104.22.20.247:443 service.c-sharpcorner.com tcp
US 172.67.199.186:443 the.gatekeeperconsent.com tcp
US 13.107.246.64:443 www.clarity.ms tcp
US 8.8.8.8:53 g.ezodn.com udp
US 8.8.8.8:53 go.ezodn.com udp
US 8.8.8.8:53 privacy.gatekeeperconsent.com udp
US 104.21.87.79:443 g.ezodn.com tcp
US 188.114.97.2:443 go.ezodn.com tcp
US 188.114.97.2:443 go.ezodn.com tcp
US 188.114.97.2:443 go.ezodn.com tcp
US 188.114.97.2:443 go.ezodn.com tcp
US 188.114.97.2:443 go.ezodn.com tcp
US 172.67.199.186:443 privacy.gatekeeperconsent.com tcp
US 188.114.97.2:443 go.ezodn.com udp
US 172.67.199.186:443 privacy.gatekeeperconsent.com udp
US 172.67.199.186:443 privacy.gatekeeperconsent.com udp
US 172.67.199.186:443 privacy.gatekeeperconsent.com udp
US 104.22.20.247:443 service.c-sharpcorner.com udp
US 8.8.8.8:53 x.clarity.ms udp
US 8.8.8.8:53 c.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
IE 68.219.88.97:443 c.clarity.ms tcp
US 8.8.8.8:53 222.89.181.35.in-addr.arpa udp
US 8.8.8.8:53 3.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 156.15.177.108.in-addr.arpa udp
US 8.8.8.8:53 36.34.239.216.in-addr.arpa udp
US 8.8.8.8:53 247.20.22.104.in-addr.arpa udp
US 8.8.8.8:53 186.199.67.172.in-addr.arpa udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 79.87.21.104.in-addr.arpa udp
US 8.8.8.8:53 97.88.219.68.in-addr.arpa udp
US 8.8.8.8:53 2.97.114.188.in-addr.arpa udp
US 8.8.8.8:53 c.bing.com udp
US 204.79.197.237:443 c.bing.com tcp
US 8.8.8.8:53 119.190.114.20.in-addr.arpa udp
US 8.8.8.8:53 encrypted-vtbn0.gstatic.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
DE 142.250.186.67:443 id.google.com udp
US 8.8.8.8:53 www.trustedantiviruscompare.com udp
US 174.138.119.38:443 www.trustedantiviruscompare.com tcp
US 8.8.8.8:53 226.179.250.142.in-addr.arpa udp
US 174.138.119.38:443 www.trustedantiviruscompare.com tcp
US 8.8.8.8:53 38.119.138.174.in-addr.arpa udp
US 174.138.119.38:443 www.trustedantiviruscompare.com tcp
US 174.138.119.38:443 www.trustedantiviruscompare.com tcp
US 174.138.119.38:443 www.trustedantiviruscompare.com tcp
US 174.138.119.38:443 www.trustedantiviruscompare.com tcp
US 174.138.119.38:443 www.trustedantiviruscompare.com tcp
GB 142.250.200.3:443 www.google.co.uk udp
GB 172.217.169.86:443 i.ytimg.com udp
GB 172.217.169.10:443 content-autofill.googleapis.com udp
GB 172.217.169.46:443 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 154.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 185.199.109.154:443 github.githubassets.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.113.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 22.113.82.140.in-addr.arpa udp
US 8.8.8.8:53 codeload.github.com udp
GB 20.26.156.216:443 codeload.github.com tcp
US 8.8.8.8:53 216.156.26.20.in-addr.arpa udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 x.clarity.ms udp
US 20.114.190.119:443 x.clarity.ms tcp
US 8.8.8.8:53 google.co.ck udp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 216.58.213.3:80 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
US 8.8.8.8:53 nav.smartscreen.msiserver.lan udp
US 8.8.8.8:53 0.159.190.20.in-addr.arpa udp
GB 172.217.169.46:443 play.google.com tcp
US 8.8.8.8:53 arc.srv.lan udp
US 8.8.8.8:53 edge.msiserver.lan udp
US 8.8.8.8:53 accounts.server.lan udp
US 142.250.69.3:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 e2c2.gcp.gvt2.com udp
HK 34.92.53.177:443 e2c2.gcp.gvt2.com tcp
HK 34.92.53.177:443 e2c2.gcp.gvt2.com tcp
US 8.8.8.8:53 consent.google.co.ck udp
GB 216.58.201.110:443 consent.google.co.ck tcp
US 8.8.8.8:53 177.53.92.34.in-addr.arpa udp
US 8.8.8.8:53 110.201.58.216.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 g.ezoic.net udp
US 8.8.8.8:53 api.github.com udp
US 216.239.34.36:443 region1.analytics.google.com udp
GB 142.250.200.3:443 www.google.co.uk udp
US 20.114.190.119:443 x.clarity.ms tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
US 8.8.8.8:53 nav.smartscreen.msiserver.lan udp
GB 216.58.213.3:80 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 id.google.co.ck udp
GB 142.250.179.227:443 id.google.co.ck tcp
US 8.8.8.8:53 227.179.250.142.in-addr.arpa udp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 172.217.169.46:443 play.google.com udp
GB 142.250.187.206:443 www.youtube.com tcp
GB 172.217.169.86:443 i.ytimg.com udp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
GB 216.58.213.6:443 static.doubleclick.net tcp
GB 172.217.169.10:443 content-autofill.googleapis.com tcp
GB 172.217.169.10:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 adservice.google.co.ck udp
GB 172.217.16.226:443 adservice.google.co.ck tcp
GB 172.217.16.226:443 adservice.google.co.ck tcp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 arc.srv.lan udp
US 8.8.8.8:53 edge.msiserver.lan udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
US 8.8.8.8:53 nav.smartscreen.msiserver.lan udp
GB 216.58.213.3:443 beacons3.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.227:443 id.google.co.ck udp
GB 142.250.187.196:443 www.google.com tcp
GB 172.217.169.86:443 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 142.250.187.206:443 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com tcp
GB 172.217.169.46:443 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 172.217.169.10:443 content-autofill.googleapis.com udp
GB 172.217.169.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 arc.srv.lan udp
US 8.8.8.8:53 edge.msiserver.lan udp
US 8.8.8.8:53 ntp.srv.lan udp
US 8.8.8.8:53 waa-pa.clients6.google.com udp
GB 142.250.200.10:443 waa-pa.clients6.google.com tcp
GB 142.250.200.10:443 waa-pa.clients6.google.com udp
US 8.8.8.8:53 10.200.250.142.in-addr.arpa udp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
US 8.8.8.8:53 nav.smartscreen.msiserver.lan udp
GB 216.58.213.3:443 beacons3.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 172.217.169.86:443 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 172.217.16.226:443 adservice.google.co.ck tcp
GB 142.250.187.206:443 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com tcp
GB 172.217.169.46:443 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 172.217.169.10:443 content-autofill.googleapis.com udp
GB 172.217.169.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 arc.srv.lan udp
US 8.8.8.8:53 edge.msiserver.lan udp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
US 8.8.8.8:53 nav.smartscreen.msiserver.lan udp
GB 216.58.213.3:80 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 172.217.169.86:443 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 142.250.187.206:443 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com tcp
GB 172.217.169.46:443 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 172.217.169.10:443 content-autofill.googleapis.com udp
GB 172.217.169.10:443 content-autofill.googleapis.com tcp
GB 172.217.16.226:443 adservice.google.co.ck tcp
US 8.8.8.8:53 ogs.google.co.ck udp
GB 142.250.187.238:443 ogs.google.co.ck tcp
US 8.8.8.8:53 arc.srv.lan udp
US 8.8.8.8:53 edge.msiserver.lan udp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 3.169.217.172.in-addr.arpa udp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
US 8.8.8.8:53 nav.smartscreen.msiserver.lan udp
GB 216.58.213.3:443 beacons3.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 226.187.250.142.in-addr.arpa udp
GB 172.217.169.86:443 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 172.217.16.226:443 adservice.google.co.ck tcp
GB 142.250.180.14:443 encrypted-vtbn0.gstatic.com tcp
GB 142.250.187.206:443 www.youtube.com udp
GB 142.250.187.206:443 www.youtube.com tcp
GB 172.217.169.46:443 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 172.217.169.10:443 content-autofill.googleapis.com udp
GB 172.217.169.10:443 content-autofill.googleapis.com tcp
GB 172.217.169.46:443 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
US 8.8.8.8:53 arc.srv.lan udp
US 8.8.8.8:53 edge.msiserver.lan udp
GB 142.250.200.10:443 waa-pa.clients6.google.com udp
GB 142.250.200.10:443 waa-pa.clients6.google.com tcp
US 8.8.8.8:53 nav.smartscreen.msiserver.lan udp
US 8.8.8.8:53 rr1---sn-aigl6nze.googlevideo.com udp
GB 74.125.168.134:443 rr1---sn-aigl6nze.googlevideo.com tcp
GB 74.125.168.134:443 rr1---sn-aigl6nze.googlevideo.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 rr1---sn-aigl6nl7.googlevideo.com udp
GB 173.194.183.198:443 rr1---sn-aigl6nl7.googlevideo.com udp
NL 142.250.27.84:443 accounts.google.com tcp
US 8.8.8.8:53 134.168.125.74.in-addr.arpa udp
NL 142.250.27.84:443 accounts.google.com udp
US 8.8.8.8:53 edge.msiserver.lan udp
US 8.8.8.8:53 198.183.194.173.in-addr.arpa udp
US 8.8.8.8:53 84.27.250.142.in-addr.arpa udp
US 8.8.8.8:53 rr5---sn-q4flrnes.googlevideo.com udp
US 173.194.191.170:443 rr5---sn-q4flrnes.googlevideo.com udp
GB 216.58.213.6:443 static.doubleclick.net udp
US 8.8.8.8:53 170.191.194.173.in-addr.arpa udp
US 8.8.8.8:53 ntp.srv.lan udp
US 8.8.8.8:53 yt3.ggpht.com udp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
GB 142.250.180.1:443 yt3.ggpht.com tcp
US 8.8.8.8:53 www.google.co.uk udp
GB 142.250.200.3:443 www.google.co.uk tcp
US 8.8.8.8:53 1.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 accounts.server.lan udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 172.217.169.46:443 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 142.250.187.228:80 google.co.ck tcp
GB 142.250.187.228:80 google.co.ck tcp
US 8.8.8.8:53 nav.smartscreen.msiserver.lan udp
GB 216.58.213.3:80 beacons3.gvt2.com tcp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.206:443 clients2.google.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 142.250.187.206:443 clients2.google.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
GB 172.217.169.86:443 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 172.217.16.226:443 adservice.google.co.ck tcp
GB 142.250.187.206:443 clients2.google.com udp
GB 142.250.187.206:443 clients2.google.com tcp
GB 172.217.169.46:443 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 172.217.169.10:443 content-autofill.googleapis.com udp
GB 172.217.169.10:443 content-autofill.googleapis.com tcp
GB 142.250.200.10:443 waa-pa.clients6.google.com udp
GB 142.250.200.10:443 waa-pa.clients6.google.com tcp
US 8.8.8.8:53 accounts.server.lan udp
GB 172.217.169.46:443 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 142.250.187.196:443 www.google.com udp
GB 172.217.169.86:443 i.ytimg.com udp
GB 172.217.169.86:443 i.ytimg.com tcp
GB 172.217.169.10:443 content-autofill.googleapis.com udp
GB 172.217.169.10:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 accounts.server.lan udp
US 8.8.8.8:53 img.youtube.com udp
GB 216.58.201.110:443 img.youtube.com tcp
US 8.8.8.8:53 update.msiservers.lan udp
US 8.8.8.8:53 ogs.google.com udp
GB 142.250.187.238:443 ogs.google.com tcp
GB 172.217.169.3:443 ssl.gstatic.com tcp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
US 108.177.122.94:443 beacons.gcp.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
US 8.8.8.8:53 94.122.177.108.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 97.32.109.52.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.228:80 google.co.ck tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
US 8.8.8.8:53 nav.smartscreen.msiserver.lan udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 www.youtube.com udp
GB 216.58.201.110:443 www.youtube.com udp
GB 172.217.169.46:443 www.youtube.com udp
US 8.8.8.8:53 i.ytimg.com udp
GB 216.58.204.86:443 i.ytimg.com udp
US 8.8.8.8:53 jnn-pa.googleapis.com udp
US 8.8.8.8:53 86.204.58.216.in-addr.arpa udp
US 108.177.122.94:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 arc.srv.lan udp
US 8.8.8.8:53 edge.msiserver.lan udp
US 8.8.8.8:53 1.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 ntp.srv.lan udp
US 8.8.8.8:53 nav.smartscreen.msiserver.lan udp
GB 142.250.200.10:443 jnn-pa.googleapis.com udp
GB 142.250.180.14:443 www.youtube.com udp
US 8.8.8.8:53 accounts.server.lan udp
US 8.8.8.8:53 nav.smartscreen.msiserver.lan udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.200.10:443 jnn-pa.googleapis.com udp
GB 142.250.200.10:443 jnn-pa.googleapis.com tcp
US 8.8.8.8:53 edge.msiserver.lan udp
US 108.177.122.94:443 beacons.gcp.gvt2.com udp
GB 216.58.201.110:443 www.youtube.com udp

Files

\??\pipe\crashpad_1748_TQDEVNLHVTAISVHD

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 64e6beb20a568cab79805505db2957cf
SHA1 e1ef7c5a138f41fa17fa215359bea6d28d3f1648
SHA256 a6d99df051d4f7c2c8809562bea61bd90c5a8240b4f5272a5070abefa9efa260
SHA512 8d75386d2dc90111fe1802862cfd66e9381cdde746d42c4046c60d699f35994eff4d1fac2f644235d21b02e56e819927ad41e3f7da837bff22a79424c2b3dd05

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 23d5437dd043cc8ded724a7f0fb3e62f
SHA1 57c2b3619e427dae6148cc903d96ced8bcfaeb72
SHA256 a24e4ca3cb4bed07db25fd633e2e2db4b1d6da0fb6ca4b63138746bf30fbe84f
SHA512 3f2e01d6c5ad63033a3acc24fcb4ac20e8f9c552d3d2456379020753c5d11161090b10623ac0c85a6bb713cdb3c28dfe80f96fa3f4b0e05892484ff9a0b5bbd3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 e040190cd51d88e4b575f7aca6943de9
SHA1 f974f1b7ea1eac6a8b0be3137c1e42e5b73393e8
SHA256 649b48879ba02ab6ed391de8192969e8ebf95cbbc494e44b1529e12c0f7c9d7f
SHA512 617194cbc74e4870af1baa1006301c07bc77bd1347eb252cfc0e38fdf9054f47bb78b0d7def616efbf4d68a886a760be8ac262a7a82848072035ff84dec1bb3d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 d1bc37ae1ed352857d6cbca16b7dfd40
SHA1 7fba5bc14349052dac1479a91ac6a89a0f451d86
SHA256 c508360715f607738d803a7ca0cfc9912b1bcaa977f776a8bc94450ef577240a
SHA512 a2072ee34a032b7e9acee43f1adf2676cc2ef9cab697876dbbe84d0d7c0d98f8939b728e3fcb7cf16d0b2e09d9926b56c75cec7469d9ca48f2088cbf429aabda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9e2146be14907eb36970d160ff09a832
SHA1 4c54fc4f6c0de6e977f9459edd62adaa820b3167
SHA256 75ac72e107c03530f401a85c61de2db34fa2519ac802764bdd6180f9b8d79d7a
SHA512 90a6f3adc5bee059dd93623cfa003e6aa2f6b27ee1f4be78eae934dbe95c32b17a71415c503c2d1806f350af70f91a670201a96191e1f87e56da228fb6c0a2eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c000a16401682d47d97f0713a3a6884d
SHA1 bf7d6523f3af90007008d1f9f871948e5c8cffdf
SHA256 08431d24fcbde5b89759171bc28668f429f4e4b72949148e1b1d85e1c91d409b
SHA512 b2a2f3180e03b2a0f9de65a212e9189d4fd4142c299c799cf412a8e03d0e421d97b69e5018d2db0d44e03b7d2c9597c0f7fca232b6db1d926654012b77911f37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2ff8287252e24c0cb6852d2071aa22fd
SHA1 a48a589fe06c48cda71f2bd29a5c409115050c20
SHA256 1fc63a2e837b6721ccf2e06a613accfcfd23884cc712fad3400a224d4b6a1903
SHA512 3cc533305953f6574e8df0c8f896aa418e74c52d2402baae959963422781dc4ae2c0a10eaf2e91aa727f6cf979ff1bf10f9affe6099197fb82c5b4779ea0adcd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 077fd87ffb81e66c9c8fe6a276934e39
SHA1 9dc58ef9e8aae6b2a593ae3a75f63c08384ca639
SHA256 3d44ad57bd27f4a95f1a652ba6b5f80ebc93e1f3957574d31f7678ecfa784086
SHA512 84c11400e2a2612441a522e85bea6124c89fcee9b5adbd1e6eb4748c68dde8513d9f4c97cf902db64cb66977565686f170ede2324bd475f7019da9bc4d153f83

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 50e387a1e238ddaac93ff133ec36861d
SHA1 ea0818ffe13be8c809f03e74923bcec949f27341
SHA256 0d8eebb595649b063d343aecdecc5c420a597c5465bd191b10ae7da1d0d2bc37
SHA512 1990099c1da214fe574578ecb0acbd51fa3f97116c96180702ea2f16bfe32d4c7b9392d760e9ae688391682c1c98a830e79550ecf9fd81d9bc64556ba0a7224e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 bc042d51256388b5e4a0fbd5009057aa
SHA1 fbbbecc82f9916f0c67b959cbd4f89477808bd8f
SHA256 5e78cfe3a28b4680035b36cf4c5cd9449e1eacf73116a45ab4d71330d68ff6ef
SHA512 46d4413c112bfbad18abff9c0793dc1c5410eed3f4f475ed6cc2322b4842896522aa458a661a2f99268d235194e3fd77c843756fc20f56fc76a0fafa206f41eb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 49eb77fe5c726e0b525800c97e5c90ef
SHA1 d9c63ea002c42305b7fab72e5478e92a5692e2d9
SHA256 9af582f8a753d76d387a8e2d29a8b31e245ce79bfe19bd925b65c5e404adc4a5
SHA512 25938b500bd38653d48bd7e51ce7ca0b2cdb422d65100f7bd1a3d0f57f34eb0a6a4f86662530c4e448eee2a8f271f98b5d96e2ba82925ced2ebd38b6fcac7c15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 94275bde03760c160b707ba8806ef545
SHA1 aad8d87b0796de7baca00ab000b2b12a26427859
SHA256 c58cb79fa4a9ade48ed821dd9f98957b0adfda7c2d267e3d07951c2d371aa968
SHA512 2aabd49bc9f0ed3a5c690773f48a92dbbbd60264090a0db2fe0f166f8c20c767a74d1e1d7cc6a46c34cfbd1587ddb565e791d494cd0d2ca375ab8cc11cd8f930

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe6063a0.TMP

MD5 e7b16b677ff117ba70f57fc47b08619b
SHA1 74575def2c32a992023830da5e78827c99082b1e
SHA256 f5444a7eaea30e4b18a2c889543ab592d889f5903cad4f0944fa9be683c1acee
SHA512 2db7c9a0820e81dcdd53188ac3afa62486ad2783d5ff68072c7f47866584a6af4797d8234fae5a730d5a46d611ef9b646c644a0475cc6c2cf8a738e2cdd65b9b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 52ba5fb344b68df43eb98edcd9cb8719
SHA1 788f2ebea9acf140817d1ead4c0ded3a6cb582af
SHA256 65efc535c24c6948db4d735479bc32b8e973133270159d760212239ec3dc11bb
SHA512 0829cd0b80c63248731e92d97b7c10007b858976bb118e5e09374ae5301d63e92eef9cac2bdceb2d03481f2508b2848950c5b9c70489f4aac702e032ede18cb3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 34dc8899b632ba2598ab6e1f0dd8b959
SHA1 d3e21b45582f4f71839b685b2b9a9ba2a263e44e
SHA256 a3e4b4bf28ccb9a1f9ef06625de9fbf2ba2f01b8db30e69075c114e7141d7d7c
SHA512 d6b7eb8248d84476a5b1ad63383b89cf2d4c90a530306e234c41efc919dfbb7baca5240c5622eb50db6b9bef19ee7fc90a184e530823a747f399caa7a89db823

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1044514c24722a28da54be2aad6adb91
SHA1 22b1a8443884c8d31661cdee6f46e4a47b708fcd
SHA256 c14f5fdb9f8d63e713167c343e3be78edc9a7e159b28552435b2e923fe1908ab
SHA512 ed03c7f506e3c23469d33379b8ecc0dd368eec197d976a67eb9078f10010c9f63313f39d6d2a12526f69d2a85d2df88d201bfa966372f8a5f71bfabd36c0772e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 15d2fd69459198a84739cfc44628f003
SHA1 e38874befa512363a19f76d7b6e0e4a0a7d2c88f
SHA256 4eb6b298ddb8d213b1b6307788abbb7baa0302807643eaf74a1fbd19ddbf4bfe
SHA512 25dad6e0e70cf5def08d6050ba1066a8c8996dc88c02a35f476ca5684362f260c32bc706e4a686ce355220b640aa2906b390df8682d074b7271eec19727379a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe60bf1e.TMP

MD5 a38c8bca0357cff92b1a9af84c30b3e5
SHA1 b62251412cc8ca4b592c1d1fba7e16e7b2dbcb43
SHA256 bc455c785eb61806a2ad0a6ec09e5416875e9b9f5b3ec47bd51cb0649f65a41c
SHA512 602dcfda31c094ec81593480b260b6a9e94f6722b3291c06b34a5c0afdf26d5df351788472e8780574e52093328ff502f603a695d8e68e790758af5d1911615a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 633db206d310dd808d080fd7f2bf6910
SHA1 3369757d1fb7b176b397d67ad7d59315a5136fe7
SHA256 9813c0e199a4891767f88ddc6ca828c4c59243087e146ab118437c07c78ddbae
SHA512 a354995c655bfed6d47f4e86e8f1781ee1820219e464b586dbc76ae9e90f803e3cc59e3f3052bb19d2b75a0c291c1d334a1c78f44294e37fa9f0a92b25bd9365

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 42fd922c1b618917ac0816be0f153c53
SHA1 0fae3202295436a7b4549a59667f62f231df123e
SHA256 ea197419a7049d564b20d128719e092322245551fc9d7528f6a75b4d91fb9aab
SHA512 f487f0456d42a5907cb7edd324be5c630f0d6bb2a614033330c7c25a4435d547f555f611c73846bddf3d2ad245a95e8bef7d5b86e21ddd25b8709925720e9b96

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 1e259d0493dff83f2a292a696ad45ad6
SHA1 02d45e6367ca25d645ef905f82b44ade26d0baa9
SHA256 07a0546e9e850348df152a5d94c30c3c27453b52ab6b8d14b582e669c42bb2f0
SHA512 750118a4c88fa708c0fc9aec78cbd5db2e08bdd8ee7e40c0e32cf92628a39eb374a23ddc112319e974c8510f869e46cbcb0b4cdaa68e6e074b8b7f71b0348b8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 688105bc247983d3158ad6358f93e835
SHA1 1dc76708a314d671e08fed42f03a4f6466bf671d
SHA256 810f3d9f269549e50585d8426b60e7f28bbe8ad593bf71714dcfc64a3f597d6e
SHA512 ff4958967ef6f79cec3ff9b8bb1fc5cd92e188ddafebf94a7a7894f54b3cd6cabd34df26c40dfda2ca4cc1018efac1b3e69e66ed4ecce1a9c5781066fd6a6d9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 aa12ea792026e66caab5841d4d0b9bab
SHA1 47beeba1239050999e8c98ded40f02ce82a78d3f
SHA256 65fe153a832452e97f5d484440a7047e314d3a83cb61ad2508fed48a820e1de1
SHA512 0b2b1bb8851c60c9d4ab1d039b990a4de5799c97c50b45f64e36a21849c14e785f69196f674ac225b1419d7f501338054074cab6203d041361a4fa1ed8802b27

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

MD5 8b88de907e824bdc06113592b428d7d2
SHA1 8f7acc150e994fe6ef625b63630c477ae3913114
SHA256 a00c2e44214de4213a91a36cc6d3b63ff61c1666654fc7c6c8b17afc9da8ceb6
SHA512 ca274a9e860e84caeb96564580ee767c967f9cd4ae7afb1ea332b33de67875ed5aff278ec424c0a047f2a678ba0e4d6ed772168cb9052092c49c51e0bd9009e4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

MD5 6d53dd4517b48262aab18bdc2ef3a830
SHA1 9c163a2d1fec496db66789ff4ad73b35baf576bb
SHA256 81320c19b14c74cc0f4440df9b3e1872ba364c823fb5fb25c80a8af7ef7f54f1
SHA512 c3f71f748902ca950b9eece75a4114e7ae0227028cab4440b3155f2fd3dc2bc88a50531f720383f269d05575777ff0971b2b2c362eb459e4787eeee9b3a12bdc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 14745167f9f71a0c90cc2608a0e470a0
SHA1 bf049ff489936099e55bad9f255e36865724c36e
SHA256 315b4276007df165d5aa3e9b7957209e824d990956a56a2346313b5717e87a0e
SHA512 db81d2a2ee4674e236ea1fcca572abb82ae98e3f855897416c8abc93a08124465459f25462a308a6d6d90e883ad493333b4eb9a43285f67fa6d482a39ad94fac

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

MD5 c61cb257ba75e1fe6c3687ba4ac68a0a
SHA1 d4c5be04814af250bd5ee823b295bdae9e4b3dff
SHA256 a9cd4fd5eb20c784a184ba77558208a441b24bbf3d149f3f018ea87ebfee5ac4
SHA512 2e25b1a32d17bc377b5dcc42fe21b04d515e52db286484c22b33a6da54053900bd9ddf452914f371bcc7fa5f4a727ac2e747c50f5e08e72d321ab882dfb50f5b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 973332f2d7cfd0b71ca2e9c5a23ceb9c
SHA1 876c1cdd4f5ae0037a36baab1908689e4ed48598
SHA256 9b85dd2931fbf9bd58def59a71b41e5d1ef894e8941659030bc3f226a2ad3ae3
SHA512 c8dc6650d840835e77f217d28d59385f1cb2e0fe9d3b9ac5acc3032cad0dc2c100d5c32a87891989fe5284fa9592badf755e156b100859a0bdf4d2a3a087bd61

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fe22a21b262f912ccaacfdabd94ee95e
SHA1 3ba6c172612f95610f04e7407f40382cc805d42e
SHA256 b7d024cca79ccb727c41b16374fdb824fd8821443f3397ec178dc353a7c8b904
SHA512 265c4ca64f7dec022c4c06b98d9711283729cb3096fa33a683dc4a4263bfd732390d0d53d7ca80534fa54d9dffdcfba66cf015d81a8fc31db3d298e7536c1ea7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 4055fdf6c24d0e1378122577116689a1
SHA1 29165f42fd250b6fd6be1c367133bb44b2490497
SHA256 00a359ad5f4e5245bd6fca4c3b19f754fe3f7a33d5c7b26632f4d4cea95eb560
SHA512 7aabf0c773047c1f12d27e409c93a4172ae75b7f6438ea568408fba1569b04597c9f4902242e90307f75a60160993a4d4212440698f9c10989dd42048e25fe8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000019

MD5 fed2a9d59ee36c35403692ab6de88b9c
SHA1 944b7087b899ae65695cb8133f4739b40ac38e8d
SHA256 aa8a8da1474df0555df4fcd261ce91bc3ca53011bb35da196ab9168c6c416a01
SHA512 5cbc5b9fb3dc468b1cbace7a96977b4cbd04182a9c764a752769cab153602b5d407ca66de82e8bc448d6e17d2a297b6664fb8b082ea4dd6cb472f2cbab751d57

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001c

MD5 fe595d87988ffd97cb63978a7149baff
SHA1 86ea25dbebfbc3cb03702efc02fe6b6c7c42e824
SHA256 edf823d3465a5a6436cee1ea0f267b0fb0c2e9cca63199a570b213bbd260f8c6
SHA512 fe41673a42ae666d14b4507196763886c2a597c03fc628cf455a166683a41f6695a9342d99bd4956a774630ca7ecfe92e0a60dcec2d9a07d7196107eb7dce870

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 3dda883b89b1f31dd1e8e0be2d4250e9
SHA1 ff69000e8307afcb2b4db7d6117b47975f9de06a
SHA256 e60268695e6c66a62ad318850e45954bb22d21f2ae62fe9f0c5490dcb1e69f9b
SHA512 25176c5acc9cf658129508ccc1b7fc8e93777cc59a404caf06a0e0eeb7c10b5276923aa51d56a99ebfd45d9f05b16f598794fb31ea0aa39565770b3c3b8c8c43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

MD5 ac865eee37f90ae36b6ba301fc4b9ab9
SHA1 e7194577cbb1502ee546622f3279f1f0ccde68dd
SHA256 21061b7ca1b915e01e941d49609b631ddfbd6f666d5f891126c604e4617fa0f7
SHA512 11d112014d159ac6941a827f5c2a39bce71e40cf78fc62b8e4cae5f3f3a00559ad2c35def3946caf1e9ca94b15f9f59d8cec57519bef9ec9c0da8772d0f3dfba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001e

MD5 e4713b907513321f56ede5e56eb5b2eb
SHA1 762316d74042a2d2bbb056fe2e58de025fbe5619
SHA256 5742afa7b6e576a449f766c5a9ab5d1a158d5f906dcb49e9178af344d16dfc96
SHA512 67cf5897841983c39b020507066e44dee26b67ae6922ef89f6db53c17f6c36d65be15e859497ff35fb21a1ce98203aa269cb7b23e08c411267250fe61d09fe0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001f

MD5 dbd9dd191e9564d7d74aea80a980c271
SHA1 9f6a0448d1e8b7c5f3ae3c4d7cb2deaafe506b60
SHA256 930da1c4342c2b2b291575e9f17636bdca069a0402c2eb01c0209be785be4069
SHA512 2c4927383d659c68f480191829947d7899fb442c100507c65b9751a06a94a5218fe2c370a4dcefa51e377283445d915cfdbd29f41ada7309b122666d9c1bbff4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 0b933adfbd24d473da429e50e440f8df
SHA1 7f4d87d7dab04a59a8ef2b1752a4662b18b4bfb8
SHA256 ab2b4ec74d72e1b37ccdfb1d867277e77055f1af360d6a2179c9fa95474be6b6
SHA512 0dd6f944b7b4cd726fb52ee739ffe1a5279e535c9ff8a8ca490450fd9f9346ac48eb609002fb55f8fe11ffdb48535e5607309a34bd3d628c9882295dab2f68ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001

MD5 3fd11ff447c1ee23538dc4d9724427a3
SHA1 1335e6f71cc4e3cf7025233523b4760f8893e9c9
SHA256 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed
SHA512 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c2df6b6e5ee2cfa0f36d32697d27d828
SHA1 36660b1997df47eca14edc21337a565ad3b9cdb6
SHA256 d54f2cd0fb41b11f12869998ca2c907c4aa679fdd4cfeb43487df2c7420875e1
SHA512 36b18e5f437f861f9d7c19e7d7a2cb80c1c4ed7456970cde8b277622def7641835b0de8a8c1f931908800f47853c6b00818d4836fa4d9ecb949d652917fcde54

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8f997734776b936950831e7d6724ab99
SHA1 ef5f7264aa3f4731932af69f3f29cae7824972a0
SHA256 e031b7038472f46c1bf349b867773847a463ac289af5425dabe1f3e0d505202b
SHA512 63b84fa6620a89defdb17dcfd5357c83a5cd1d894b1f638881003665a105f5f5036ab2a8a914778f2b14af324b6e3039011af7764753b7004e1a35b8498cceaf

C:\Users\Admin\Downloads\MEMZ-virus-main.zip

MD5 a043dc5c624d091f7c2600dd18b300b7
SHA1 4682f79dabfc6da05441e2b6d820382ff02b4c58
SHA256 0acffde0f952b44d500cf2689d6c9ab87e66ac7fa29a51f3c3e36a43ea5e694a
SHA512 ee4f691a6c7b6c047bca49723b65e5980a8f83cbbc129ddfd578b855430b78acf3d0e461238739cd64c8a5c9071fe132c10da3ac28085fc978b6a19ee1ca3313

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f75d35b51ac1cd401345544e41443ea8
SHA1 7781b8182e9850c3ef596ea6185f9a8502d88986
SHA256 b8d47d9ac8f694285f6234b3d2e426767098a94442c488e5e519a08aec374af6
SHA512 89d9104a06445c9bcfa257c1d42a7163dab6ef13d4b40ad7b0fac80abd4a4ad1f9cd1217b6e3829b77424e5fb0609d031f295fc01554891cebf6649fa3343d86

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 3c85a63dc9bff047b2e454be03b51d1a
SHA1 de0a29bc4597e19fc66a369e8389171301f0b44e
SHA256 835756dd8b915fa4967bddd90a558a9fa061693875848807cbc52811e1bb0b66
SHA512 68ed723060e1db5bb419d268ef02145862d8c4fadfe820a74e14c4c96413bb07406f71f3f047286d382da1056be52bc726b6d37280cd84e1b09779040e6dcd38

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cb70155980d43cd4c0c9d291854fee65
SHA1 3420456de1d1d78e9e57f2a612d36ec736ebc87a
SHA256 8100422623fedbc6c251e4c29409a5eaf56192012a6668234877f6385a8b724c
SHA512 87e4fa4f198ea913bee9ff0ae01a9e1eea5a0ca11aee6e2060f35b917399ce2dd92dec7640df115afd5316ba144175b849e9b6da853d5dd1d8df858ae9342b4d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 36f8af610c8825203e8adcaebc3b8896
SHA1 0d6ddbb7d2d944f4fd28c6de060b9ae083b307c2
SHA256 6c5a7bdb71c6a917efba6d0c8682ddfbd51e7f683fd033a9bf43eac2de9d6ac7
SHA512 c06fc5ee31b46c8ced4a91045dd71beddf41e4194dba795d20c306874ce7ecfa4c6aa2a9dbbdebcfb4152f8f2dbdb739357e91d837cbcceefa3f7256d69789ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 176b7da5d555e7220d35d7f95311ef17
SHA1 add0b96889aa178fbc0a9d3c7286a6d2b2735068
SHA256 8cca078fd040fe8cbcf226b1db9a0d5a1db3e07949715fb4a03c7c1f2ba1f4fb
SHA512 1d6be2be735b4e47dd56f2da009c6aac76221148d3101d0a935086ed4475076d14cc2fe1e9da61757eac3958f6ebd8c0978ad3b433db655029ae4b1c6b14b839

C:\note.txt

MD5 afa6955439b8d516721231029fb9ca1b
SHA1 087a043cc123c0c0df2ffadcf8e71e3ac86bbae9
SHA256 8e9f20f6864c66576536c0b866c6ffdcf11397db67fe120e972e244c3c022270
SHA512 5da21a31fbc4e8250dffed30f66b896bdf007ac91948140334fe36a3f010e1bac3e70a07e9f3eb9da8633189091fd5cadcabbaacd3e01da0fe7ae28a11b3dddf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b4a74bc775caf3de7fc9cde3c30ce482
SHA1 c6ed3161390e5493f71182a6cb98d51c9063775d
SHA256 dfad4e020a946f85523604816a0a9781091ee4669c870db2cabab027f8b6f280
SHA512 55578e254444a645f455ea38480c9e02599ebf9522c32aca50ff37aad33976db30e663d35ebe31ff0ecafb4007362261716f756b3a0d67ac3937ca62ff10e25f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 c5abc082d9d9307e797b7e89a2f755f4
SHA1 54c442690a8727f1d3453b6452198d3ec4ec13df
SHA256 a055d69c6aba59e97e632d118b7960a5fdfbe35cfdfaa0de14f194fc6f874716
SHA512 ad765cddbf89472988de5356db5e0ee254ca3475491c6034fba1897c373702ab7cfa4bd21662ab862eebb48a757c3eb86b1f8ed58629751f71863822a59cd26c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7ae6102e4b057218b09aed6bcbb68672
SHA1 cc4dd81d8e7e7a6e9c54bcea94c7fea9d56c85cf
SHA256 0834fe3bfa3cd4d2ea19233d1a07fce73d3e3ee5bd003b855e74c59eac2da40e
SHA512 c52b7401150ff2b2d9001b5dc623ed20db2baacb8e9b5f7b873f9494838040caa831af22c3c758e14d5d03e4d79087763bce1398090e161bf8dd70c99c458cc7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\000001.dbtmp

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 76d81a67d1105b67ce7a4ef5c0d6b246
SHA1 3d6e4f880da48a272b313e9ece9cfca145d6a275
SHA256 6609d6349f30d91e445c429fb169dcef98ee938272f7c6c85705526a9d2480f0
SHA512 c526983bf7aaa8abf75e68f08767bf2a4493492d199e36f82a174ab5b97cb30c7d0b527535a93c2a95f1cdcb42cd0a1eb574332bf5d997f484534a7565b91036

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 f338ea4ed0648620aaa46a4dc872dd31
SHA1 ed509ce264da4474ae1ca9c1bf454e88682bcded
SHA256 8e64f463659f9a9985c37da0d33f3fb81324107ded5340ba889b067fbe614efe
SHA512 a065145bdbfd90917bf6c2d8d6a934ae0e1bdc9f936149dfd5caa79f49e0f02c09207276d7d5f84ba525be3a4c30f353b05af42046253f8b985be87d1724ee0c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 70fada9aee50b19ea7d93ee95196d9e7
SHA1 b4869a4cc95025b85a6fa7cd1e0e4878edd0951e
SHA256 d0d600d171de3d76ea1d39d5bab559247e3030ab10e8a6742d775e6b1ffa20f6
SHA512 f1da82e0a7e95273f426ba1613e6920d0ee65659b808987b1e323193cb23bf19361a3fd923e1ef2a1c318d59f5c9984d42a584cc0042b60c0e6c5b28aa67a00c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 459e476d39a1811ede2153f95cca6862
SHA1 e39eab5d82147d3f602f044c265f421fb1ef66b0
SHA256 b1a264c6785d29fc7289de800d7fac0e46898eb4c19e3d300674c5e67ea9cbb3
SHA512 2b896eb726a8e24b3b5d864162913f182aa20fa2d88348f24abfd1aa06cb5e4c3be4852700a80f5a0c5836371ec3f19bb1e3efc2636edc5f335c11144b2b7f68

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 29884c4502e2293572a5f28be2d6ed6b
SHA1 17d765465ede3af83021bb0f08ca8eb4d812431e
SHA256 e65881fd3a8806a340ba08534f97b51a92fe1facb19ae42ce984bb3d6cd024a5
SHA512 065c063d3f0a5893127226370f16d6e4f679f96d1d3102d284487cad5597729cc0abbb27d3c547425d5a62be81c5efbf6f9ede1a0e90cf0ee941f1d28c348223

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 41efc98c490b6e1792a863cf5db0ce4f
SHA1 743a3532a023f9614888775fced6122dcd4842fb
SHA256 e8ef5709cbefec9072e5f7c41137e3706f20ede146631ae01177a0e54e1fd0c6
SHA512 db02ac20e674e611c81a8d442b4a41faf9b5abe1a04b4d448ae7302c6c170865855fe696d3ff0ced7463b81a2af4efccf0af01a48654c77b3a012b56348c83dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 95474155fd345fef203a1a68125a2122
SHA1 338489dd1deaed23415461f81d4f9760ab34822f
SHA256 0f76d8f540ca60da945a31fb014daad0e7e27b6f65eaa0f7832e8011bdc1349d
SHA512 2162338ea457e23fcd29113834ab6e6e110c566125189b5cb31f765c6837491558425deb6b97513f6696cbbf930f54ffe71d7f3325eb1bffc74bafc18bb72e53

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 21b56e339ba83771ff2864474a2bc50b
SHA1 1a6ba567f5257f251d5ba321b9e93295cd23b670
SHA256 70ca47a6ef2404bf8c72e84e659f989f1b083e838f5a13d2b9eaa237399b642d
SHA512 68698524b394f8fd7223369d77669fb41834d2ac667760a008a82bcb85616350d2b2f2efe1cec4b447547feac57f09368c88d0e864f3ca5aab4915d53003244b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 07c2573d3a539e4dae45b830516596df
SHA1 1694bfa3a603a6b669bf17833a9c404314a2f1ee
SHA256 c56065c9df9096b9ded39c0f28de108477afd528f7c03e23b3aa0a95af64ef99
SHA512 d3829bf2476fdef150626e2e7ccf890d1aac40f2e3b3d64e3d153a3cad48b1a5bb309e411c5a10259b28613f4d24036c201365fd2ada96e79b13e5d05a0bfa75

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e499022a05ef94b5d33f765c960b365d
SHA1 4e79f4987a3031a37f173aaec338cd9f2f4c93e8
SHA256 f9ae42f62e602bfb0bf01fe1df9a1816311335413fca2160f45d6e1866de9a26
SHA512 edfcab9027c4dc2a88523e27830876494fd3a43e5f8961314d2155367d9afb266c4dba758ddad22c1efa1c1d0bfdeb468f56b5d564fa223eb51e67c83a85539c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

MD5 5bd468cfbf882f4be3bab5bcbefdbb68
SHA1 3009b957a5daad1f3967f888ac2f391292a886fc
SHA256 78d4fc56d5561d52c5bf61c0a80499c267a4b4f1f4b2383d80cc4a5a8281588b
SHA512 5890c58fddc60b93cc139e7037eb94356332930b781cfe946ce6624f4ff2bc4bfe3d00a75177d487f8bccbb024441f0a9dcda0ad86c3ebeedeb623cee1a6e6b7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 22ced4ea1bf911482686cfdb2b591a71
SHA1 bcbb4ba82e91a06df5d74f6d00c6bcf43bd95192
SHA256 75304ecc721681b4cb859aace304cd67a37f39f6239de71879f76da3d705c925
SHA512 13f952089d25766aafbf1442c221ca34a6dd32786e5d10a2297034a9a964e59fd47c004558d7c5970b05bb956c70dd96bf02801a3a3e930881f72cdf303483f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

MD5 838a7b32aefb618130392bc7d006aa2e
SHA1 5159e0f18c9e68f0e75e2239875aa994847b8290
SHA256 ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa
SHA512 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\000003.log

MD5 5485c97d4cccfe2d7de983926d2c5914
SHA1 9cebd136f8de176128d4d51d60a09b049e5835d7
SHA256 21fe1667f702de85f7201c26263d06484991bb1dbc075ac69d93c5bb9cbfa4c3
SHA512 ac50f7507a76a7c43ead377d055c6241f995d2379bdcff41065cdaa829be217560e63cda89240894029e00a6cb2c701ac9355a1fe20106f117f3d554eddcd542

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13363117010627492

MD5 d30aaca05d853aee3c5af40c9dac9007
SHA1 2cb0d195721095c9a997e8b09e947d341d58f84d
SHA256 5a1d7295135f7d34d2b9d519478e7ab7d5ea48af73e7ccf43bbc6e32ce12679d
SHA512 ae1879af83765ec01dea458018399bec5d490e2c4dec2a3878141bdee0720bf4038beed6ba848ae8768b85b52786da70f0d124fd35e04d81e7ce841c77a6bab7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

MD5 1d21753b8cf5dcd0650ad0e5ad0e7cf5
SHA1 86d338545c3824696c0f83faf773a2038bfb2193
SHA256 66b3e31e9b843ca420fa0a90c86d54626d0a36955a03d4919df6ca8104ed73cc
SHA512 bb2cd35e00f34edbb05cdffb1a74084c445a2a517125edb1532a1beaa317b2ed28a0a228bf5f863bbec6ec6348ec91ac9e740035c44f32eb03192d382040e955

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

MD5 a4b6acd6217f137ab2c68e27ffc539a3
SHA1 92e9987deea4de41cad5258f093af400858ae671
SHA256 ef8b77a4da8500ff1773197a176351b8894b88e640a8d034c04b205451028e5e
SHA512 a1cadf7cdf6f933033aaab9f82076a9fe717e770a4faf44e57832f63dc842bd5b2f2f4c1faa0f1cb34434ffad375700277a39c5975e9931d8495b1cc40e19632

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 3d1ee7c537a9b7b8b43f7446567d7a75
SHA1 c879f1a95651c27e99ac3789fe1c28a4088d2372
SHA256 cd0c5fb888cf75a8f3b509b58b62ff80602061dbf2e43cfa600e85173f96fe79
SHA512 f2250cdfdcde2d54054b8e442ac8fe6a6c77b4f72a1f9eea47340304b00c22ad888c7c46e3fa4c47781a55c8b905c033fc919db9cb216efea5e969029aebc3b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\000003.log

MD5 ac7022d524169fa7cbc8b52094335e29
SHA1 61b6edebf1b26db8617b5499375e821627375763
SHA256 8a2645a7c18cc031e3ac070fcbfdff98587ec3af5bd291d0724538f0b26770e0
SHA512 af19bbd61489b153bb299a5b2480af492c30acbafef3e6b833cffe4db63b8485b084047a405f7ef6df39fa82f5d95d6f72a3626514d848d1cc1fadaec521f2f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cookies

MD5 138172b95364b3871a18096ea9c37fd9
SHA1 42a28d8fe8502d6f5b7637483c21748eee17aa72
SHA256 caa077c25308f2747f74878dd13d780180fdb8957c4cb229f882269b68f0453d
SHA512 e20ff6d7338fb04a82c8432fecbdcdfa017476b9c99dc409c7090fcdfbe67a02c6b789633ef786efb5dd9610a231489681ba36d9b4751233072da23941059207

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

MD5 0e445987a6f08ff416897f063e76fda3
SHA1 7bd5f36c29c0751e200caa88ef9ce1204d9fe52e
SHA256 2b5df92d24cf08f68d521295d38c4c72ba187d015f3e729dcf36b31b5a89124b
SHA512 e287dcd584f4f6ec1c031b6fc5d634e32937299d0bb87422604fa5c448c889a9d5e6e747e05edef18ccfa68826d3dbb6e6cade6494fd91264b2e3c23e4a48bf2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\b6e2f2d9-a5e2-4fae-9992-29ba694a8597.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

MD5 dc1f19c42c3a1d991e71ebbf9f6bba03
SHA1 bd04ad7605a2e423f8fbc7f43b3e56125eca33c2
SHA256 784ebbc0f869c51b5cd7841960e6e3d76b744bd1aca5fdac93eb63299fea05df
SHA512 987240d17f892f07709e00d0ad67e918943bce34914fdfaf346c41ec7854b5896a9db4837cf2e29f22009451a4f5d39e8912b3fe9945b2b3dc5c0da9d8a62cf5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0b5149d6398bef6870dd436ed6249705
SHA1 cbac86b7c38edd6abc899636d62ffbfc3ccfc903
SHA256 0c2add27759b5d5166ea5a8e7495a841ad9a83709d5f521492acc673bdb70488
SHA512 06631d0f3510ae03047b938476e6e4e65d8eab7e8fafafb7db0fedf739a63ce404f488c65e9ed71eeec1ffb4cfacca5845250ac56e9b064660980f70fb983f7d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

MD5 7ef67dd52af4709f57b89c78963335f9
SHA1 7142c363de320c35d5ef3605015e66997a9b4d93
SHA256 f77691d46bf50bbfbbe48285d99d6f179e7fb1ca1afc275802cd68def8f43b21
SHA512 a098dce5a45d03324e963c3b3a92050a6f5c996464f88b6e105e920f555e0fd5f9a90260bb6422804f1b5e19e725a9567e6f980c8a4dfc0aebbd99d729d55d77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

MD5 d1de19596db72e47afa249988db903cf
SHA1 f566153b0c17f6e248a4e1b3b71d429f9bcf1127
SHA256 3be8091541f3efbb1b63cd99133595e05adbbaeaf67f88583aff57ef396c5b9d
SHA512 1e9135dcbbb4aba07462b9c55a9abf6d08ffccc0d5082523bf00b88e1966b753026d0d8891d0db2adf6202866d0ddb8520ef9d3b04b410ff2180934a48121d6f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

MD5 ff788109468a3917e6e3d9c7fb83e710
SHA1 75a6da00b2bf6e961e6c7d95c82153b109be421c
SHA256 83baf10cb9b0a26440f5b4365ba03d321745eb7a502a7c371eaa8300ae8c59d3
SHA512 62a0e43bb5be410a77923da433d0905576f9d2271ba51255a28f03563cf6220da9b879cebc4d4a32da905464f78a2e6750a6825218c44ea95fd0f2a775426208

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

MD5 c7d3ea49eac9c2e68786f6c5116b617b
SHA1 dee4a715276888fdf6dcfe8d79bb3d76b3217dcf
SHA256 06b1c414833e0050fc858c2d0e77c02ae763b5d063eb6dbb0b3e20e714b32276
SHA512 02e7f11c8095adbcabdd047b7798bffc91b40222254af38274ccb90cb4f9e2182681e000bdd2f96b64b680c81fe639373b65ee261711372a85f28ef77f78db29

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

MD5 d23908397cc0975bd91d3ffbf0b74f57
SHA1 ff43a8daabbdb17d2a503fca0b963a7100d07a7c
SHA256 c68f76c32f9e62456e4104820be4e4e0bd3b5b20f74364311369d55784fa87c0
SHA512 31d701b6410653635b331a21481ef1de08e4e271f2c46a4df9d20b97d35f59710b63bdd1f29dc3fc55bae788c204d4035331c3bcbd243913b3728ce0ca5c036a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

MD5 a413ef21daadf67bcf49bfdfff30b70c
SHA1 c15e7806b8fbe81b8389520372762b10b3336cdb
SHA256 83f32d3e1bee0375d3fecd775c3271d7578e5033e6fe1f30b5bf7c4ba6f45317
SHA512 5227c10b8c47c171682b7ce49f193a058f1673039efc72ee6aff2c66d469494ab78d21d0e4d23d461dd05263a14c73825a96b8079aa90ee50fc84ed3a59a7e2b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

MD5 e6a715572e5e638d9668fe665f4f41ca
SHA1 b28ba4d21088c4cf430566fec4ff31d546283ebc
SHA256 992592341991033f44f648c477608bf12766295be2e4607c7f29e33c3d6b230a
SHA512 4b25bb585ddebf52138f487de9378160e5be2966dc3a76f1cbd1be18ba36f614079c10be7f020f26770a5848dc2170db4b21fa9de330b4b2707bb207f56abf8b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Favicons

MD5 d67f9e94d973f7858ff8c52be8be1e49
SHA1 cb42ca0fdb6d99379f72033e4588a5930edaf1f7
SHA256 61c3550650015911a029a88b331c45523e04d3da96a47f6dc5add8e6ce115a39
SHA512 399d812d362b2b97ceae58d44cb00807bb91501a51a27b9658f5a80ffcc328fd3753a31c4382618460f8860ffc422f4b6d19be443a2ed07508434847fe8a57b9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

MD5 9318018de6bb83624b0911c82f00f42d
SHA1 d4120403192ef18046e3f8929e23ba6255ac7171
SHA256 33033d6e4a11f3947b5feabf9fd2011cfb36a08d3e827b42095872e1569efaa7
SHA512 cb1ec1fca90aba6b079630a9ac37ddbe0c5b11fa9744a86dd4e9303e90e793d719effa7c31a1c6357a19da315b30eff80d3bfc1b9833e6892051e754a7b91239

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 2892eee3e20e19a9ba77be6913508a54
SHA1 7c4ef82faa28393c739c517d706ac6919a8ffc49
SHA256 4f110831bb434c728a6895190323d159df6d531be8c4bb7109864eeb7c989ff2
SHA512 b13a336db33299ab3405e13811e3ed9e5a18542e5d835f2b7130a6ff4c22f74272002fc43e7d9f94ac3aa6a4d53518f87f25d90c29e0d286b6470667ea9336ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe627104.TMP

MD5 f4865f1aeb541360c914d2508d3c47a7
SHA1 929520ce8b99b68f3566086fddd955513f72068f
SHA256 6c93a63055f9ce86e41393118fe7599588c53916741cf816658288eecd386e48
SHA512 8f4fce89e563644730138755a8c7afaf4725c7c5666ca11db0f8c689c22ac47b355936db74a72e3238c553ae2434d5e3df66ee3df60f9cc34b66fca7f52e4753

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 39b315d4a6539b0d3b0480d777a1dd23
SHA1 62964eaf9418cc3731e1e822d67d61a2bc9a39f9
SHA256 4dfac9ba08ddd312a9b1d7d8fb7aa50cc3f4219cd134c23d43606b1e1eaa61cf
SHA512 a2e97d46df6eca47dd38b7f576c31310f8ccb529c1d575f325bc1dcaa5d6a263b8beee79ca9c2e7220707f46b122b375b62414d3d7b5fdc4d503d01dce56ca83

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 f65a230177571d0d3ec0293f3d921b2f
SHA1 b570f2becdbce04d45c7d4ff58494df1d111d153
SHA256 96fcc4fb178e43cd378c03b75a0f8db2e4398f9c8c1e3d76f981cb685f2a7ddb
SHA512 46242edf0fe82ed241152d71d162cf3b1465f57f6b8f8b8a054fc0b40b8ed37de77b2223617d467b4939452ee31d519e1eb1ad02b0a40100e94f4a7396f5f515

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ab881a7f55efcecbebf99a53e8965405
SHA1 a2fdf0501ca020abfd11fd61535e4761ae9ee8bf
SHA256 518ec670ffae0cb265d48b6bc5ef434479954174fa54da0b59b14e9ca87f9770
SHA512 661acc83f09081ba436a39103ae7fbecb95ab2fe14697a2a11cb23d70df7d904d63422e6c092b5141c99c508b559b0c39fdc25ade3ded72d649b2f899986ea84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 fe6217c119ccdeeee8f71bc1eacbf54a
SHA1 2ace45d04e53cb71dd5472112ab29434c7cce3f9
SHA256 7644740c747bd706005ddcd0ee809e27b536469e24d9f0ef18f997d0147203e7
SHA512 4dc1c51f7d9f1fc1b1e15b13a6e9d20e2ed6947bbbd910d06ef0e55ce23343ca8324d889232daa88028d32d0e0a403546abe7d17b7f16bb62d8f4ebbd0f12883

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 eced0f20f1a8774d6649f6d4bebf961a
SHA1 2f9549ad52802baaa21ef0510efe3986797af7ad
SHA256 b2426f10a551d7e343eb0a589a303d2966e7b1d1abc5201515e74bd27ba7f5c8
SHA512 e0f5eb8b6d761b1dc7116b5d7a3392868e894414cf4353cc3392a1dd9c2ac56e96369fd7d315b9aed9f37b75bfb9945f7ccb4a74f8cc4514ac86c559c8adb550

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 6e87a33c286e1bf507f1d16c50064e29
SHA1 aa28da19d2f521c9c89a9a0359c266ba7730f9d1
SHA256 0ccbcc49ec5858b84acbd0f0551f6853ffbdbcebd65c072bc322368fca071a11
SHA512 e292be7f783674474ea146df295a74d3e195d3734b71cab90ebf0008f4cbfdc9cc7a67b548045419bf6eaedfe8f54cad7d03afcc9e08331a94277c5caf4c8e46

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 0a06c690d1208c1b725295d4023063ed
SHA1 c64331a508eaf5a3cee206f2d125cfaee6e60fcb
SHA256 25df23bd951b15b1261669d0959817b458bf12378281dd668a0e33d49f8b98cc
SHA512 46dbeeecebf947aeb529b71c63f38c2b9e888f5be49b7169f9f803232779e74006a709f04d3e71bc8d72fe22b8b2fc76b0ff964cd669200c4e84758535de424f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 571732a7941fe74bc0647d369f66b5eb
SHA1 492bdd42ccbb54cbf4ffb7dd9212f4edce7a9364
SHA256 ddf218610abd9884af5e14f3d884c38e452c8b90bb381d58a25172eb4943b4a5
SHA512 3888b287d3a3369b6aa9c0a69f8c8d3835ff514f69044a08ae4414613881b0935519918ee3d8af9b3e2af26e450675d716607e84cb0c199279d64318f95b3066

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\50f04b80-7738-4492-bb8f-a717b9ff7f2b\index

MD5 54cb446f628b2ea4a5bce5769910512e
SHA1 c27ca848427fe87f5cf4d0e0e3cd57151b0d820d
SHA256 fbcfe23a2ecb82b7100c50811691dde0a33aa3da8d176be9882a9db485dc0f2d
SHA512 8f6ed2e91aed9bd415789b1dbe591e7eab29f3f1b48fdfa5e864d7bf4ae554acc5d82b4097a770dabc228523253623e4296c5023cf48252e1b94382c43123cb0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 dbe6abf9fde113c99b368c69f1d7033e
SHA1 fa4cd3baff00c412168b8dde939ad1086ffe867b
SHA256 c91d57b811bd3e19bea84e96e0ca431758d48cae2163b9be2dcc2b7729a477ed
SHA512 8595200c5040134518c1d4b647a709c614713a2ea1e302478f4ff094b3df7b0533d7379559bf712635034f3ef246fcb9e0b3c76db160024067e958d459dc78d5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8273904684e5a1c3bea1b6928de6c9b3
SHA1 fe5b3c26c329a6d293905dbed1764261ae2e7bab
SHA256 9fedec4ddd5a7ba6f06734c4625cc7d25d29af3bc90ed9c73eb12abe05e30702
SHA512 90b0af86fc0071ac17828ef29795b3f5f1dc41cdfc8bb5ea0d82131cb54bc850622f40bcfff06470be6ae4f5d3a5f27d3ab746db0343f2aa05324c8b0e01d2cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f75878c28a27a4108dd041d7a956ccb8
SHA1 ff9387606e3d0d9baedf0d76e728f231c1ecacaf
SHA256 d206fd2ae9cf660bb3a4b53bf08784650b53a380dfee7ff48272f97daff91c40
SHA512 e98ae00adb1a1e81ce956d81d4739b3c62f13df130cc53f5f6a2a3db554d666a5154aed9746fea2e17410ce52ddacecdd731d35a78734157345078e3f028f2a5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 d6582d3e614947932c0df4467486d6ba
SHA1 0c4aca1455f5a67e4270fbff530d1ec7e62c579c
SHA256 b6cebfa632e7c344915ba3860b37e9b3aa0036a14d2bbb0dbf9a239d2366b135
SHA512 6a75e3b89de2893af03c0513bbef8e179949f41e33f48ee61eb4492f4b22b51fc80ce05658e6649d6fba5eb91f4bcc9d4972873fde1c10ccfb303545d9f58cd1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 d4427c1c34b3a5a5382548206a663810
SHA1 f9142629a4b8915e39f580cc245d79961c7feeb0
SHA256 7be7779be7ba0621f42202127fc0a8fefc7d0ae560ffd1ce9648b9947e6ef81b
SHA512 c18960fc4db032d32fc4804976addd068ccc9145117bee14197ada7eebd505d317397ab5c98f1e3bbfa3ca6801044010385d8c9d420570ea60615813bc582d33

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 010724764331d1b10a95c7427956d488
SHA1 d0a75e37c39894cdfcb282dd08ba0bababa2f3b0
SHA256 19b2c52500f2cbc0bedc7cc92b46a699f3c4ce37d59ebc1d8be2e0225cf1dfab
SHA512 f4dce4986d6a00ff45606c8c55b69a628d68383e726981f44c53f04c80f7f43f876fa7a05b8c1da108011c7ab9d9f4f3515cb487348ceed6b9894529fcd9a561

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 50b777a141e9802a56a8da417644ab5c
SHA1 8f8035ffb7963a34ee3e9a8d50280ae8427f7662
SHA256 07031bef43d8bc1ca5e4d6736a2143e4101f21e113f2d1e6c250ed3c5bf1de43
SHA512 059408f80f28c59f1f92f4325f1f3e806e2d1f83b3dd0c2f69a49c63a9727e32a01caa0d2d970c1cc2d89e8b8fd2a3226db60b0049161eccf875e2abf40fa390

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000019

MD5 88dec0560e50bc7e4df58cddd8b8bb33
SHA1 8ea6cb26c90bc485a46839528159de407c8d927c
SHA256 d2d30d4e6ccc677bf0bca75c98bc36686d4558a0756794c1009c7361d71d01c6
SHA512 96723e1ecb66910639d6540df8a46d04a75ab3697b78d451d12efd9b41c1f70869bb56037b307d06c729c8821ee5ec60a5bbe7c82dbc9caf6844ea037c0ef86c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 45f3b2a3c0f29e021a6bf996babe835a
SHA1 3b5da45f832711f2f973bc2bfa6430d3ce9e2276
SHA256 aa5a40f933270a414ffed20ce3910b88846c1592671ec8a563153591295c7c6a
SHA512 596153a48b07d160541079a290318f26b5f20a80d5088637a2268e60241fdfe39986df55f85fea478876b13739745ba9471d0cdb3792527e4a145c75b1979744

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 589c49f8a8e18ec6998a7a30b4958ebc
SHA1 cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e
SHA256 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8
SHA512 e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 e888919199b5fd5ee7103e4ee0983474
SHA1 dac883293e3b5bf0df59a3059ee67d5cfe2bb92c
SHA256 79484b9f1e273567686ac0f175121d5db7a5cc99310f38374721030fa27a5a58
SHA512 5194f593bd5b9abb88934f6984e5f83aeabc9d86a1f1102e0364988f93d5ff0e63833c42d8a19014c516c6cb850d88ed79877e7ce65c6a02b8310914bdb612d8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ab243eb9ed1fc90c97c3b1a68ab8c1f4
SHA1 4f82b2fae30aead2f9d4b9328072889b4b31b29d
SHA256 3f632db4810f6f6029eaaa6796f261b4e0fdc586f7fc296e8545ba7fc55e01a1
SHA512 c4be1b63198b915e07c08d1e60cb3459f1928553415debb10d2e325ed0620e50dcdc79a393976b582b2d5956b89a705e276a589722593f04acb241ef441319bc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 66f3208cc7fb4a9e580daa76be8b8319
SHA1 b5e4aa4097bd501afa4a8c49ee7384295cb92850
SHA256 a5e7d8038764586758068918f0209b5ba9f87702c65003c5cdc6365a691b3a98
SHA512 414505ed94a47b637f5256f8d53f53f8dc9089d82483f20024f4ecb26ec36fcd5282ccb1475859bea86f5691e52544570eadf960451b8ab7c86df3a18f15b820

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 648164a4ec7a939761476a3fcba886bc
SHA1 fe2c6f90560c8d104899c2d8c44a4d5fc1bd0f0d
SHA256 1698f28742af03f156a03598b74449fa967643974d6a81aa86d5dbd06e21ce1b
SHA512 efb57972504460457deef18488e42379fdc139e15f624b1cdf00e40e9597473904dfe33ab7184241ffb780f0400de5db0c54084ce2eecda84852c632c433b8d3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 53a4e71e121dbdfb603ab0418b64e1c1
SHA1 3433685dd142572f354dec915fdcde8b3c0d1afc
SHA256 4529ccca46895aa8a36400469486025f36db2c8c33cdf4c0cdfe1ca98b33d5bb
SHA512 3aad06072440313cb7cfb91d42ca547adfe6513b7b269305004e37d608afedac9f587236960c718be1367bc104cf362d2ef678784e8bd9ebdc8cf1b59b823bf0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 c02a138e69f0f854df9b2c6ddbad1919
SHA1 20d8f2271b1515501c6fd5aa1d3092bc6b43478b
SHA256 505fbaa2f4549b7283a059475a4fdde8bacca86a0d980ec29fcea506b380e9d5
SHA512 fe33add3f143ad223d13b8799357f0b29c5224a1b31e2073999d11f389db199d1082e40f271b4a9996a232a349a0118e71abbb7c9264dcdf0e25a4e0ace1b003

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6328616ee9105845b224a6b6937abef3
SHA1 2054acf6cd24e229472ce4e15d93123f867e6141
SHA256 7fac55b79b43cd795be43eda5f13b80f09be987865d8e71b243ffebcd2b42a2f
SHA512 582982e110af17d09b0f049326909f071bed1cd2a702781259d54514379f852a6b32665eae4bf271bd3fa68f845f18fdcb6fa80d7a7c348a87934a3f755dce75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_000023

MD5 41c76d4c516e66d2dfb2f96a0b70c4b4
SHA1 beb84c78cb324bf3ab3bd2a6ff9af46a0dc72341
SHA256 6b060936781a848a453022f4d691a969a9e13e7e839864d800666214e65c8975
SHA512 4326c78336a67afc56c57c09a8a9cdd324814aabf6d35423f5d0919036b1cf813b30c56940a0a65a4f9c3991f1833bdb64ae8e855683cdd65ea240567cdbd1bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b821f8de83f15baaeba9376d86b1209f
SHA1 107792e891a6bdbf890938dd5f66a1838dde611e
SHA256 bd1867b0ce3d970cd1e208b1acf360a7ae2b6340c840469387903eaf820c8ff1
SHA512 88077726f2a8eaf5498075af22f2b460c11ac78046d974b710b0c4c0e3e1e65550ec8f64e971578c51514a59dccc0d0e4047276959a03ce17efc6a9f026657bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 60e3f691077715586b918375dd23c6b0
SHA1 476d3eab15649c40c6aebfb6ac2366db50283d1b
SHA256 e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee
SHA512 d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser

MD5 a397e5983d4a1619e36143b4d804b870
SHA1 aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4
SHA256 9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4
SHA512 4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0528d9ed6b77a9037bdce7c10d7cb025
SHA1 0dd66111c5981b68d37500510c97fa08d2d959a0
SHA256 a44f202c08bff18b79c5dd3ac35168a0df092c3fe230270c6392935040e879ab
SHA512 358806bcc35633c5600851d78eacfb1244b35207ca174ac697fd801ad08d42ac325b24693d9329d98ae5ca3eff369d50879cd719f75ff31ee21ea6f4f0380c64

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 aeba93dca720db309c9bcba49311b8b9
SHA1 cd135df75113d66652f90448e56ee31b036c3eca
SHA256 9429b9a491b9a87a7ebba89ca1842472bcc263381ee98bb66f0bc56e0a3b8f61
SHA512 6d3d2c5bdd0fa00662c4f365dcba8de150b2af819b2eec9259c1bfa719f62c3d40e5f244d1837f65459dced6dd436b8a474eff8ebc67c2a2d07ba40fa9843f26

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e803935009fd12779c9caefab2e618c8
SHA1 1268b43e1156a2ca212bdc28eecfbc180d71c54a
SHA256 759473de379a80bece83a1c22eb1dec0f54f416312d235f5fcba9afb12b43b80
SHA512 0fa4c8d69b5862cae8e7e81bf61993bd3640738641a8d66cce8eb17202356f48a854e4de51e54ec0e9249fece76adffb017c7b76069d30acd3c6bf2b2897cdca

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 155dc64e1ad05ffb6fdf448ae7ec98cc
SHA1 b50b968a300f070909d183989941bdceb7a3b8c0
SHA256 98c579571bd0aa9d5b1982b421b1973896d7c0164b31410450ce5e3012a920f3
SHA512 bd2b8509f911bc36b967766f4d149254c8dd9d3eaa3bf0a5499e427ff2da3d4b61b1ed51c5b966cc5352e36d2984a8806559d6ac1615302df20b6edb87fbb24f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 e01dd9c330d4a5d41da92b6f0b4787e7
SHA1 0e54035c7369e32fb847d451f09a1ab8908507cd
SHA256 3f3bc70db14053b5ae7c2c80b9bc4f6dc06adf4c4c873c0674db7fbb0e8f46a0
SHA512 4bd279e5411218b56c72771db142633b2b2717ebb6f26a46b2dc4c46c3f863b8f28368545f2ec5fc6c46fd901ac876f2fc6f1dff3fd74238fc5767adb038d875

memory/4768-2132-0x00007FFF7D750000-0x00007FFF7D784000-memory.dmp

memory/4768-2131-0x00007FF6B8ED0000-0x00007FF6B8FC8000-memory.dmp

memory/4768-2133-0x00007FFF7D490000-0x00007FFF7D746000-memory.dmp

memory/4768-2134-0x00007FFF7BA80000-0x00007FFF7CB30000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d28f33c0b749a320ff5da6d95a3d88d9
SHA1 2c4cf5b534f3c790de7f92d3f63305b30a00b70c
SHA256 d161754b938083dec992499951da3fc44e0750be291d5304c66fbd74df810cdd
SHA512 bed77104e711727663e4ac6612a36926ecf01a06d23f618fa09365ddaa485867041a9bd14758327049f3e7f01d693881357256736b6c0e7f468654491266248f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 788dec3edf3eec2fc2bc45b042bd6df3
SHA1 aad0f12aaa1fcba117185e2851703789ae27ac3b
SHA256 36d14d39b30a7232ec67a3a852a215755c450cfb76b9494ed5da5137addcc12f
SHA512 964050179600c1d4b3ebf03a484a03d0d41379b58a0e3424299aa1bfdf81ac06be27b79bf1f5c036e7d1bc903bdb680cb98b9c5a848ea1d643edc2fa82993793

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 946c4ffc98e44cff41b7aa7a292013bf
SHA1 24847d6ee5a1a5985b9a2121de2a482ed57a7d88
SHA256 06a1b5d328165ae40c218102c8637e4ecf6a059ec62ff43ece94f8e7d941cc46
SHA512 19ca0ba6e5c5a70e3a4ca623f1e1046b427f56277c34d82c66a7201dadfa0f06d9a86635cc16a83497f315b6a5b643749f4795df03c0b25cc922e7769015827c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 ab6ab31fbc80601ffb8ed2de18f4e3d3
SHA1 983df2e897edf98f32988ea814e1b97adfc01a01
SHA256 eaab30ed3bde0318e208d83e6b0701b3ee9eb6b11da2d9fbab1552e8e4ce88f8
SHA512 41b42e6ab664319d68d86ce94a6db73789b2e34cba9b0c02d55dfb0816af654b02284aa3bfd9ae4f1a10e920087615b750fb2c54e9b3f646f721afb9a0d1aea3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 c65d5dfb609f2a2ff936c49e9b78fb35
SHA1 340cfdbf64e10a8f6940f604c8fb00c7fda5f95d
SHA256 c0a31462d255b7cb4d4d990b8b4ecb4f9e60717fbe3b5eb94095b06c6f56e755
SHA512 b5577648c488c1e584290df2797f4c5f539149df9adf098960acb066f14526290134510940f707dd0c7fa0e44fd151388b88f9befb8481aae84f3d60dc0658f6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 b4900a5a27e5b127d633ba638e05561d
SHA1 a27a46f8bc6e19a91918d21fad82cf66a8a4b837
SHA256 3c6bfaf1e57b8604ac75cdeda16684ea22c34ed50c6fbb95e27e7690fee8d7ad
SHA512 09e90cafb7f08e5966779b34aa07bbf67989825ebf4b162d88f146a1cb3aa5b6aaf38cbf6f07ee8b6715a4f540bda1c1d4898f86d4e067005dfd56f7025b87f3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 9d408830c0995c3581baca11660c2d96
SHA1 869bc22b61db4d287eb5fb875a93e50fc4fdc067
SHA256 ba9c77236832ae29d77139135099a5a9377d297d4a874fe4fab51b003768ce56
SHA512 ebf7e7304d7e04f4edb268267dc8ae0cf35c689d8aad293c05f7e9b61eb1d85d112beca9455f7a7aba0ac791e75e39f052530ea8497ebc19076631c201f32ee1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2efc713ac6138e7b3490d77740e7c831
SHA1 b7c7ba857efd04b71f0a72cd9490206236e084d6
SHA256 d8fff3d22d199ca55f59901022669a0e50d37a75dc3a3436ca3a6a8b7a1686cc
SHA512 be1b101dd92b0ca94ee7ef231b7f1d6bf11ac24c4580e39e54ef22c5cac5fd612b50377e637cd7d8db8d5f686da6fce42c5a12c093aab5d17d2807b6364c9357

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 170970bce0a2de4b698d1fa7833bd5c0
SHA1 f601fa0435f17a7ecba4672bbf6e09182f14b2b8
SHA256 f5439bfcdb84311e953858b9b4045f2eddb501f32abe9263da1d446825853898
SHA512 e900268a6104f7bdba0ec840eab84e91c0bf7eff5ba5dd9b644e0b0deae6405eeb951d2efd167cb3358562f2c2a9d9fb6d2d27626ead825697068434a4477c84

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 bdd52f7b4ac142f3753ef9887ffbcb76
SHA1 278702d2bffbaeb984d1ffc7ee61c8e7df575f99
SHA256 7a474a027451c5620cc5d5749c491cb2f494c944e232887556d5acebe3c58be4
SHA512 8e1558c3bdfa4c2f1c9fe229d3548cb4db42461797ba071ff7b73757cab71399e984ae7eafc4836d55822f0bf9a21eb807ca506bb0510ce3edae8fe36072394a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 1a0921c701fac01873c57465003079dc
SHA1 0ae677936b1b8f1a120fdd17bdfa99e339180bfa
SHA256 fa882c5e4b331361954e0c86c076bd272243a70392a4280ea47abe3b9e653325
SHA512 ae9f4a4dff88e800c86b77909de036e27944c659ad811c75c0f36003722da5a5e0414525c53d40f67eeda0c78c4bd0ff6cd860e7fe90e0e517f5d5c6b21855cc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index~RFe63fe4b.TMP

MD5 e09d5fd13136c0a115ba9d938c4589e4
SHA1 1e11c4ceed8b6f72f1541652962ec46eefc6ee67
SHA256 d4a84ab9ec777469473c2793f7783da03bb44846519acbdff99122d1b1d684ae
SHA512 2f64018a3813f82bd2fa4e06fe46d5d249f4d4f95fcd10585bd3e391732457762806f2c1910091d8910a87185cf516db3717dda42dd3d9751e8bf03235dfe214

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\Database\MANIFEST-000001

MD5 5af87dfd673ba2115e2fcf5cfdb727ab
SHA1 d5b5bbf396dc291274584ef71f444f420b6056f1
SHA256 f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4
SHA512 de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 15a5ec2364ff075a4b7965f74344014d
SHA1 fb3278b5f74f5adda3ca966785f694821844e468
SHA256 ba2fbd941df43ad1ffb2a4e947c9dca8802cf77479d995a7b0dd36095eddb4e8
SHA512 37f5efb35ff189f32b1ac24f1a70204715b96eb142c9cfe6fff009856867a17104af6696f6d9513b70e6c537f3d346aff7c3f14a2764aad37d12a39b340f3882

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c64c463ef3f722138f209bb35fefee5d
SHA1 e7f1aae0e3b8d66a881ed3483de9370dcaa8b145
SHA256 19c85aec24413821f38dfdbef781538a2fe58c8dde66c305010c4050a396fc13
SHA512 9d8d2ed0adb54d46e1ddd451c44153e85f3fcefc06a6a5463b633a16b756043e36431689e5be18be6f5fe1b00c2b42a8bb4fe69382461bf96886a23e12ad5e50

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 248b6c0dcc63f7c3136bd970683163a8
SHA1 22f863b078f22d0c2444af07da1329e0668c68be
SHA256 364fa330af9e096d758d05da4a096ad796eb744eb0db3c947d5b5b32bec8083f
SHA512 49479199dd4a9939da1413c30f14502c5e6a89c14a4eff6886ee8820e91f1c06644580fa29d1ac25d5e19db2bb7419ec3996e499809b0ece58ca3244a32bfae7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 583caab143390574ae5cb54ed6453d31
SHA1 9798dbf5d70e33f45a760645c636e85f055572cc
SHA256 5bd2d3276708370277f5c05f6afbb65ac4fdad04395409a1c45173514fb942e1
SHA512 fe124ea6f5092564cbf04d39e7b7e15f0635118d93bdb8aecbc01ee8c6874c6a94afb0d35ed979a4a4e52e8c30f995be02df934fcc12d51c3844de9a88dc5e91

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

MD5 efdf336c3d3a1adb92b2ad84b9e0ddf8
SHA1 d12684bf46d8efdc7fe65d72974a64f8cfc83aae
SHA256 a3b64fe67ea4be6fd1cad4f43ab347f08f3c05afd11552101ddc5f80fd3e31cc
SHA512 d47956132f95e0f8c31b0d8e8b23a7748b4fd39b6acf746e65600499bb6dac8bf3ba64843a090e41066de86eadd02aeb9c1ebd3ab9cdee4bd9d7867febbb696e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 5b20e0d754cf7d1526a3f0c12d261c3d
SHA1 6a7883550ede0f15095a9dc8a0f3e01974458090
SHA256 6b6469bb22622a02816d656acf4134cb87fe6cf4275f6234918f68d591d3348a
SHA512 55792ccbf0e91682b49514de5519fa47c6896de227fb3860831451061b4a02edde930c0d5066d20fe7eeb7f1bf088333190f6a0aa3e24b9ff77c73055b3a8d53

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2ea0526fea2a03e85f46be68ddaa7274
SHA1 c52192f2fc5851980e5bd1fc272a45df50c706c7
SHA256 404dbe68a4ea9d053ca5d892b031a1a7a880f7c1fe6e68aad8aa1093f7ac0a41
SHA512 75b689e693a557829e0b35233ca03fe4a63e18ec4cfe4524ed00cce6bbf4d46e91286c87fe7440e534ccc5bc52fe1ef8ec09e61faee02b5740b9a1da23fae5af

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\f_00003e

MD5 82a277ecf2f1ca88d6d87cb98232e5e0
SHA1 d670414f95da2b3fa8dd73975095bbdbc6c0d598
SHA256 311e065cef76ebc81c090e5cbe36e7b700192fe7ef542c92d555c8c7e9621381
SHA512 20a89b6997439e515f082442ec40349fbf1db04e9b81ceedde042366371aa8bfa018146be255f62619ed352cd275bd36eb56c09b2bfdf03c54136c30ee448630

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 433c72bfeee56b27bb73e150dfb91b78
SHA1 f1eb58bdab73f1a5ab1bd9f6bca096ee11a76daa
SHA256 945b7afe525344728f5323e585457e2594e23310ef4eea15b8613cc76e84a11c
SHA512 aeb7d0372c2d719c13954378d76287a9480316ee231364a0fc522864cb321188944a7e4100f76719f792c8f27055d0f57113fac2847993402169ebf3a0e53d73

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 7783b1dba397b40bbb236749fbb9e1b0
SHA1 c6fa9194cd51225d758780b928aaf8b0c41b09df
SHA256 b443a10c7e42106d64118f4b6aacb3d75985b5369f44fa66a087c0345568eab1
SHA512 6db06b56324b732d80ab26afda3be7a00d2cdab1606e28bc92481f758d9bb8c99ce14e78b36bd09c842981f1005c582f76ef25a7f5a54293b1e61bbf7ab1e4dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 87a24969ad20b1bb71cf17b662664fee
SHA1 ce61a1390a51c9dc44bbcedd34603e06536e6d4b
SHA256 91d1b9825d6abab93aee1225e3d927a71d09ee5467da7e3d2f1008f4817177f9
SHA512 cf35d05319ae13c9da5f71fe85faa342887c1ee954d4ed7f28aeb4e7dc2af8e227f3c06dc2c8afe1f273341e2c081c24ebb491d714481f06144b224a6060768b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a0944255c999c6c90c2d2cc22d68624c
SHA1 d328209889814a28b22b60bc81085dd64c077b46
SHA256 c3078574adec7f3ca848bb1b8868b1b2466a49459d51dd8bcd08fce132213053
SHA512 b64d71c3a2323e97333e093524b190833a676966cc618571d8221fdcc96e6906d3052fbb966fcad6fd485f6856e3756d6b436786dac40e89cebee0f23b201c15

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 dc79ec6401def046dae0ea29a76bee18
SHA1 8c7dde4fe1e2d41ec498341bb2dd0764bb8f6827
SHA256 6f79180a3c399ef09dbacc2b4a73ca74ff600468db56dc614e92f25574555512
SHA512 4c61fd42335e031ddcfa72c076106c84b211d788cab777f3af615fda8f9b10fdb629a8fa2dd397a23ad155c317603909f316f6f013c9184528c8d62542bc92f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e0ecef3050e605a79d5feefc6180dffc
SHA1 245ee6f4dae09bb5c2e494e2c307421af7faaf29
SHA256 d4d7a96b6fc37fd12352aa8ab3f907c40af4c96076f81a2e030ac87723b13c0c
SHA512 8cd2ec28766b6aac154100ccac381e2ab11563f693f2c8f7996ba2303b2a63edba58c849fa495d196d6c91fe68729b8fb100e59e79fa8704b0f31c542b097626

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 a84e15fcfac4fe170a62e3b480e7b9db
SHA1 e8e657c153eefe3ab37f397c3a246f01b23951c8
SHA256 d64ced0275c82aecbdf95937445a5453f047c17b9df1a99c712ba828563a85a3
SHA512 58323b6f84b2bddda8cac1fd8b2c1c47b50d03e16e483f2639bacf349f7f97fdc5ddf5a2181a3667fd022e71ca97bf7863f4f7dd18f6440452af515df13001c9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 f114a2ebd7bb6ca7ad0ddef6cd947c18
SHA1 060babe7882a2efce4ea7ba77cfa85a0936d58c7
SHA256 5ba6aa30467a60230bc72fa2eefa9ad0a75a7c36d5cbdb9628e47918dc7d13c7
SHA512 bc0dd4f2d4741d957244a464a280bca395154e4a5b155dac616977f079f113badb7c4031308661b8385d78e7447059e22b2393eef337c0924f22c87afda59cc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 6c3d38d1b89d0f1f6f759ae53e0795b4
SHA1 8f3a564fd3a35a87c7331cb7095427c6af36f3c7
SHA256 21126cf254b82c8c3973044c8f8fdf4c058f299b3d20a9d56c591fc08031144b
SHA512 fd873362ab9f453ab2a6eb97a7075d03c53a2b953e2821c26c2aeb8fc485914c5595b7ebddc1171888eb61ac9529fffa414bc50d85af07a5608f96220ef08034

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 e53cf09aab327151081a9b3e6a0b44a8
SHA1 9c672e44071a008988caab2921674ddbc244b5f5
SHA256 33b622006ae467400c1248ad858096a0eedf96051ed8bb2f9b8d6d3feaaa8099
SHA512 f1fb2c4218a5d6b92b73ff1ea3450b0760184ecc5b4fd7377304a91fc25b0dd90f71a95326476577c6776259557442e77625975f732c146891477d069e3248c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fea8f8e71c54d71b7d19c8496befee7d
SHA1 3d09323801c426b2db24bda09b8e20252556fc6e
SHA256 c71ba621dc25449d4aa6a9c5899c3f8f00bf8f19ae4fd4001978f6f6630716a8
SHA512 bdfa6acabe8901bcd1fb209daf7b1334b4a0786df9d15ddd4357035bf5180093a442a002551cd82928647a41e887261d83468bf36a7a914e35de25a53e13e00d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a7fa90433e566771eb824cf0abe572c9
SHA1 dd8b05e35083d8e987e62f74397ce6e22f5fdb35
SHA256 b19e6aca35ed3c15cdb5a9a9373574f3ec3365343bc3d38ef717bb6c66b173b8
SHA512 e4f9125347758fa0709f58502bb306b7fb6d8142ba4cecb60b679f54eb75193c2ec245d2f4bae463d09e7f3313b7685314dc0212b0c1e3ecd114ec8f62499795

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 8d3fc45b05ca432a0446c9637cdda4f5
SHA1 2577ea8430d2c289064df1b5f007411f92c00871
SHA256 338b3b7b99be8de2bc6d95abd2653f9f6b90b17b9bfdb18f88ef47ecae73b149
SHA512 93356aa666b73b40c6b11f393bf6e68dbb1882d7c40b5435559cd6db467836e468b7c9074b630d484b65a8ae715d87a21a7dd435a49fe4c3e37b00e7af6da757

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 df05e5895c128ff4d180d7f606943f16
SHA1 615997237499446a3065ed14265593ba87838931
SHA256 1dc9f28b3900efd9687cf4625c9ff62ccac1c0ee820d6392bbfe36fb0bf526c0
SHA512 f07c516046bd767b4d3f8fd088d2df9757e500c9a16851f102d89a4470f7537795dc283b4f63afeb8c015cca63841743d8fbbc5365a124f189d186c56616a746

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 079d771c6fea7a53445edee259db6061
SHA1 ab0ae1e0084b2fe1b930fe105fe69429aad0a066
SHA256 801c75bb951892cb4677a90b583399e8de4d60c301d6589d2298927888abdcea
SHA512 703b05e85fc87f395e1addc6147531d4b978bfc487ca74d478cad35e9b813a71d743db74e2e317157da7d6ac2902d4475ba29fae1ec5c12b48242dfb1074eb48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 ced45ae28536663c5ac4f24da15bf03d
SHA1 6328724008987afb591c023609ba9fd4b5278554
SHA256 c9b403f17223eb7183bfdb08bedc819ab52eeb64e7b9af2156642575e4756dd6
SHA512 2b37599895f6eac04763888be4ec2d5a41eb76dba4ba75f0bbce25ff4cc79394933d13d426dd5084fe8cc4790f8dfeddb18d5f33813ef6dd680d2a963b69468c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 86cf6395d5e78ea1e8bd5494b8d1c7f0
SHA1 b035e4a470f474010a51d0c909daf714c537c64f
SHA256 add4ab3e3046b85c6fbb3d3ce25cae0fee7c8ce3fb8366b10305df167eb5064b
SHA512 ac4fb750e0897e4666859b84556a50129283b0826e8d5512906a149f181c29b3ae6acf4fe9077f36fe54df6af466c4f5d65a66018ea985e0ac61133e99ceb841

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 19ba14ad45ed04bcc628276832e0c290
SHA1 db19ef22926497ed0c1f016b6ea20e8cd09fcdc8
SHA256 78bb58e654386c9b5b64eca9fbe89cf500ebc44d90574bcafe5ffa9f0aebf87a
SHA512 32494cc77b5cb7a94106d3e3275f893c4f89cc0cfb2329c5ef641346e4d78a515dc60b82efff94fa4f772c6d23386db5f4b7f6ebabc1b0231da6434b7669cf7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 9a7b4d0c684ef6f16e58984d0cbe8d4d
SHA1 a63e05a2a79aac00df77ce191fb91011af8c32d3
SHA256 617a801adf1f413c243752eee2c530bc0e7c941a0fc8f513f79d6c84d64623c6
SHA512 2ef0f6f4d44afef2e5211df31949c97de1586d8d4f3cb147f848fba1d7c336f9efcf2b4cfd464a9263270504ad48e08007a0fccecee1e56911e97658489c6d7c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c4a063dabe52c9550eae0767c93f98cf
SHA1 c23c8f685f5add2364933d7b2fa1ddbf6d1a84b1
SHA256 34de055e2920cc29a654e8ceba6b1a35d6d82d56be8b344a865d030d54ad89b6
SHA512 a88e6cf04920003515388b5ec04bffc5eccf361d57b19824eedbc7ca3146e893eb07c051d45c3a917486cd07972e345209bf25c87254a451840bbb092baeb2de

memory/3572-2840-0x00007FFF5BB10000-0x00007FFF5BB20000-memory.dmp

memory/3572-2841-0x00007FFF5BB10000-0x00007FFF5BB20000-memory.dmp

memory/3572-2842-0x00007FFF5BB10000-0x00007FFF5BB20000-memory.dmp

memory/3572-2839-0x00007FFF5BB10000-0x00007FFF5BB20000-memory.dmp

memory/3572-2838-0x00007FFF5BB10000-0x00007FFF5BB20000-memory.dmp

memory/3572-2843-0x00007FFF59730000-0x00007FFF59740000-memory.dmp

memory/3572-2844-0x00007FFF59730000-0x00007FFF59740000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

MD5 7103944600326e90cd0fb8b03ae364b1
SHA1 a4820b9871e62d7602ca84fadbd10a146744530a
SHA256 ede112d778cc34a2a5b60c022991c96e20912473386114f54bdc00b272bbd43e
SHA512 3e9f10f294dc1b6ad971db5bf60aec12b49e6bfc520ac4cdc3f93e2caaa3a59c7210fc4dac36a31dfb303e2884a22677592b354264d3b8ef974437d4186a2e7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 ebc863bd1c035289fe8190da28b400bc
SHA1 1e63d5bda5f389ce1692da89776e8a51fa12be13
SHA256 61657118abc562d70c10cbea1e8c92fab3a92739f5445033e813c3511688c625
SHA512 f21506feeed984486121a09c1d43d4825ec1ec87f8977fa8c9cd4ff7fe15a49f74dc1b874293409bd309006c7bbc81e1c4bcba8d297c5875ca009b02e6d2b7be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8bdf8b19225e60a729c1c1263deaf665
SHA1 3d188eff99d1ccb7414ed7f2264c68bbca691678
SHA256 9cde361018c6ce8e898c86a6d9a43cef47429514333b5c30b088347ff1c4ae87
SHA512 972aecd6f715b1e4f3fbcdc7ec15e7b9b5d6a481782310203122ade2f543567c6ccfde5caa7f55cdd21fb781c4dc847f306448f051aa599f15c41cc9124e8e9a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 7dc922eece0fb526176b40c9f876040a
SHA1 10df04f7895a3bce8b82f4502525306c9f921e3d
SHA256 f9be6bcfdfbff59e541fa69ba444977ce699673b8256dfd6e7d99ece23d6f984
SHA512 5aa5c72afbb00d3cbe4bdc741a3f5711b7dc5399c354f940c8f91049b5fd2177c345aa92251591cd4ee8d0f8e39dc17161aa224cecf54e6d3469a19bc26944e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 77c199fac539acfd4bd8286e52d25a4e
SHA1 84650871f16ce493ae6a148151724aa86ae71239
SHA256 513e92cc5fd1dadb437dc9cc4cff7fcc21a7d98a7850a560706585a2ed2f047f
SHA512 0dd50b9d5714874bd5abbbf67d3af26ccc65b974b58c765a1f6e6a447c074ba1698eb51e094343cb72838df21c81e38a30281c6ddd0611050190ae9b5ba7b0b9

memory/3572-2966-0x00007FFF5BB10000-0x00007FFF5BB20000-memory.dmp

memory/3572-2967-0x00007FFF5BB10000-0x00007FFF5BB20000-memory.dmp

memory/3572-2964-0x00007FFF5BB10000-0x00007FFF5BB20000-memory.dmp

memory/3572-2965-0x00007FFF5BB10000-0x00007FFF5BB20000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 832d5294de89ada7a0b94cbe35051575
SHA1 02c9691678320be3e5df856091c499493dd0766d
SHA256 d97fc856766fa9c28d96e912e5025742cd48499283c954cb24da966516bea091
SHA512 c272827bc77281f0a9200b8f60a5d7274a6102bb5368b0c7c36a4faf719a02fdda87f78a01b99d8690e5653454da2ad39d8ea14e727fb5176ec5c1006c3da8ed

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1baa4e1bb060ebd9e96f83b44fd48961
SHA1 9c54da8e3abb5d3582352e204a5bb2b5a8c3cb13
SHA256 534175973f8044198215d439283fdef5ac80f1c86b2637fcabc7bdb29a2424a3
SHA512 579ca6d0e3e85fe6a84372e12560cbfd3fb0845e209aed22bf035b2a6c03753632a1fa91b8c01718a528f07323b56e654e495e89978ba3a34ad8b4efc7675847

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 0a6e8d278716c9191a83211543d5951d
SHA1 5dac14b57f0445d0d4df834e445c8737c254e88b
SHA256 093e0d3d0e64d1b2c6e86eaf170847dafb6a6add811f3aa24488f837a0d69ed4
SHA512 77b89cb7b4bcbba2b6fbe92618525e0eb832cb1ec587bf201869b353f8b59a06aefbc09c6e0e44fa0693a4b80a54a5540f801f8694274d207a5199955282c4b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8d69096a0464b93e5a8e5fbe9103ec03
SHA1 98ba70626f5726da1be35871de6111511d4e0d79
SHA256 8e98ba5e1f0631d30f7c8607f027c1b8367ee0effe0747ebe9fb402815c35afa
SHA512 a4cf183f916aefd66aa134a199207d6428f4f21213a526c63cc1438b22cb1c711fdb8198481934845849ef5dcc2605b21c00a11e6463a4d9eff63a288718ddf7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\TransportSecurity

MD5 0599f2be538321409a65634ac18e13cb
SHA1 e8d4f934fdbc8db10169ad6c7563298c59735037
SHA256 b95335caf701aa648695da8b69d029151a927c3af0d56e94f27bab3790d69c57
SHA512 78d566d377e9ff16c6f281f9b87a8938c5d8f41154f976b5e731fd4cfd96d2e788cca6d7a48487525510d6000f4b2b326ac997825f11dedb0edfd8b2f010d601

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 6fab6c1f9ed17342f7f928e79557ede3
SHA1 04c9bb808383656fa15d97708d2bd6263cca3f36
SHA256 5f6f3b0c249585969205c2cf91ac0a45304ac77b7b49ec0f0635fba37ff50b70
SHA512 90340fdb1380a530f1c0b1bcf49707f3bb05b4b887daefd53c3d09159037e28e9e8d851a762afb07dc9abbb6c9eb322713bd9e986eefa1bc608272085ee85d99

Analysis: behavioral3

Detonation Overview

Submitted

2024-06-17 16:44

Reported

2024-06-17 16:45

Platform

android-x86-arm-20240611.1-en

Max time network

4s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
GB 142.250.180.14:443 tcp
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral5

Detonation Overview

Submitted

2024-06-17 16:44

Reported

2024-06-17 16:45

Platform

android-x64-arm64-20240611.1-en

Max time network

6s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral6

Detonation Overview

Submitted

2024-06-17 16:44

Reported

2024-06-17 17:15

Platform

macos-20240611-en

Max time kernel

404s

Max time network

1541s

Command Line

[sh -c sudo /bin/zsh -c "/Users/run/213ole.txt"]

Signatures

Resource Forking

evasion
Description Indicator Process Target
N/A /System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy N/A N/A

Processes

/bin/sh

[sh -c sudo /bin/zsh -c "/Users/run/213ole.txt"]

/bin/bash

[sh -c sudo /bin/zsh -c "/Users/run/213ole.txt"]

/usr/bin/sudo

[sudo /bin/zsh -c /Users/run/213ole.txt]

/usr/libexec/xpcproxy

[xpcproxy com.apple.pluginkit.pkd]

/usr/libexec/pkd

[/usr/libexec/pkd]

/bin/zsh

[/bin/zsh -c /Users/run/213ole.txt]

/Users/run/213ole.txt

[/Users/run/213ole.txt]

/bin/sh

[sh /Users/run/213ole.txt]

/bin/bash

[sh /Users/run/213ole.txt]

/usr/libexec/xpcproxy

[xpcproxy com.apple.sysmond]

/usr/libexec/xpcproxy

[xpcproxy com.apple.secinitd]

/usr/libexec/secinitd

[/usr/libexec/secinitd]

/usr/libexec/sysmond

[/usr/libexec/sysmond]

/usr/libexec/xpcproxy

[xpcproxy com.apple.audio.systemsoundserverd]

/usr/sbin/systemsoundserverd

[/usr/sbin/systemsoundserverd]

/usr/libexec/xpcproxy

[xpcproxy com.apple.pbs]

/System/Library/CoreServices/pbs

[/System/Library/CoreServices/pbs]

/usr/libexec/xpcproxy

[xpcproxy com.apple.audio.AudioComponentRegistrar]

/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar

[/System/Library/Frameworks/AudioToolbox.framework/AudioComponentRegistrar -daemon]

/usr/bin/pluginkit

[/usr/bin/pluginkit -e ignore -i com.microsoft.OneDrive.FinderSync]

/usr/sbin/spctl

[/usr/sbin/spctl --assess --type execute /var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/T/OneDriveUpdater0B4C966A/OneDrive.app]

/usr/sbin/spctl

[/usr/sbin/spctl --assess --type execute /Applications/OneDrive.app]

/usr/libexec/xpcproxy

[xpcproxy com.apple.bird]

/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird

[/System/Library/PrivateFrameworks/CloudDocsDaemon.framework/Versions/A/Support/bird]

/bin/launchctl

[/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveUpdaterDaemon]

/bin/launchctl

[/bin/launchctl kill SIGTERM system/com.microsoft.OneDriveStandaloneUpdaterDaemon]

/usr/libexec/xpcproxy

[xpcproxy com.apple.corespotlightservice.725FD30A-6064-6C02-CC51-5DDB8891B57E]

/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService

[/System/Library/Frameworks/CoreSpotlight.framework/CoreSpotlightService]

/usr/libexec/xpcproxy

[xpcproxy com.apple.security.cloudkeychainproxy3]

/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy

[/System/Library/Frameworks/Security.framework/Versions/A/Resources/CloudKeychainProxy.bundle/Contents/MacOS/CloudKeychainProxy]

/usr/libexec/xpcproxy

[xpcproxy com.apple.AccountPolicyHelper]

/System/Library/PrivateFrameworks/AccountPolicy.framework/XPCServices/com.apple.AccountPolicyHelper.xpc/Contents/MacOS/com.apple.AccountPolicyHelper

[/System/Library/PrivateFrameworks/AccountPolicy.framework/XPCServices/com.apple.AccountPolicyHelper.xpc/Contents/MacOS/com.apple.AccountPolicyHelper]

/usr/libexec/xpcproxy

[xpcproxy com.apple.spindump]

/usr/sbin/spindump

[/usr/sbin/spindump]

/usr/libexec/xpcproxy

[xpcproxy com.apple.diagnosticd]

/usr/libexec/diagnosticd

[/usr/libexec/diagnosticd]

Network

Country Destination Domain Proto
US 151.101.3.6:443 tcp
US 151.101.195.6:443 tcp
US 8.8.8.8:53 h3.apis.apple.map.fastly.net udp
US 8.8.8.8:53 mobile.events.data.trafficmanager.net udp
US 20.189.173.6:443 tcp
US 8.8.8.8:53 api.apple-cloudkit.fe2.apple-dns.net udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 mobile.events.data.trafficmanager.net udp
US 104.208.16.88:443 mobile.events.data.trafficmanager.net tcp
US 8.8.8.8:53 cds.apple.com udp
GB 104.82.128.95:443 cds.apple.com tcp
US 8.8.8.8:53 help.apple.com udp
DE 23.32.101.152:443 help.apple.com tcp
DE 23.32.101.152:443 help.apple.com tcp
GB 17.57.146.12:5223 tcp
US 8.8.8.8:53 6-courier.push.apple.com udp
GB 17.57.146.154:5223 6-courier.push.apple.com tcp
GB 17.57.146.150:5223 6-courier.push.apple.com tcp
US 8.8.8.8:53 lb._dns-sd._udp.0.0.127.10.in-addr.arpa udp

Files

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsObject.db

MD5 d3a1859e6ec593505cc882e6def48fc8
SHA1 f8e6728e3e9de477a75706faa95cead9ce13cb32
SHA256 3ebafa97782204a4a1d75cfec22e15fcdeab45b65bab3b3e65508707e034a16c
SHA512 ea2a749b105759ea33408186b417359deffb4a3a5ed0533cb26b459c16bb3524d67ede5c9cf0d5098921c0c0a9313fb9c2672f1e5ba48810eda548fa3209e818

/var/folders/pq/yy2b5ptn4cz739jgclj4m1wm0000gp/C//mds/mdsDirectory.db

MD5 0e4a0d1ceb2af6f0f8d0167ce77be2d3
SHA1 414ba4c1dc5fc8bf53d550e296fd6f5ad669918c
SHA256 cca093bcfc65e25dd77c849866e110df72526dffbe29d76e11e29c7d888a4030
SHA512 1dc5282d27c49a4b6f921ba5dfc88b8c1d32289df00dd866f9ac6669a5a8d99afeda614bffc7cf61a44375ae73e09cd52606b443b63636977c9cd2ef4fa68a20

Analysis: behavioral7

Detonation Overview

Submitted

2024-06-17 16:44

Reported

2024-06-17 16:45

Platform

ubuntu1804-amd64-20240611-en

Max time kernel

0s

Max time network

3s

Command Line

[/tmp/213ole.txt]

Signatures

N/A

Processes

/tmp/213ole.txt

[/tmp/213ole.txt]

Network

Country Destination Domain Proto
N/A 224.0.0.251:5353 udp

Files

N/A

Analysis: behavioral10

Detonation Overview

Submitted

2024-06-17 16:44

Reported

2024-06-17 16:45

Platform

debian9-mipsel-20240226-en

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A