Malware Analysis Report

2024-09-23 04:23

Sample ID 240617-wz98vstamk
Target ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed
SHA256 ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed
Tags
metasploit backdoor trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed

Threat Level: Known bad

The file ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed was found to be: Known bad.

Malicious Activity Summary

metasploit backdoor trojan

MetaSploit

Unsigned PE

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

MITRE ATT&CK Matrix V13

Analysis: static1

Detonation Overview

Reported

2024-06-17 18:22

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-17 18:22

Reported

2024-06-17 18:42

Platform

win7-20240221-en

Max time kernel

840s

Max time network

840s

Command Line

"C:\Users\Admin\AppData\Local\Temp\ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed.exe"

Signatures

MetaSploit

trojan backdoor metasploit

Processes

C:\Users\Admin\AppData\Local\Temp\ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed.exe

"C:\Users\Admin\AppData\Local\Temp\ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed.exe"

Network

Country Destination Domain Proto
US 192.210.162.147:80 tcp
US 192.210.162.147:80 tcp

Files

memory/2276-0-0x00000000003F0000-0x00000000003F1000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-17 18:22

Reported

2024-06-17 18:42

Platform

win10v2004-20240611-en

Max time kernel

911s

Max time network

1178s

Command Line

"C:\Users\Admin\AppData\Local\Temp\ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed.exe"

Signatures

MetaSploit

trojan backdoor metasploit

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133631221915643158" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2568 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 4984 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3916 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 1404 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2568 wrote to memory of 3700 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Users\Admin\AppData\Local\Temp\ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed.exe

"C:\Users\Admin\AppData\Local\Temp\ad1cbe205954a376de542fe8cdd6e971037386eb8afe86fee310555c6cf5a1ed.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ff9d911ab58,0x7ff9d911ab68,0x7ff9d911ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1804 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2136 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2160 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3064 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3076 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4348 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4356 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4644 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4636 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4804 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4996 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4908 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=3100 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=3152 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4640 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5208 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5304 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3064 --field-trial-handle=1816,i,11534103217645974023,18037204571584831639,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 g.bing.com udp
US 204.79.197.237:443 g.bing.com tcp
BE 88.221.83.226:443 www.bing.com tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 20.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 226.83.221.88.in-addr.arpa udp
US 192.210.162.147:80 tcp
US 8.8.8.8:53 www.google.com udp
US 8.8.8.8:53 195.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 142.250.187.206:443 clients2.google.com udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 206.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 msn.com udp
US 204.79.197.219:443 msn.com tcp
US 204.79.197.219:443 msn.com tcp
US 8.8.8.8:53 www.msn.com udp
US 8.8.8.8:53 219.197.79.204.in-addr.arpa udp
US 8.8.8.8:53 assets.msn.com udp
US 2.18.27.86:443 assets.msn.com tcp
US 2.18.27.86:443 assets.msn.com tcp
US 2.18.27.86:443 assets.msn.com tcp
US 2.18.27.86:443 assets.msn.com tcp
US 2.18.27.86:443 assets.msn.com tcp
US 2.18.27.86:443 assets.msn.com tcp
US 8.8.8.8:53 img-s-msn-com.akamaized.net udp
US 8.8.8.8:53 sb.scorecardresearch.com udp
US 8.8.8.8:53 th.bing.com udp
US 2.22.144.39:443 img-s-msn-com.akamaized.net tcp
GB 18.165.242.110:443 sb.scorecardresearch.com tcp
BE 88.221.83.251:443 th.bing.com tcp
US 8.8.8.8:53 c.bing.com udp
US 8.8.8.8:53 c.msn.com udp
IE 68.219.88.97:443 c.msn.com tcp
US 204.79.197.237:443 c.bing.com tcp
BE 88.221.83.251:443 www.bing.com tcp
US 8.8.8.8:53 86.27.18.2.in-addr.arpa udp
US 8.8.8.8:53 110.242.165.18.in-addr.arpa udp
US 8.8.8.8:53 39.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 251.83.221.88.in-addr.arpa udp
US 8.8.8.8:53 97.88.219.68.in-addr.arpa udp
US 8.8.8.8:53 browser.events.data.msn.com udp
US 20.189.173.11:443 browser.events.data.msn.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 srtb.msn.com udp
US 8.8.8.8:53 11.173.189.20.in-addr.arpa udp
US 8.8.8.8:53 234.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 mem.gfx.ms udp
BE 88.221.83.251:443 www.bing.com tcp
US 8.8.8.8:53 btloader.com udp
US 8.8.8.8:53 acdn.adnxs.com udp
US 8.8.8.8:53 confiant.msn.com udp
US 13.107.246.64:443 mem.gfx.ms tcp
US 151.101.129.108:443 acdn.adnxs.com tcp
US 104.22.74.216:443 btloader.com tcp
US 23.220.112.26:443 confiant.msn.com tcp
US 8.8.8.8:53 login.microsoftonline.com udp
NL 20.190.160.17:443 login.microsoftonline.com tcp
BE 88.221.83.251:443 www.bing.com udp
US 8.8.8.8:53 js.monitor.azure.com udp
US 8.8.8.8:53 ib.adnxs-simple.com udp
US 8.8.8.8:53 api.btloader.com udp
US 8.8.8.8:53 ad-delivery.net udp
US 13.107.246.64:443 js.monitor.azure.com tcp
DE 37.252.171.85:443 ib.adnxs-simple.com tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 104.26.3.70:443 ad-delivery.net tcp
US 130.211.23.194:443 api.btloader.com tcp
US 13.107.246.64:443 js.monitor.azure.com tcp
US 130.211.23.194:443 api.btloader.com udp
NL 20.190.160.17:443 login.microsoftonline.com tcp
US 8.8.8.8:53 fra1-ib.adnxs-simple.com udp
US 8.8.8.8:53 aadcdn.msftauth.net udp
US 8.8.8.8:53 64.246.107.13.in-addr.arpa udp
US 8.8.8.8:53 108.129.101.151.in-addr.arpa udp
US 8.8.8.8:53 216.74.22.104.in-addr.arpa udp
US 8.8.8.8:53 26.112.220.23.in-addr.arpa udp
US 8.8.8.8:53 17.160.190.20.in-addr.arpa udp
US 8.8.8.8:53 70.3.26.104.in-addr.arpa udp
US 8.8.8.8:53 194.23.211.130.in-addr.arpa udp
US 8.8.8.8:53 6.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 85.171.252.37.in-addr.arpa udp
US 8.8.8.8:53 26.144.22.2.in-addr.arpa udp
US 152.199.21.175:443 aadcdn.msftauth.net tcp
BE 88.221.83.251:443 www.bing.com udp
US 8.8.8.8:53 trace-eu.mediago.io udp
NL 35.214.168.80:443 trace-eu.mediago.io tcp
NL 35.214.168.80:443 trace-eu.mediago.io tcp
US 8.8.8.8:53 images.mediago.io udp
US 34.111.60.239:443 images.mediago.io tcp
US 34.111.60.239:443 images.mediago.io tcp
US 8.8.8.8:53 googleads.g.doubleclick.net udp
US 8.8.8.8:53 ox-rtb-europe-west4.openx.net udp
US 8.8.8.8:53 pixel.adsafeprotected.com udp
US 8.8.8.8:53 cdn.adnxs-simple.com udp
US 8.8.8.8:53 protected-by.clarium.io udp
US 34.98.84.165:443 ox-rtb-europe-west4.openx.net tcp
US 151.101.1.108:443 cdn.adnxs-simple.com tcp
US 44.219.103.25:443 pixel.adsafeprotected.com tcp
NL 35.214.168.80:443 trace-eu.mediago.io tcp
GB 142.250.200.34:443 googleads.g.doubleclick.net tcp
IE 34.247.144.123:443 protected-by.clarium.io tcp
US 8.8.8.8:53 aadcdn.msauth.net udp
US 13.107.246.64:443 aadcdn.msauth.net tcp
US 8.8.8.8:53 175.21.199.152.in-addr.arpa udp
US 8.8.8.8:53 239.60.111.34.in-addr.arpa udp
US 8.8.8.8:53 165.84.98.34.in-addr.arpa udp
US 8.8.8.8:53 108.1.101.151.in-addr.arpa udp
US 8.8.8.8:53 194.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 80.168.214.35.in-addr.arpa udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 123.144.247.34.in-addr.arpa udp
US 8.8.8.8:53 25.103.219.44.in-addr.arpa udp
GB 142.250.200.34:443 googleads.g.doubleclick.net udp
US 8.8.8.8:53 tpc.googlesyndication.com udp
US 8.8.8.8:53 s0.2mdn.net udp
US 8.8.8.8:53 static.adsafeprotected.com udp
GB 172.217.16.225:443 tpc.googlesyndication.com tcp
GB 216.58.204.70:443 s0.2mdn.net tcp
GB 18.245.253.12:443 static.adsafeprotected.com tcp
GB 172.217.16.225:443 tpc.googlesyndication.com udp
NL 35.214.168.80:443 trace-eu.mediago.io udp
US 34.111.60.239:443 images.mediago.io udp
US 8.8.8.8:53 dt.adsafeprotected.com udp
US 52.200.217.37:443 dt.adsafeprotected.com tcp
US 52.200.217.37:443 dt.adsafeprotected.com tcp
US 8.8.8.8:53 browser.events.data.microsoft.com udp
US 8.8.8.8:53 4.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 70.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 12.253.245.18.in-addr.arpa udp
US 8.8.8.8:53 37.217.200.52.in-addr.arpa udp
US 8.8.8.8:53 86.23.85.13.in-addr.arpa udp
JP 13.78.111.199:443 browser.events.data.microsoft.com tcp
JP 13.78.111.199:443 browser.events.data.microsoft.com tcp
US 8.8.8.8:53 199.111.78.13.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 21.121.18.2.in-addr.arpa udp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 170.117.168.52.in-addr.arpa udp

Files

memory/4156-0-0x0000000000B40000-0x0000000000B41000-memory.dmp

\??\pipe\crashpad_2568_JYTXGQTCHZQOEWHB

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 c44ca9ece15179e3a16de1a9fe993c03
SHA1 68c89ffc1acefd8a9478f7496a839ddd5efef7f8
SHA256 02b0719673c93c9932059a40814ff75e3ce3c79055ef7cbd76d0a18ef41bdde5
SHA512 48e4ef71191bf79f509e55246c204333cdb17e7ee7c76d80fc1cb5e71d8efe6553fddd3b10696dd2c19f9aaff5a05e687eaa680f1c94129e04d72ba37a28ef45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\dd2f7129-8ea8-4cfc-9664-12be18ed3c4c.tmp

MD5 869dc17793c79e4b868262e27a58f9da
SHA1 ee7584812652698fa65152760790f40490792f7e
SHA256 4c0cdaf0a6f34572754b2da1352d368dcbd37cdc18520b8e4fe9bafb643b6b87
SHA512 6136ac2f57623e936d49b053bf455adba81fb203b858e5bbfc44e3ec47ae645d5f44a7c1fe1d04aa4239ed6b22976b896cc356ac9657e2f2e77ab01050cba162

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b3b0e1790feab90e8aba8a80d03d7bc0
SHA1 220d85c0f33d946e2058c5d13ed2e722e46b3350
SHA256 a81271cf8e74759f3feacbe048e8e36f87876ecb8e190bc7610324e4a74b767d
SHA512 d255bf0c9c311065ee2ecda02d95c85b1b898903f088dbaa9656aade422b12c28058a83cd79310915213a7c683bc7fc82d16531f2838bf176d4c31f781aab0db

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 2b36a283d3609ac8cf34ead0b555ba27
SHA1 e202f4b306782f812450388e809502bdb4c643c7
SHA256 de403d116d87586dddaa41f20ee3cee8a2ae8229edeb0fa12c5c56b14c15cf26
SHA512 b306b07bd6a31857b5c5b93ec3adf8c82cba6870d574f946e8b7f3b19a6dfc86dd4826286453e1c6fd21ecf18ff9435ec4d979e3c6d4ad903003b5bacd977700

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 90a7bb084a87470a3f3ff962b5120001
SHA1 4b456a8fa1f58f0355f9eedca97f08b7935ef6b5
SHA256 b79c68af8a15298c03d585c4765c0527c6ee802f2231118b1f6c3b3f9fa6f7d7
SHA512 f6b9e3c0802c44ed18b95f8f94860b726be272608341fb79066febcc9dbcedd1f520489ed8ac6ed30c0e385248c541f371d89531826a20024e120133958a7596

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 c2aef14b54167bb0219dd414af09b6c4
SHA1 c53f4c1f31e5a42b038b9ebff7dc4ed32bf78964
SHA256 2ae1a09094f6fe3059c1164bec9a68fa142fa6eae1f0d6763d0d1c0836d60ce3
SHA512 e18ff43e0adb9bc974b09e02645b268775c967bfa1e694b111d6ad10d20f845bf8b017e2df2bd4a11eaa368d402252c3d6fcc83691e23b6181bbd93a2093fbe6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e01b08c49be357f339333538dd9de1fe
SHA1 0f27f4bcdc869d6ff76455487855fa029dfbac7c
SHA256 fa7052828361184b176066e967a0babe2979c1e3d2c83d1b989d16a8a661c16c
SHA512 668629608a7d380412a4c5cfae857864eba3c1260fff2d6bea21d7a49df953f9815e19c3ea4921f9299afbee0f9099fa2e2e0e92dccccd476aa947b07726b9e1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ff5d30ca9861d2a721be04ccf6c61560
SHA1 7d105b3bbe8110c0bfbf1390f6b294ed688274c0
SHA256 8016d96bebeb94cad3e6fe191d698e1cddd5340a7f78e208351d7a743a531b44
SHA512 68e2db8d6b7a756dffa88ade24092768aa80b558c58e797b59fb6a48d32445b42e35d33c7393632a81a9e82e8e6a354ba6831b0d4851333032dc8ad0f045e542

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\index.txt

MD5 99424c7667bf3efaf860001702cf21ac
SHA1 92f8899daea4f9d8471eb6ec683ab08e0c873fbc
SHA256 fa3a39398a6e884e95fc6c6445048839e81344d285727da2ab527200cc16a7a8
SHA512 504b47f461d6b4dca5ab8eec1a2f2351d51631d037a9311a453ff8cb8b7e023d23d047ae9eb169abfaf6626230903cc1dc3c9897715769217b0b69e4f1e1cdf6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\70fdbe69-b9b9-40a0-a319-b9262e3a63c1\index-dir\the-real-index

MD5 049526f129c20ea3a0834ff8e02fa246
SHA1 7b6b9da469d802c3dae60f54c2ef155f45a4dfc3
SHA256 0f530f95477136a31f61a7a5cb50a56eebb8065ccc2a9b2a4d51898dae755d5b
SHA512 57fff69069561bf8867ea47273529dbb299eb56071683049ac37cd99ae0923615e0706dd7c923dcc66a860b4d6c488dfe485cf21fbc72f2fdcc1d0b572281879

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\70fdbe69-b9b9-40a0-a319-b9262e3a63c1\index-dir\the-real-index~RFe57a73c.TMP

MD5 fbc47d344c40bd99a659c87970b3e597
SHA1 237112bd86eca55bce126f2f79074643f3b54ce7
SHA256 26ab91c4451f1b538be5ff44f0a5e306face2e620838466ba6fde91851031d19
SHA512 e3bc742f5f2d02fc2e01e206b6143f00399804dfd16caf71b6583d8d7ccf1ede1b51a0772cb3431494c93440a068433175ae88b9ddee496599c823e8e4ec3e0e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\c1eb0cde2406b6af565f825dcd492589d40ab644\index.txt

MD5 0b541e7d2243c3d09d6aa081446e6230
SHA1 c86549d011d82ff21df8bcb27a5b0797a070d7e0
SHA256 7cfcee1bb8a83e03cd4370fe9aeacbdf20a73c4c26e2d3a6cf4c384706e9b10d
SHA512 a32fe1ffecc674a0d7fe3b1c1541c58b72cb1458acb4bd594b3d9a09aaf72bd51ede98b0f6c2e0d651b6b31aa6dd759426678edac67ebb8b6764b4f58140df2a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 efe4547e6b97e92f12fe8e613128c5ee
SHA1 cc08cf97f1dfb073aaa6730d92e26693e6d21a6c
SHA256 8f3d6a68202253bd473002723787222dc73186fa75663edb0af24e3a79088716
SHA512 b5e449eebb626a30584abc4d14fe56993d4c75acfb91a9fff2ffd8754686bf8041ad98269090f2d1d44826a90321af5254050515170dcf9bc6574e883efaedb3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 976245b95653c695ad02f4c770110c28
SHA1 eed6988674ee8101366eb1279ce5aac70b89005f
SHA256 38c2be0e82c6bf8785b15791678d1e3f13ef6b4064e269a750356c8172d17f73
SHA512 93da846e0eb70cd16b038c3fcb6a5cf1d461e73875597a53f41b68fba32897178b5feac854867bb3861919cb5fae09a279a7066f10015c2772d3be218f913070

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58