Malware Analysis Report

2024-09-09 18:06

Sample ID 240618-nsjtbs1hrg
Target 36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73
SHA256 36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73
Tags
discovery persistence privilege_escalation spyware stealer
score
7/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
7/10

SHA256

36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73

Threat Level: Shows suspicious behavior

The file 36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73 was found to be: Shows suspicious behavior.

Malicious Activity Summary

discovery persistence privilege_escalation spyware stealer

Reads user/profile data of web browsers

Boot or Logon Autostart Execution: Active Setup

Event Triggered Execution: Image File Execution Options Injection

Event Triggered Execution: Component Object Model Hijacking

Checks computer location settings

Loads dropped DLL

Executes dropped EXE

Checks installed software on the system

Drops file in Program Files directory

Enumerates physical storage devices

Enumerates system info in registry

Suspicious use of FindShellTrayWindow

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Modifies registry class

MITRE ATT&CK Matrix V13

Analysis: static1

Detonation Overview

Reported

2024-06-18 11:39

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-18 11:39

Reported

2024-06-18 11:42

Platform

win7-20240221-en

Max time kernel

149s

Max time network

139s

Command Line

"C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe"

Signatures

Reads user/profile data of web browsers

spyware stealer

Boot or Logon Autostart Execution: Active Setup

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96} C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\ = "Google Chrome" C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\StubPath = "\"C:\\Program Files\\Google\\Chrome\\Application\\109.0.5414.120\\Installer\\chrmstp.exe\" --configure-user-settings --verbose-logging --system-level" C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Localized Name = "Google Chrome" C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\IsInstalled = "1" C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Active Setup\Installed Components\{8A69D345-D564-463c-AFF1-A69D9E530F96}\Version = "43,0,0,0" C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\Software\Microsoft\Active Setup\Installed Components C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A

Event Triggered Execution: Image File Execution Options Injection

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\USER\S-1-5-21-1298544033-3225604241-2703760938-1000\Control Panel\International\Geo\Nation C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Checks installed software on the system

discovery

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_de.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_ja.dll C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_sl.dll C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_mr.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_lv.dll C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\MEIPreload\manifest.json C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_id.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\Locales\sl.pak C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\VisualElements\Logo.png C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleCrashHandler64.exe C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_iw.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_hr.dll C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\v8_context_snapshot.bin C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\eventlog_provider.dll C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\chrmstp.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_sr.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateCore.exe C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\Locales\gu.pak C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\Locales\sv.pak C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\Locales\he.pak C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\chrome.dll C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Application\chrome_proxy.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_is.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_am.dll C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_es.dll C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\default_apps\external_extensions.json C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_hr.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\Locales\ro.pak C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_cs.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_et.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_sl.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\VisualElements\SmallLogoCanary.png C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\Locales\fr.pak C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_ar.dll C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_sv.dll C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_ur.dll C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\CHROME.PACKED.7Z C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\VisualElements\SmallLogoDev.png C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\MEIPreload\preloaded_data.pb C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\nacl_irt_x86_64.nexe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\VisualElements\SmallLogoBeta.png C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdateComRegisterShell64.exe C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\Locales\ms.pak C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\Locales\zh-CN.pak C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\vk_swiftshader_icd.json C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\Locales\hu.pak C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\chrome.VisualElementsManifest.xml C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping2420_1960463748\manifest.json C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_fil.dll C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_lt.dll C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\chrome_100_percent.pak C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\Locales\bg.pak C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files\chrome_ComponentUnpacker_BeginUnzipping2420_1960463748\LICENSE C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_bg.dll C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateSetup.exe C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateBroker.exe C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\chrome.exe.sig C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File opened for modification C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\psuser_64.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_el.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_th.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_ur.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files\Google\Chrome\Temp\source2100_1010662632\Chrome-bin\109.0.5414.120\Locales\kn.pak C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_gu.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateOnDemand.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A N/A N/A
N/A N/A C:\Program Files\Google\Chrome\Application\109.0.5414.120\elevation_service.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Loads dropped DLL

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
N/A N/A N/A N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A N/A N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateOnDemand.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7E53D66F-70CE-41CD-97AF-ECB4FC7D0670} C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{FE908CDD-22BB-472A-9870-1A0390E42F36}\ = "IAppBundle" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.PolicyStatusMachine\CLSID\ = "{521FDB42-7130-4806-822A-FC5163FAD983}" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B3A47570-0A85-4AEA-8270-529D47899603}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{8476CE12-AE1F-4198-805C-BA0F9B783F57}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{27634814-8E41-4C35-8577-980134A96544}\ProxyStubClsid32\ = "{7E53D66F-70CE-41CD-97AF-ECB4FC7D0670}" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DAB1D343-1B2A-47F9-B445-93DC50704BFE}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{598FE0E5-E02D-465D-9A9D-37974A28FD42} C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\.pdf\OpenWithProgids C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3D05F64F-71E3-48A5-BF6B-83315BC8AE1F}\ = "IAppCommand2" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{9B2340A0-4068-43D6-B404-32E27217859D}\ = "Google Update Core Class" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.Update3COMClassService.1.0\CLSID\ = "{4EB61BAC-A3B6-4760-9581-655041EF4D69}" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{4EB61BAC-A3B6-4760-9581-655041EF4D69} C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28} C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{2E629606-312A-482F-9B12-2C4ABF6F0B6D}\ = "ICoCreateAsyncStatus" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D106AB5F-A70E-400E-A21B-96208C1D8DBB}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.OnDemandCOMClassMachine\ = "Google Update Broker Class Factory" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8476CE12-AE1F-4198-805C-BA0F9B783F57}\NumMethods\ = "11" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{494B20CF-282E-4BDD-9F5D-B70CB09D351E}\NumMethods\ = "8" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.Update3WebSvc\CurVer\ = "GoogleUpdate.Update3WebSvc.1.0" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{BCDCB538-01C0-46D1-A6A7-52F4D021C272}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DD42475D-6D46-496A-924E-BD5630B4CBBA}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{76F7B787-A67C-4C73-82C7-31F5E3AABC5C}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{247954F9-9EDC-4E68-8CC3-150C2B89EADF}\ = "ICurrentState" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\ChromeHTML\Application\ApplicationName = "Google Chrome" C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1C642CED-CA3B-4013-A9DF-CA6CE5FF6503}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{34527502-D3DB-4205-A69B-789B27EE0414}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25461599-633D-42B1-84FB-7CD68D026E53} C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{49D7563B-2DDB-4831-88C8-768A53833837}\ProxyStubClsid32\ = "{7E53D66F-70CE-41CD-97AF-ECB4FC7D0670}" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B3A47570-0A85-4AEA-8270-529D47899603}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.CoCreateAsync.1.0\ = "CoCreateAsync" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{7E53D66F-70CE-41CD-97AF-ECB4FC7D0670}\InProcServer32 C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{25461599-633D-42B1-84FB-7CD68D026E53} C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{27634814-8E41-4C35-8577-980134A96544}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B3A47570-0A85-4AEA-8270-529D47899603}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{31AC3F11-E5EA-4A85-8A3D-8E095A39C27B}\ = "IGoogleUpdate" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{7E53D66F-70CE-41CD-97AF-ECB4FC7D0670}\ = "PSFactoryBuffer" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{D106AB5F-A70E-400E-A21B-96208C1D8DBB} C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{76F7B787-A67C-4C73-82C7-31F5E3AABC5C} C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{494B20CF-282E-4BDD-9F5D-B70CB09D351E}\ProxyStubClsid32\ = "{7E53D66F-70CE-41CD-97AF-ECB4FC7D0670}" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{4DE778FE-F195-4EE3-9DAB-FE446C239221}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1C642CED-CA3B-4013-A9DF-CA6CE5FF6503}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.OnDemandCOMClassMachineFallback\ = "Google Update Legacy On Demand" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{ADDF22CF-3E9B-4CD7-9139-8169EA6636E4}\Elevation\IconReference = "@C:\\Program Files (x86)\\Google\\Update\\1.3.36.82\\goopdate.dll,-1004" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.Update3WebSvc\ = "GoogleUpdate Update3Web" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{534F5323-3569-4F42-919D-1E1CF93E5BF6} C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{494B20CF-282E-4BDD-9F5D-B70CB09D351E} C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6F8BD55B-E83D-4A47-85BE-81FFA8057A69}\LOCALSERVER32 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{247954F9-9EDC-4E68-8CC3-150C2B89EADF}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{E225E692-4B47-4777-9BED-4FD7FE257F0E}\VersionIndependentProgID\ = "GoogleUpdate.CoreClass" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{31AC3F11-E5EA-4A85-8A3D-8E095A39C27B} C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4DE778FE-F195-4EE3-9DAB-FE446C239221}\ = "IAppCommand" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{6DB17455-4E85-46E7-9D23-E555E4B005AF}\ProxyStubClsid32\ = "{7E53D66F-70CE-41CD-97AF-ECB4FC7D0670}" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{9465B4B4-5216-4042-9A2C-754D3BCDC410}\LocalService = "gupdatem" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2E629606-312A-482F-9B12-2C4ABF6F0B6D}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{8476CE12-AE1F-4198-805C-BA0F9B783F57}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B3A47570-0A85-4AEA-8270-529D47899603}\ = "ICredentialDialog" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{F63F6F8B-ACD5-413C-A44B-0409136D26CB}\ = "IPolicyStatus" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B3A47570-0A85-4AEA-8270-529D47899603}\ = "ICredentialDialog" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{6F8BD55B-E83D-4A47-85BE-81FFA8057A69}\VERSIONINDEPENDENTPROGID C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\Software\Classes\CLSID\{A2C6CB58-C076-425C-ACB7-6D19D64428CD} C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{128C2DA6-2BC0-44C0-B3F6-4EC22E647964}\ = "IProcessLauncher" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5B25A8DC-1780-4178-A629-6BE8B8DEFAA2}\NumMethods\ = "4" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{128C2DA6-2BC0-44C0-B3F6-4EC22E647964}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
Token: 33 N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe N/A
Token: SeIncBasePriorityPrivilege N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2156 wrote to memory of 2556 N/A C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe
PID 2156 wrote to memory of 2556 N/A C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe
PID 2156 wrote to memory of 2556 N/A C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe
PID 2156 wrote to memory of 2556 N/A C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe
PID 2156 wrote to memory of 2556 N/A C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe
PID 2156 wrote to memory of 2556 N/A C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe
PID 2156 wrote to memory of 2556 N/A C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe
PID 2556 wrote to memory of 1752 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 1752 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 1752 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 1752 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 1752 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 1752 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 1752 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 2024 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 2024 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 2024 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 2024 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 2024 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 2024 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 2024 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2024 wrote to memory of 792 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2024 wrote to memory of 792 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2024 wrote to memory of 792 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2024 wrote to memory of 792 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2024 wrote to memory of 688 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2024 wrote to memory of 688 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2024 wrote to memory of 688 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2024 wrote to memory of 688 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2024 wrote to memory of 1852 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2024 wrote to memory of 1852 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2024 wrote to memory of 1852 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2024 wrote to memory of 1852 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2556 wrote to memory of 1664 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 1664 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 1664 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 1664 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 1664 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 1664 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 1664 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 112 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 112 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 112 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 112 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 112 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 112 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2556 wrote to memory of 112 N/A C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2336 wrote to memory of 3052 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe
PID 2336 wrote to memory of 3052 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe
PID 2336 wrote to memory of 3052 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe
PID 2336 wrote to memory of 3052 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe
PID 3052 wrote to memory of 2100 N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe
PID 3052 wrote to memory of 2100 N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe
PID 3052 wrote to memory of 2100 N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe
PID 2100 wrote to memory of 2868 N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe
PID 2100 wrote to memory of 2868 N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe
PID 2100 wrote to memory of 2868 N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe
PID 2100 wrote to memory of 1724 N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe
PID 2100 wrote to memory of 1724 N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe
PID 2100 wrote to memory of 1724 N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe
PID 1724 wrote to memory of 2268 N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe
PID 1724 wrote to memory of 2268 N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe
PID 1724 wrote to memory of 2268 N/A C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe
PID 2336 wrote to memory of 2208 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Processes

C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe

"C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe"

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe" /installsource taggedmi /install "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={EC535EC6-5143-AE78-D2F2-7522CF92499B}&lang=zh-CN&browser=4&usagestats=0&appname=Google%20Chrome&needsadmin=prefers&ap=x64-stable-statsdef_1&installdataindex=empty"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /regsvc

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /regserver

C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4zNi44MiIgc2hlbGxfdmVyc2lvbj0iMS4zLjM2LjgxIiBpc21hY2hpbmU9IjEiIHNlc3Npb25pZD0iezNCRTJBRDAxLTA0N0UtNDhENy05OEI1LTREQTUzOTE2NkMzRn0iIGluc3RhbGxzb3VyY2U9InRhZ2dlZG1pIiByZXF1ZXN0aWQ9InsxRkQ5MDU2NC1GNjI5LTRFOTctQjIyNC03NEEyNDMxRUVBOEN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjYuMS43NjAxLjAiIHNwPSJTZXJ2aWNlIFBhY2sgMSIgYXJjaD0ieDY0Ii8-PGFwcCBhcHBpZD0iezQzMEZENEQwLUI3MjktNEY2MS1BQTM0LTkxNTI2NDgxNzk5RH0iIHZlcnNpb249IjEuMy4zNi4xNTEiIG5leHR2ZXJzaW9uPSIxLjMuMzYuODIiIGxhbmc9InpoLUNOIiBicmFuZD0iIiBjbGllbnQ9IiIgaWlkPSJ7RUM1MzVFQzYtNTE0My1BRTc4LUQyRjItNzUyMkNGOTI0OTlCfSI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgaW5zdGFsbF90aW1lX21zPSI4MjciLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /handoff "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={EC535EC6-5143-AE78-D2F2-7522CF92499B}&lang=zh-CN&browser=4&usagestats=0&appname=Google%20Chrome&needsadmin=prefers&ap=x64-stable-statsdef_1&installdataindex=empty" /installsource taggedmi /sessionid "{3BE2AD01-047E-48D7-98B5-4DA539166C3F}"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc

C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe

"C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\109.0.5414.120_chrome_installer.exe" --verbose-logging --do-not-launch-chrome --system-level /installerdata="C:\Windows\TEMP\gui5EB3.tmp"

C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe

"C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe" --install-archive="C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\CHROME.PACKED.7Z" --verbose-logging --do-not-launch-chrome --system-level /installerdata="C:\Windows\TEMP\gui5EB3.tmp"

C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe

"C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=109.0.5414.120 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x13fb01148,0x13fb01158,0x13fb01168

C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe

"C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe" --system-level --verbose-logging --create-shortcuts=2 --install-level=1

C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe

"C:\Program Files (x86)\Google\Update\Install\{D2EB02BF-E729-4435-AB63-91B2A46415A1}\CR_5C39D.tmp\setup.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler --database=C:\Windows\TEMP\Crashpad --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=109.0.5414.120 --initial-client-data=0x154,0x158,0x15c,0x128,0x160,0x13fb01148,0x13fb01158,0x13fb01168

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4zNi44MiIgc2hlbGxfdmVyc2lvbj0iMS4zLjM2LjgxIiBpc21hY2hpbmU9IjEiIHNlc3Npb25pZD0iezNCRTJBRDAxLTA0N0UtNDhENy05OEI1LTREQTUzOTE2NkMzRn0iIGluc3RhbGxzb3VyY2U9InRhZ2dlZG1pIiByZXF1ZXN0aWQ9Ins3NTIzN0UyNC01RjcwLTRGQzMtOTM2MS1DODkxMEU1MDYwOTN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjIiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjYuMS43NjAxLjAiIHNwPSJTZXJ2aWNlIFBhY2sgMSIgYXJjaD0ieDY0Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzQy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IjEwOS4wLjU0MTQuMTIwIiBhcD0ieDY0LXN0YWJsZS1zdGF0c2RlZl8xIiBsYW5nPSJ6aC1DTiIgYnJhbmQ9IiIgY2xpZW50PSIiIGluc3RhbGxhZ2U9IjExNyIgaWlkPSJ7RUM1MzVFQzYtNTE0My1BRTc4LUQyRjItNzUyMkNGOTI0OTlCfSIgY29ob3J0PSIxOjFnOHg6IiBjb2hvcnRuYW1lPSJXaW5kb3dzIDciPjxldmVudCBldmVudHR5cGU9IjkiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjAiLz48ZXZlbnQgZXZlbnR0eXBlPSI1IiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iMSIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgZG93bmxvYWRlcj0iYml0cyIgdXJsPSJodHRwOi8vZWRnZWRsLm1lLmd2dDEuY29tL2VkZ2VkbC9yZWxlYXNlMi9jaHJvbWUvY3phbzJocnZwazV3Z3Fya3o0a2tzNXI3MzRfMTA5LjAuNTQxNC4xMjAvMTA5LjAuNTQxNC4xMjBfY2hyb21lX2luc3RhbGxlci5leGUiIGRvd25sb2FkZWQ9IjkzMTIyNjAwIiB0b3RhbD0iOTMxMjI2MDAiIGRvd25sb2FkX3RpbWVfbXM9Ijk5NjgiLz48ZXZlbnQgZXZlbnR0eXBlPSIxIiBldmVudHJlc3VsdD0iMSIgZXJyb3Jjb2RlPSIwIiBleHRyYWNvZGUxPSIwIi8-PGV2ZW50IGV2ZW50dHlwZT0iNiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIvPjxldmVudCBldmVudHR5cGU9IjIiIGV2ZW50cmVzdWx0PSIxIiBlcnJvcmNvZGU9IjAiIGV4dHJhY29kZTE9IjE5NjcwNyIgc291cmNlX3VybF9pbmRleD0iMCIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjMzMDciIGRvd25sb2FkX3RpbWVfbXM9IjEwNjU0IiBkb3dubG9hZGVkPSI5MzEyMjYwMCIgdG90YWw9IjkzMTIyNjAwIiBpbnN0YWxsX3RpbWVfbXM9IjI3OTI0Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateOnDemand.exe

"C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateOnDemand.exe" -Embedding

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ondemand

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --from-installer

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=109.0.5414.120 --initial-client-data=0xc0,0xc4,0xc8,0x94,0xcc,0x7fef68e6b58,0x7fef68e6b68,0x7fef68e6b78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1128 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1352 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1444 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2036 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2044 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3048 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\109.0.5414.120\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\109.0.5414.120\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --use-gl=angle --use-angle=swiftshader-webgl --mojo-platform-channel-handle=1868 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --disable-gpu-compositing --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=1228 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3524 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1204 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3600 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3772 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3708 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3852 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3980 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3800 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1112 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1056 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=unzip.mojom.Unzipper --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1928 --field-trial-handle=1548,i,4092614301357547936,1319734468789511295,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 update.googleapis.com udp
GB 142.250.187.195:443 update.googleapis.com tcp
GB 142.250.187.195:443 update.googleapis.com tcp
US 8.8.8.8:53 accounts.google.com udp
US 8.8.8.8:53 clients2.google.com udp
NL 142.250.27.84:443 accounts.google.com tcp
GB 142.250.187.206:443 clients2.google.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.187.195:443 update.googleapis.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 play.google.com udp
GB 172.217.169.46:443 play.google.com tcp
US 8.8.8.8:53 update.googleapis.com udp
GB 142.250.187.195:443 update.googleapis.com tcp
GB 142.250.187.195:443 update.googleapis.com udp

Files

\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdate.exe

MD5 9a66a3de2589f7108426af37ab7f6b41
SHA1 12950d906ff703f3a1e0bd973fca2b433e5ab207
SHA256 a913415626433d5d0f07d3ec4084a67ff6f5138c3c3f64e36dd0c1ae4c423c65
SHA512 a4e81bffbfa4d3987a8c10cec5673fd0c8aecbb96104253731bfcab645090e631786ff7bde78607cbb2d242ee62051d41658059fcbbc4990c40dbb0fec66fcd6

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdate.dll

MD5 5e6dc676b85a50207cdf415152d931b6
SHA1 0a1dc7662919a6698fd284eac962791ae45d85f0
SHA256 ac655d1723ac9835c05ec9271388ac23d7981b954b1f0375b02d3d9614676cb5
SHA512 e822a4b9f8e6f9dc65de1024b285efeb774d314b64d608c80c4dd2d13523b43af0d82c4d130b1e14e677b74954a5723fed1170c024afdeea55682cedf90321b9

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_zh-CN.dll

MD5 411c1358ae7382f217f70da8c36831c3
SHA1 22992bd86a87583419012d182f613f252a941caa
SHA256 6e734350856231eb8a3fd190f5d3dfe139db71ce4b8e32129f15be9641623558
SHA512 269dce0f6a88ba24b7235fd0edae5b347f3fa9c8d32ddc9b936391ec35baedfe74e65fca0d2be7336921eb164a97cb9206a53fc788b0e2d2083ab7b90420a2d6

memory/2556-80-0x00000000002E0000-0x00000000002E1000-memory.dmp

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdateCore.exe

MD5 c394f4ca25e1f06070d7518fede6d621
SHA1 b98c244b75fd6322eb1b5ba244e9fa0a3388887b
SHA256 ec41c9b58f78bf2c564b3c9c291b62c94d983e33cec34102a206a1d859ab619f
SHA512 767e0511c726d9c63f875b06d23b24606beabdb1e38cf0b2f81a6dc5b650938bef2379d9cb104c796ca9562322acdb3edb3cad2dbe875601437646353cd0bb7c

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleCrashHandler64.exe

MD5 7bd9abfc8a31fd0ec1e674feb7ad2b5b
SHA1 1f466c4d5857a4d454780d87dea58d582ebed991
SHA256 af0d678cf5d4bdd7a364e95460eb46e94f67a5037f4e4ad28580282c22f17812
SHA512 4eae644ddfd8ad43255d5e87a07730e7f5277285bf47107855b5a6c736c33443c8ed058a931a222ee19a22d20143b6c5d25dcd43717fee875c03cddeebc02429

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleCrashHandler.exe

MD5 36cb86775385de4d906cc13b712486fc
SHA1 eb686b0067eb804c9120d25004c959f938d10f29
SHA256 6d67fc790835b85e7b14def65958d9b30e0f6e6bc6d4ead40960a3ca993353ed
SHA512 6668036c67186d408de51c41cb42c1c25efd1244e3c1f9466ffbd383acd44e1eb1ffb046ffc272fed058ee3b2a6caddccc4d2e5a206cd5a9f9b902d94637c98e

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_am.dll

MD5 38d05754a2769ebfa273a504d689f5d0
SHA1 7164a820b9c6539e1a10a820d76255640e822824
SHA256 f9785f026af490e2fccb492568f525f0fec19aa7154dd356607dd3f017271a87
SHA512 012a8bc31cc65b609976d1512200e836896292d0b28f4b7b0b41091f130787d74368afaefc7f467567c74ce26ff02b2661a0f80a3fca92094b1990e10974a6ff

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_ar.dll

MD5 365df593c2bc2b514854f019dde61e40
SHA1 bda25bd8c5133b5cefbccf7f4f077d751ef792e6
SHA256 86eead46a325521737024d0d5a98627123ff2483ab28dba3003adb0a9357a389
SHA512 1f98ecef06c3f1bcf8c1d3e8929b5584e1d81e5bccf1739f11d072c235988ff959c62b6c84918ed83700d1a922ce74dbc65f238dfd60c6db9e44b3b242c2439e

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_bg.dll

MD5 fcbf870832bb9009b1938f7e125d5d53
SHA1 358a691437dc96074cebf3a53e2e20566d9a165e
SHA256 8c4c5ad521fe7622741ee56df47c5816c972f101ad7b4a10d68eadcab4d23c1b
SHA512 3150d35f6b07239e3be75c30ac43921ad2b6c78bc8736aa175f4bf489ddd83906b6c51dcec760b7e184dfd75df7cd73eb5fc2ca6dd57f04d0dc96db0fcbada7b

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_bn.dll

MD5 8c4b478fe3821ac45cd134d92b8bac47
SHA1 7d08f0e91d0c5ced0ef9e346e8093fbc407bdd4c
SHA256 bba11848ad429873da1a3d32dc64b39bfbf2204217b37d3a951b8d4b71d8a1b9
SHA512 a9c82462e95f5265db717c410146d74376def92bf35c9fe4a80df4f830e55d4e192ec9104fd4ea155c0f29e7a96592c7a3bbbd6f6c4b786f38ced37d472e192e

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_ca.dll

MD5 09e3cb57ceb2819be59e82f0b29efb9a
SHA1 2cd2ee73aaaee65aaafb7f007f313762fa88e07f
SHA256 15b2834475621f43969f8cb40f84150dc508ced9bb57d1efc48b075c38419d6e
SHA512 49b4c4e22f42809e09e3468f48a7d93478eb7dbaf29c24ef5dd3ed8da387626f2d7bf7d90d5b9c284ad47861acd1ea2bbddc329e1611d559a87e24fb8d7e965b

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_cs.dll

MD5 2a9b6bee11e31d7e6e36b2b03e4f383b
SHA1 e8649b8532817605df62cef8f365a2e9381ec4d6
SHA256 0b6c449ea5e2f32fb297b39eec297d60ea5d85bf4dea7963bd7f981c0b9b6a3f
SHA512 ba31a0c27d1862c5ff1493b5627a5496e485f9b7976ab3cdf51ff6602726452f68cafa590b64879d12c728b010fb78de53f60d8396f7b57e62cb5ac5ec4fb2d8

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_de.dll

MD5 da46ebaf3961df89d355eaf6fa6268a4
SHA1 1b18e1fcea322cdbbdc5bb4dedc56dd383bca90c
SHA256 14b5f6c69c33c45246307609645a9400aeec8a4e4ddb8bf5cfc8cccc2621e5c4
SHA512 7cdf7b3a76ba91d3bf9b3993f3750ff4562eeb2ae7b9057a75f943b752a281d10d4086dfa3c0d9eb1a1351f2486090d7b65b8b2b498b5c214b0099d5c0f74911

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_el.dll

MD5 5b6853de481dbf7bb6b8633a26f3c4af
SHA1 3275d88d6145beb1bbf6f8253840b91bc86a6863
SHA256 b5f08551eb3171596224b4e198f1c884dd3f6b25634b87d7727ec84b1179c8f0
SHA512 19444fc8e94a2615ca99b142bb5611c1ed4952270c351c57986deea5a72bbc092d3e4fb5024c10d6268b39e777358e64bfda9d877be21d7891fe42e987e4d56c

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_en.dll

MD5 4f4b37c0e16050aa4f7f6b4d1feb44bf
SHA1 6f79df7f09795618d8c466436dabb3353086dc77
SHA256 72ecc90cf005dd570bcc1588162e6ea090834ec269264e0bb774e1e6f9eabef7
SHA512 b84d02fce7ad0ea02c3eb9fecbd68e604328cd9d2608bcb789859452926c2ca6cb9a198ac552d0249244c83b2fc203b752f30758507920c9a64cc81395ed59bb

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_en-GB.dll

MD5 9a8a2200ce8699c2be333012019cf7cb
SHA1 43d0fb262db6feca29366a7a4e0b4ac98f96a49e
SHA256 5f6e4ded5c15af9bab11794575c68992d2416d8cadfd584bf574dd949a6f1916
SHA512 232597c9921e76f8be895be25df14b7c7c3431eb5b9d245206b9e62671113327b5e5b3fe1de41bb4e6fa7cc8fdd126d422186b3f50e5686a63a9deb91c679afe

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_es.dll

MD5 0ba52f10a9b1563da8a6aad1ea860741
SHA1 4ac168f6413b6e792c17428c02e2407bffeb581a
SHA256 a73f0498e5fdfd99add448debf2a6018ba638851acd72279b31394be4c15bdf7
SHA512 80f3c6815a1fc0bf55f5f08d5526fb8a2fff4e3903a211b69b8bfdd5228952aa6b51b83c1011a3f12da779372fd56822fc0417bc798e86ef9c5a401519593a6c

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_da.dll

MD5 1599367d37d000dff381bc4b1e643ad5
SHA1 509ff6e8fea16f93290867389bb9fdb911915cf8
SHA256 c65fabb92fa027943f2d555b807ff34e816c0738fe920ea70d72a8d1efd280d7
SHA512 99397bb8245ed6009431800dfab136bd387892d8e140fdc99473b0c15e4e3692d39246c5c13ec2d8a645bc0f35eada9ed8c08e12e2057d1395034f9635b57b23

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\GoogleUpdateComRegisterShell64.exe

MD5 e8f2a11072991c7849f1b5a3b06e0b0e
SHA1 4f42773ce56e05406d086bc427936ae21fd46839
SHA256 eadaf98f6e10eddd93a5ae75f06016cb28c2c26d59a33c2db9c1a3324246dbb1
SHA512 e3e033158189f044fd24a1aeaadc27216c6b9bb38677fde87bf5c702bfa9d492f32b5a8565492e2c7fd5175fe8aeb63c951251c5f5207e95e09c0b7e854fd9ce

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_es-419.dll

MD5 85279c5d2242d2bf3f0be7b591045968
SHA1 34dfb454c905a038038e9322db899d4658329331
SHA256 369267a8613331fac8f4142f348e36ca74612342f79c787bdf1b7d075321a37c
SHA512 41f63ee1db5c3d56ecdeba45d944f9c5387bd9d4bc21062248b630b458bb4f995d32f6788bddcf7f1751f49a043604b3a921defd4e88193dddeb9d880d1b6b75

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_et.dll

MD5 563379d1bfce79af192d69be4ea6e174
SHA1 cccd55328a2cec7e73383bbdfa4138103e199985
SHA256 3b6db8fc9849acd2f7bef58e02b5bf3389610a6b80160d9524aa858130bcde1c
SHA512 f233c2675390bcf64fa203cc42fbdb79c0bf39fac108c8bb0d561e1c0a631d83dc44b9bc863879f82b92da91913a85333637385beacee6925810e3602cb20f00

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_fa.dll

MD5 684aaebfea848089c00067c35ada212b
SHA1 f274acf09755f8312822451bb42e15a12962c961
SHA256 eecb88f50af6fb8a8d1cfdc9634f51daa19bd2043ede11155f3aca0498002f08
SHA512 fb17021ed6d44d9fef25bf3c973c790d33bd86f8b3a34dcf299a841a1edea9515a9c7426bde5e83530a85396f05f8b184795b5fc78f1228b89ba06ac1406fc0a

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_fi.dll

MD5 d8e017c6822f8174ece2cf8eae7a0491
SHA1 46031ec2a7250b381ef9896c923e6c88bd7a3dcf
SHA256 bd68a0cfd99ad7bbc0113c402ce8496b12deed64cb70dceaf07f463bcfb4d1f9
SHA512 b05369498c740b0f1e838c930c8f0453fed4f86e134be1d17d904982df8a547dea9fa6f987a8a5f7e8bafbba296fae3a31264244926b8176200e1de8b042a37a

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_fil.dll

MD5 a59dee26777edd1c57bea14b86574677
SHA1 b15f3d311af6605f1a41489f5c284cc4877151f3
SHA256 1ab0025299074334b74000134698678f1baa1a5411aff2a7cf8e24bf55012794
SHA512 895c2a02441397651df09272372a26b099a0ab699ed1a29718a1a90d437dedc3eb1b46fffdde91767f2d2332ecd32c882f65469d8b7a1f857ff08f81d604c225

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_fr.dll

MD5 68407e546d792b1acb458f80584f7b3d
SHA1 2b1b704b32b71e704b6ddea92934a725394dd63b
SHA256 a1433572f2663564e78afd08b30c3b4d54e665de686472822dac9418f1c86f6f
SHA512 0922c52991edc9011ccd17910da82a5ccc33f741a998400862fba7587d0e48d340247bcf7bebd62fd000a70697405f90c138bde5c0756e069c19ad83c3b198bd

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_gu.dll

MD5 fd9ba30d9faecc531196ec3947af5bca
SHA1 f9e70f78bb184df133926ee7a9062365b500367d
SHA256 6849d9f5d4071a721f50f710b0368b9bdb3c11c8ca7af3ec20159c8cbbc7b080
SHA512 c9b1f076d285ceea3c8a5f70ef1f73208d6b4cfa47be797aef9f0cbc6e867756678b1223e9e073f953ac818ccd30f067828e1e95d37b1c539874e12951b47f6e

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_hu.dll

MD5 e3128bcf0e7158a2b7928638526d676c
SHA1 9e1cbd1a57c15c818f6f450eed0b98cb2ac4d83a
SHA256 9cb66703c17e759ba375918802d7024e464dc0b6ff27508e55134f6e175f4098
SHA512 222e47b25aa7444cf034c479b8f1b9a3e59d428331d36a89a39dbdb82915bc88061be7474c9371b808a33d58e00c37569d269c832e76ad684bd10b0512db6540

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_hr.dll

MD5 942d46bde19225a121050713fa4e7489
SHA1 00a7b54f512ecc1bde75151874ac2acd40c842b5
SHA256 d900010dcdaf794e4f9860095444098d333670e7f5b9fbf43d3c509ba00a0310
SHA512 d319599835215c4be56f6633d4500098780cb4f44fa4616dd1e68e910dc25d9ccae11782a80157588206960ea9452c3b1e01cf8085e5426cfff6851aa5c5f8a4

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_hi.dll

MD5 bd236e310ac09c204730c8d19c9cc9c8
SHA1 50d366ca989932c048b27d152a1aa14fb0e279a8
SHA256 5680d48172727c09337bf989a3dee0f3d208d50051da680e21e119ca638719ce
SHA512 187842cca331e99f15eb30748304ec9afc815af4b690aad72f10d66ee7720930ee1074744d54f3a92a450aa0b7c57d62dcb1646f34a7b6337b2775b91b83c084

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_id.dll

MD5 f96e860939d18c6d603b4397d616e284
SHA1 d4bd4cbe62f4a03ba685c4d95188e050e1bc2aee
SHA256 bd072d16830d713928202f4724efcad43ba7c6ac13054845325fb5b5b078cc32
SHA512 f52ead1a5c7dfe3ecfcba54a30e2d827983a56ffd20efd2a4da8ddf2a2be7a1bf6dc6e0b00e89f4b260df7ded2c900c91f1232a1938c81ab5dfdff52c4e41057

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_is.dll

MD5 cd14c40103fff4f09af4b17850055d9f
SHA1 dec6af9ec8a41b79578c08bafcbdc7b06808e569
SHA256 807c80aa1100a7c40b8e1cf8f94ad3b3d677e1fb34d0ed297c6d26197b9afd19
SHA512 88b0cf0174aa14827ae6e75aa4d1cdbd5e274ddbfbab18f0ed7f4f28e7c5febd9f245c1d2292f0a0f38731eec7892723cce070e75f31709a816eb3a2e129a636

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_it.dll

MD5 44eaff00934dd8c2dc8b85ee71a2d211
SHA1 6840488de77df1808355b78eb8595a1c642d0139
SHA256 76c6d0757ab872f7e4b7511ca560954807ab54a9b79c7f4dc09eeb7ab7aada22
SHA512 a7339546a4030a27c37b39c19924318f5903bc326eb024ce3f6eaed6dd8e794692e52095d2e78cd2b910ffe195f7e22d801ca56ddf0863c6be619d5d0419a616

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_iw.dll

MD5 dba251c2816ac398780dc82c71eccb7e
SHA1 4e7672200547e8bad5f79f08ec2306d5b38adc5a
SHA256 0e4577ee3dab91f4146b7adc930db6f5a6196b15088eaf85165f3cd3d5acc767
SHA512 c5a5b6d19cf608cbd55d5f49fe4f287ca39d1dc7a12fbc964170c648832215c7ad69a82b4576a34acb18f63a6b3566dea9291b0c39c616fc4ef41588f6a01c1a

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_ja.dll

MD5 5ace7c553818885d6d71ffa2f9493a86
SHA1 0680f7f1da209c16383c9223b7e0f993aaf68121
SHA256 e7194d8bf9f6f2a0e91a3614e189e664f18a4d3708efe247accc41a999ce1ea2
SHA512 1a886b516052b2ddfc832d4e5cb497f51f495be4fdeb3959d763c62323af40556795348b2df74140ddf2f5a5dcf9801009cd8ae7cc534e7078c95831bbe24293

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_kn.dll

MD5 9d17cd27cc1e85ff52e7334809d15e8a
SHA1 819b3ed2968babae154af83402bcd710c04bebf6
SHA256 b03327ef6b5ede5ab75c2f38c8d21253220c9a97d3e678930f574bfdad37abf2
SHA512 81203288d0c4ad9141ab6939ddb3c122cf8e079b617ae0f8cad63c3bb8ac0391a925daa362a898ad9fb92a7466cbfac7eba66decbc2f52b2344bcd3886865b6d

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_ko.dll

MD5 f4680f24cb49d6e4d60ea661dd5050d5
SHA1 f02bc71a6017c8c68ae430f617fdb596ff3da415
SHA256 f70bc35a85e9a17387dfb54990ff7fde87469b8b955d4a27d191f10bf09bdc73
SHA512 ef50ddb01294972281ebf7535d3a3c55642b3181ed28b422ad003d38ab4018ae6974744538bacc4da20128f6c70f29676dc803995a8afb38a9c11203e0f43c48

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_lt.dll

MD5 1fc15d6cd66af672888db7dbdb5424b9
SHA1 ad84f210ff0a73dc7a439969b915e4d8484a4eaf
SHA256 55a3cc193d9be9e066bd8d79e194fcef5a0b47e1fcfc66e1ae861f509cfddb8e
SHA512 a1f37897056416f498f4290f21f34fc9f268280a39c99a0a94e8c4f7dcb05da1c0f88000aff3d8582ed1a00507bea05959f0ba7e7098bdcb055beffc897d8e46

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_lv.dll

MD5 a5c9593d96ea6a7cc51405ab5530885a
SHA1 7b9fce2fb990809530b4acb653544f27400ce6a9
SHA256 0f6d852fbaa2f379a119f82c9f73e1797515357ab84fd758d31f96f0700b44cb
SHA512 8bf5eb8f60e4b9c439007961c1c97680d10344cd224ff9c8df4d542d9b15d4cca110a9dabdea62faa049356c31aea5a9727c2c0372db5379b9a681b956ed47fc

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_ml.dll

MD5 e9ae14f275b9466b4abe1226f6e58edd
SHA1 d78d898a1ad8056a88e9b62f29828c147e6c9499
SHA256 003a2deb8fd80cf3133e9b885c3c5e193eca49357c6b184cdd459268a4ae5bab
SHA512 d2fda17280433e14e745780690b430824bb9637622c5a6fe9ba7a4ce2ff7300ef73b59bb05a903a28b671aeb234e0a81bbae73526f6ade9802c73344d67981e3

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_mr.dll

MD5 b83085d4048276a9b50fbe86b03adf43
SHA1 2676798d1b4618e3e368c0e134d0447bb401fe3c
SHA256 ec1cf480fa641e4dd357e9ba40dbda77cd2308290d3a1352c9276e0238bbc879
SHA512 ae14270fd418e52c4f8e869fdeb705b65e7c4ea77806edf323f225a233ab6209df1f41e87da34f7d4e3a1d27e3684398d587d16fed9de1aa8c6d97f181b1cebc

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_nl.dll

MD5 cd9b4f820419fc45b44733043f0ea237
SHA1 304ec89bcc625d1247be6b10f24cab32bf82f42d
SHA256 eff3e26f862d5f7d7fe9f041c25bc1bd4d2cca99cf130c6d3a635646fb844d1c
SHA512 8d8884f4996e486a6519341144160a65303ceb83e6411e74847ec292a2b836096b6bb0ec08260b56d6beb9c043b63fa107c467aa2f3889f05a1d74015ab5810b

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_ms.dll

MD5 45377dbb953ebd20c910902a28a551e5
SHA1 4504b2914f0af6bb97d8f83ee038f422119cc475
SHA256 cb63efcf7a0ee6f90ae4f98d3f293167bb0abb6bcd7d7a98abdbcabf05a0b6ad
SHA512 28388943807be044e573982c08517257ace39e47f62276dc875733ea60c0966d91d626e7323875cc31d7373ee1b43d091ec1c7f246c5624b5912986d59b80260

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_no.dll

MD5 db9aeb7e97860331e138651a22e24d8f
SHA1 0b0f1e84e6880bada837c4375f866b7f3ed33cd3
SHA256 e61549000a3fa28169dfb2fc412b3cbcfb71365ebfca4a6548cace066d9ca64e
SHA512 d2ebfb92849082ce73bc7c96e2d815b6b231592f39d4d1a4a51b69d92b932a05415f45e478e043574138f3f624003d2d303a876073fca9f7e9eada3f6b185efd

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_pl.dll

MD5 c646d4096c79e17993b331b2e7eb0fe0
SHA1 96f53bd74844e9d324bfec8805716ffc1e9a5f67
SHA256 bb1534205d383b1063c86b035a4f9fcabeb62107d9df3856e677b00d6482f74c
SHA512 a4d35de99e0dbfe76f39605801077c1a6a5d69e4ff13576646f951a366c43ef0032babe7bf3e772df928886a564d082c0daa2c635606dd57e42c0d2b7723a90a

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_pt-BR.dll

MD5 0fcce0c0b470fbc5af1548e71ba45a58
SHA1 a424fad87682ba4f000053c449dd605292a4de60
SHA256 2e2061554b707078b2c5a722522d9bc044d35a3d699573f6714ba6fbc0a089f0
SHA512 a9ed2b9e4c86f01eb647e74364ae7c55384fb86b68ce82c74e8e1ec003d1a6e9681183dec34aa4ccb73f5cba5cee6d0704a86dcde19537c0e5a9dd5919f69c52

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_ro.dll

MD5 0ce5f79c84093cadd70de72ddfe62f30
SHA1 850c023ee8cfb67d0841e14acdf452b43a14d3cf
SHA256 26798bd5a47390777f96084623738ef4765c3e83196c57216644aaae3cfc1cb7
SHA512 441f2b5591873153f9b7543c3816ea897f530333fafcc3bfa9d04b41956c8e736174b7efae6cd90c2c19b148c74df46fa6e7b4c8e0aa2ad8256558bdb6aa2a0a

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_pt-PT.dll

MD5 fa41635c158b5b0b586072db4a878901
SHA1 96479ea156dc7d7710880e9b1caf550020d3cd3a
SHA256 8870c38ce5ae1d5e2b34623c67a27feb68bc60c0bbcb84f1f1ca6680af1f0501
SHA512 f1ee2658474bd02e1c3c3da8e207384e8011ab8860e425786218f342e67211ef5e09658886d8fa761993448073fdbdaa66b87714ec893e35fd7948ce21b37808

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_ru.dll

MD5 66ee9d39a2234f017d8cb7f3429b7895
SHA1 0687e3830bf823bb5102a13689bec80a77e9290b
SHA256 9045ead5bb252a66b3d5351da6d6f0a5d0c41354d07e0d7346783c371d1e26bf
SHA512 d7f79d7ff6780e7cc0460cb466bf0bd34174ee3cc7a9258b0a79b921b92a8c549d9b3f5a593246841162ea1affe609736397750c407dbf015eb289eefc0ab21a

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_sk.dll

MD5 4b078ea15f27ec10d5efc2266034d10b
SHA1 8c854acc9b59ced40dd0fb5c025a60b1ed3cd036
SHA256 4e7f079af3089d4515265a2c677ef90a0550e9d7610fe671246ab7a0fb6a016c
SHA512 a1e81a44889345045089767b3e26b5b72460ce1fcf404bcebacac7c748eea03ee91c04b53ae6d892541e3253fd18946d89a5f818892dae22a787197e182ff8b7

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_sl.dll

MD5 3c5089e53596a4da4afe806ad8dceb8f
SHA1 71483a85a5657b3464ac92cdcf197e1d8938328a
SHA256 be092384bf937833932810753229ce892385bdc04d7b74d4b98a5b65654ed399
SHA512 8c8ca4b5610cbc6b15fcb13d7e272aa14a9cde0583a6145d09ad30659bbcda74f449699a8b427bcabaddb1ec2108579ef813cbfe3bd1d7ab2d48bfab2f2a3ee8

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_sr.dll

MD5 294a50b5565de738b7ce94708f143189
SHA1 9a8fed6c538253b98074ac94c71899efa1524ea6
SHA256 69844673c7ab4a767403c331cd2a8b64ccbce8f42682125ac358aeeab4d0ac72
SHA512 083911704505e8b247d17aa06c8a3a8e47ff2f7a3af5bb7c34e838b0346ae103c8302e85bdb005b06df418fa719d5e04e65cc1d190ccc7f0a96975621f312a6b

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_sv.dll

MD5 aa33922ed44a0c30ba931bc19221f7ac
SHA1 e33f771cafc334118a4833d852664821ec81c90b
SHA256 51858094e3c64d3a91c0a5ef4755fdfab11c909acab70e7c1aae1e0ce467f48d
SHA512 05b707757b9bc4dd852754cf692511c60c26a1e010fdabde1cd00e34e40671e7fa3bc6b62330e75f932fed90054227c758bdeaac53b672838585d874ebdde913

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_sw.dll

MD5 a42c752f56b3f51f8d1ab6a50790e806
SHA1 d6fc4d6321a84ca376f4c8d479b03b32580772b0
SHA256 1d17cf6e3317a318a9054c871a0ba86e09769740b97b95dce85e4dc7a12122b5
SHA512 526c43f9e468684c282ec8826e785ccf24663225d297814fc35caa144e9cd18aa246f067c3e9ff4412d8d6e5605ce4ec544d9327fd1c70ae989b8705c5b9afa4

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_ta.dll

MD5 07c6464371241c979ce5efe1fe92900a
SHA1 2c3b60a3da8082145477496f4362f8a6ac5f295f
SHA256 7e0adc4fd460d8f0c3287bcb511f8545de3f176237cf158af3220422aa4aef78
SHA512 95e48a2a9dd0f81e7c400efc03b7d760f613195a55498128e5ba00a96b1e11f515271f5c8a87d0167a8ef45af48319d3153be8e15dd21eedd153da06135afa23

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_te.dll

MD5 db63e00192a60ec363e1fb29e7141601
SHA1 29bb8296f0481ae71795b9cc14f2d5a602dd1fe0
SHA256 6a8eaec8b0ac6e106f6274435a292cc2a497148ede852d5bb0956eaddf50782d
SHA512 7eed2025399cdf213a1bc453ca2e77ee77751eed32a1fe6331384a3415d3b72813b1545b9909f62a8149914cac4417bef4d555b656cfb50e19a3b15e0d30427c

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_th.dll

MD5 3b5cafe0e4a4a23fe38d567dcc78be64
SHA1 e6a24a444d12a71fe4450cba4c53c0c83355ca9e
SHA256 c311c3febcc34c0ecabac628c87d67db80c72b0abbc56b6a2c299c3282f983f7
SHA512 5dd94e168dfac4a74df43794b416213f5cb8dd3bc783a97bb1c422b03aaba0625c103693be3aa62845f11f9fd51101cef0e0851357f64996e943ddf0c4ea6653

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_tr.dll

MD5 2e1e12eb8bc61a8c1d588aa83290b6e9
SHA1 7f929c532eac310aa2dcfc04f4e42e8734f58a1e
SHA256 69f6641ca3101cdc82ce1fdf57d91ec8d7dbe734eea95aaac570e560728effe2
SHA512 9a14602d019fff7a995f7a8476acb53705c407d7d53187a3bd34c5a3c28db1f66d6cd29a2bbe67a45db2a6930c2c3fb8bc15142420407b2c97b3ecc3c66024a3

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_uk.dll

MD5 fe2aed1583898891045279d27d104d35
SHA1 8489d544ad1647711d2c2e41d49e5e8b43b1a208
SHA256 b9690c9af1b32adadbc8d4ff6ad21d8115707aa9e1e2d462aa7193d00385cfda
SHA512 54aad0a375de75be19fcebd096bad0eaf791da277f7a2c4d0cee9758f05b0dd4dbddcb64d0bd57286c8e4ce51f03460ef3fccfabef79746aca24256a3bac796a

C:\Program Files (x86)\Google\Temp\GUM1DAE.tmp\goopdateres_ur.dll

MD5 f1e5f5bb4fd58853b5e45a2c002c01a3
SHA1 d0a1be617b165fddd8fa5936b33fcf98147c5000
SHA256 625553e3e196c081b25adef1dd16f38f1983857cf3fa04dd19b0b5afcf161a15
SHA512 e79a2bcd960c89d44da28bfc4fc241d4136592b5ce553ff1f04a1b49f7c357da47e837d3ac070d59e7386e07542dfb246d209c644dc8a1950ed632a377069d77

C:\Program Files\Google\Chrome\Application\109.0.5414.120\Installer\setup.exe

MD5 b42b8ac29ee0a9c3401ac4e7e186282d
SHA1 69dfb1dd33cf845a1358d862eebc4affe7b51223
SHA256 19545e8376807bce8a430c37cab9731e85052103f769dd60a5da3d93ca68c6ec
SHA512 b5269e7392e77a0fa850049ff61e271c5aab90d546945b17a65cc2ea6420432ae56321e1e39cfd97ccdb3dfc37ddbd6ff77907f5685cc2323b8635c8cdb4a84f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\CURRENT

MD5 18e723571b00fb1694a3bad6c78e4054
SHA1 afcc0ef32d46fe59e0483f9a3c891d3034d12f32
SHA256 8af72f43857550b01eab1019335772b367a17a9884a7a759fdf4fe6f272b90aa
SHA512 43bb0af7d3984012d2d67ca6b71f0201e5b948e6fe26a899641c4c6f066c59906d468ddf7f1df5ea5fa33c2bc5ea8219c0f2c82e0a5c365ad7581b898a8859e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\trusted_vault.pb

MD5 3433ccf3e03fc35b634cd0627833b0ad
SHA1 789a43382e88905d6eb739ada3a8ba8c479ede02
SHA256 f7d5893372edaa08377cb270a99842a9c758b447b7b57c52a7b1158c0c202e6d
SHA512 21a29f0ef89fec310701dcad191ea4ab670edc0fc161496f7542f707b5b9ce619eb8b709a52073052b0f705d657e03a45be7560c80909e92ae7d5939ce688e9c

C:\Users\Admin\AppData\Local\Temp\scoped_dir2420_2121857760\8d4d32da-1206-4b0b-a98e-914e2f9d4ac4.tmp

MD5 541f52e24fe1ef9f8e12377a6ccae0c0
SHA1 189898bb2dcae7d5a6057bc2d98b8b450afaebb6
SHA256 81e3a4d43a73699e1b7781723f56b8717175c536685c5450122b30789464ad82
SHA512 d779d78a15c5efca51ebd6b96a7ccb6d718741bdf7d9a37f53b2eb4b98aa1a78bc4cfa57d6e763aab97276c8f9088940ac0476690d4d46023ff4bf52f3326c88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GCM Store\Encryption\000004.dbtmp

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Temp\scoped_dir2420_2121857760\CRX_INSTALL\_locales\en\messages.json

MD5 dbedf86fa9afb3a23dbb126674f166d2
SHA1 5628affbcf6f897b9d7fd9c17deb9aa75036f1cc
SHA256 c0945dd5fdecab40c45361bec068d1996e6ae01196dce524266d740808f753fe
SHA512 931d7ba6da84d4bb073815540f35126f2f035a71bfe460f3ccaed25ad7c1b1792ab36cd7207b99fddf5eaf8872250b54a8958cf5827608f0640e8aafe11e0071

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 feae4acc0dd42ca9513119fb618e8eb6
SHA1 c3a909c10140cd6a30756b43d9057cb4104bd271
SHA256 594ebde5e3126c80c8542b0c639eeca6adb11c24a2abd30306ad96d7ebc3ec7a
SHA512 779f0a9f9fc8112f62b012d35a1cb8a48143c9953f082c2d7c677d694787ef9a81bd8c1f5e81ba06d31835553af55678abad08415f1633919b89c4b342852c5d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0bd3fff334594da3fcb3dbb8f20e7877
SHA1 59334dc40bfdc5fbcae9090e6f656f68ef7e8989
SHA256 465db24757b340d5253cf237a84e6668cb2eaf98c041b31b97b25aeeebef0cc7
SHA512 afcf52d596dd6a80027845f1e6cc077cbd60348900f577164b1c9f54e9bf80377bf0d406675971abbc4d7cfb2e25d0eba7ea6dbaa40bb17ec3ef20deca67e67f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b08eb6e2e1a4561c80046e0c428aa311
SHA1 af60399f6c726a67d86637bf89d69ed9cb391918
SHA256 9c91899eef597653c3ad4d173c33fe71d0d8176633c889e8475c5eaefbf3c31c
SHA512 cd46412a3b95cf8ff46b9e45ec185911440e8f006f07b279302dcb1667ed41666318656cb478d8fc446204ba14ec5d6ce5b47dc9fb1e67cbba8d78345c9e23e2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 311275ab97e6943d1f5b482388aae0fc
SHA1 e3171469ebdc2142bcde397a38e0d63ccdb7abbd
SHA256 8a476cd89d2ef55335175ce7219d4ceebbd2789d9c6dfd89f9f2bdb359e4dcf8
SHA512 10c9f31e692c955bf0a0e6e95a9a5f783d3a3cea4f0e1b2076bf6afe4504a7e1e2a5940a427827dfa3b95562ecf2e77c43e95722e29416c5ca82143805f3424c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 69c56285b2a36495f783adb531451315
SHA1 f0d85e46d37a811678742276c9ce73758c76aa38
SHA256 b3c20fcd4583e8ea8949d2f47c10c8433dc0ac154b84f5c9508d622e682c4bcf
SHA512 8406a34c3a9e3caa24bb7f01b4619c5ec93951e45b744722ea93c1c180b24d8dd3c2f56648dca49f3696c82b0c7c359beee7ebcfcbcfdfa5c0962938653d6f00

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-18 11:39

Reported

2024-06-18 11:42

Platform

win10v2004-20240508-en

Max time kernel

104s

Max time network

113s

Command Line

"C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe"

Signatures

Event Triggered Execution: Image File Execution Options Injection

persistence
Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
Set value (int) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe\DisableExceptionChainValidation = "0" C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-1337824034-2731376981-3755436523-1000\Control Panel\International\Geo\Nation C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A

Event Triggered Execution: Component Object Model Hijacking

persistence privilege_escalation

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdateBroker.exe C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdateOnDemand.exe C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_pt-BR.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File opened for modification C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdate.exe C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_nl.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_fa.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ru.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdate.exe C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_am.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_en.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\psuser_64.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_ur.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_bg.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_et.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_no.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_th.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_vi.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_ms.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_uk.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_hr.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleCrashHandler64.exe C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_fr.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_lt.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdateCore.exe C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_cs.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_gu.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_hu.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_sk.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_sv.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_ca.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_mr.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\psmachine_64.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_hi.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_zh-CN.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_es.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_fil.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_es-419.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_pl.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_th.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ar.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_el.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_hr.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_zh-CN.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_fil.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ko.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_en.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_is.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_ja.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File opened for modification C:\Program Files (x86)\Google\Temp\GUT45D4.tmp C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_zh-TW.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_ar.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_fa.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleCrashHandler.exe C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_ru.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_sw.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\psuser.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_bn.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ta.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_iw.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Update\1.3.36.82\goopdateres_no.dll C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_am.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ja.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A
File created C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_mr.dll C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe N/A

Enumerates physical storage devices

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{9465B4B4-5216-4042-9A2C-754D3BCDC410} C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{084D78A8-B084-4E14-A629-A2C419B0E3D9}\NumMethods C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{247954F9-9EDC-4E68-8CC3-150C2B89EADF}\NumMethods\ = "24" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DAB1D343-1B2A-47F9-B445-93DC50704BFE}\ProxyStubClsid32\ = "{7E53D66F-70CE-41CD-97AF-ECB4FC7D0670}" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\GoogleUpdate.exe\AppID = "{9465B4B4-5216-4042-9A2C-754D3BCDC410}" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2E629606-312A-482F-9B12-2C4ABF6F0B6D}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{7E53D66F-70CE-41CD-97AF-ECB4FC7D0670}\ = "PSFactoryBuffer" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{04024D28-8474-4F2E-9DB6-C13CD459AAB6} C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{9465B4B4-5216-4042-9A2C-754D3BCDC410}\VersionIndependentProgID\ = "GoogleUpdate.OnDemandCOMClassSvc" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B3A47570-0A85-4AEA-8270-529D47899603}\NumMethods\ = "4" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32 C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{49D7563B-2DDB-4831-88C8-768A53833837}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{76F7B787-A67C-4C73-82C7-31F5E3AABC5C}\NumMethods\ = "41" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{DCAB8386-4F03-4DBD-A366-D90BC9F68DE6}\NumMethods C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{1C642CED-CA3B-4013-A9DF-CA6CE5FF6503} C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28} C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{C6271107-A214-4F11-98C0-3F16BC670D28}\InprocServer32\ThreadingModel = "Both" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2E629606-312A-482F-9B12-2C4ABF6F0B6D}\ProxyStubClsid32\ = "{7E53D66F-70CE-41CD-97AF-ECB4FC7D0670}" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{7DE94008-8AFD-4C70-9728-C6FBFFF6A73E}\ = "CoCreateAsync" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{76F7B787-A67C-4C73-82C7-31F5E3AABC5C}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{247954F9-9EDC-4E68-8CC3-150C2B89EADF}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{4E223325-C16B-4EEB-AEDC-19AA99A237FA}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{2D363682-561D-4C3A-81C6-F2F82107562A}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{27634814-8E41-4C35-8577-980134A96544} C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{27634814-8E41-4C35-8577-980134A96544}\ = "IPolicyStatusValue" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{128C2DA6-2BC0-44C0-B3F6-4EC22E647964}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1C642CED-CA3B-4013-A9DF-CA6CE5FF6503}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\AppID\{9465B4B4-5216-4042-9A2C-754D3BCDC410}\ = "ServiceModule" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{5B25A8DC-1780-4178-A629-6BE8B8DEFAA2}\ = "IBrowserHttpRequest2" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1C642CED-CA3B-4013-A9DF-CA6CE5FF6503}\NumMethods\ = "9" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{128C2DA6-2BC0-44C0-B3F6-4EC22E647964}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.PolicyStatusMachineFallback.1.0\ = "Google Update Policy Status Class" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DAB1D343-1B2A-47F9-B445-93DC50704BFE}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{9D6AA569-9F30-41AD-885A-346685C74928}\InprocServer32\ = "C:\\Program Files (x86)\\Google\\Update\\1.3.36.82\\psmachine_64.dll" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2D363682-561D-4C3A-81C6-F2F82107562A}\ = "IGoogleUpdate3WebSecurity" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.CredentialDialogMachine\CLSID\ = "{25461599-633D-42B1-84FB-7CD68D026E53}" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{31AC3F11-E5EA-4A85-8A3D-8E095A39C27B}\NumMethods C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{B3A47570-0A85-4AEA-8270-529D47899603}\ = "ICredentialDialog" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.CoreClass.1\ = "Google Update Core Class" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{27634814-8E41-4C35-8577-980134A96544}\ProxyStubClsid32\ = "{7E53D66F-70CE-41CD-97AF-ECB4FC7D0670}" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{1C642CED-CA3B-4013-A9DF-CA6CE5FF6503}\ = "IProgressWndEvents" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key deleted \REGISTRY\MACHINE\SOFTWARE\CLASSES\WOW6432NODE\CLSID\{6F8BD55B-E83D-4A47-85BE-81FFA8057A69}\ELEVATION C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{B3D28DBD-0DFA-40E4-8071-520767BADC7E}\LocalServer32 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.OnDemandCOMClassSvc.1.0\ = "Google Update Legacy On Demand" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{19692F10-ADD2-4EFF-BE54-E61C62E40D13}\ = "IJobObserver2" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{4E223325-C16B-4EEB-AEDC-19AA99A237FA}\ = "IRegistrationUpdateHook" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{4DE778FE-F195-4EE3-9DAB-FE446C239221}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{ABC01078-F197-4B0B-ADBC-CFE684B39C82}\ProgID C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{25461599-633D-42B1-84FB-7CD68D026E53}\ProgID C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{3D05F64F-71E3-48A5-BF6B-83315BC8AE1F} C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{084D78A8-B084-4E14-A629-A2C419B0E3D9}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{494B20CF-282E-4BDD-9F5D-B70CB09D351E}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2E629606-312A-482F-9B12-2C4ABF6F0B6D} C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{247954F9-9EDC-4E68-8CC3-150C2B89EADF} C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{2D363682-561D-4C3A-81C6-F2F82107562A}\ProxyStubClsid32\ = "{7E53D66F-70CE-41CD-97AF-ECB4FC7D0670}" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{DAB1D343-1B2A-47F9-B445-93DC50704BFE}\NumMethods\ = "4" C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{8476CE12-AE1F-4198-805C-BA0F9B783F57}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{F63F6F8B-ACD5-413C-A44B-0409136D26CB}\ = "IPolicyStatus" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{128C2DA6-2BC0-44C0-B3F6-4EC22E647964}\ProxyStubClsid32 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\Interface\{4DE778FE-F195-4EE3-9DAB-FE446C239221}\ = "IAppCommand" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\WOW6432Node\CLSID\{8A1D4361-2C08-4700-A351-3EAA9CBFF5E4}\ = "Google Update Broker Class Factory" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Classes\GoogleUpdate.CoreMachineClass\ = "Google Update Core Class" C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\Interface\{0CD01D1E-4A1C-489D-93B9-9B6672877C57}\NumMethods C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe N/A
Token: SeDebugPrivilege N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3664 wrote to memory of 364 N/A C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe
PID 3664 wrote to memory of 364 N/A C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe
PID 3664 wrote to memory of 364 N/A C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe
PID 364 wrote to memory of 1268 N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 364 wrote to memory of 1268 N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 364 wrote to memory of 1268 N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 364 wrote to memory of 2232 N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 364 wrote to memory of 2232 N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 364 wrote to memory of 2232 N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2232 wrote to memory of 2668 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2232 wrote to memory of 2668 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2232 wrote to memory of 4104 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2232 wrote to memory of 4104 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2232 wrote to memory of 2932 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 2232 wrote to memory of 2932 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe
PID 364 wrote to memory of 1768 N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 364 wrote to memory of 1768 N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 364 wrote to memory of 1768 N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 364 wrote to memory of 4120 N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 364 wrote to memory of 4120 N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 364 wrote to memory of 4120 N/A C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2128 wrote to memory of 2268 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2128 wrote to memory of 2268 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
PID 2128 wrote to memory of 2268 N/A C:\Program Files (x86)\Google\Update\GoogleUpdate.exe C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Processes

C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe

"C:\Users\Admin\AppData\Local\Temp\36d68d28ae786975674d8ee8fbf67a8c383d52f100df3fcaa16dec2aef88aa73.exe"

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe" /installsource taggedmi /install "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={EC535EC6-5143-AE78-D2F2-7522CF92499B}&lang=zh-CN&browser=4&usagestats=0&appname=Google%20Chrome&needsadmin=prefers&ap=x64-stable-statsdef_1&installdataindex=empty"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /regsvc

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /regserver

C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe

"C:\Program Files (x86)\Google\Update\1.3.36.82\GoogleUpdateComRegisterShell64.exe"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4zNi44MiIgc2hlbGxfdmVyc2lvbj0iMS4zLjM2LjgxIiBpc21hY2hpbmU9IjEiIHNlc3Npb25pZD0iezBGNUMwNjU2LUQ2M0EtNEJBMi04MjdBLUJCN0JENjBEM0FCM30iIGluc3RhbGxzb3VyY2U9InRhZ2dlZG1pIiByZXF1ZXN0aWQ9InswOTM4MEY4Qy02MzFFLTREMDEtQTYwQi02MDlFQTkyOTkzRUN9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjgiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0Ii8-PGFwcCBhcHBpZD0iezQzMEZENEQwLUI3MjktNEY2MS1BQTM0LTkxNTI2NDgxNzk5RH0iIHZlcnNpb249IjEuMy4zNi4xNTEiIG5leHR2ZXJzaW9uPSIxLjMuMzYuODIiIGxhbmc9InpoLUNOIiBicmFuZD0iIiBjbGllbnQ9IiIgaWlkPSJ7RUM1MzVFQzYtNTE0My1BRTc4LUQyRjItNzUyMkNGOTI0OTlCfSI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjEiIGVycm9yY29kZT0iMCIgZXh0cmFjb2RlMT0iMCIgaW5zdGFsbF90aW1lX21zPSI1NjIiLz48L2FwcD48L3JlcXVlc3Q-

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /handoff "appguid={8A69D345-D564-463C-AFF1-A69D9E530F96}&iid={EC535EC6-5143-AE78-D2F2-7522CF92499B}&lang=zh-CN&browser=4&usagestats=0&appname=Google%20Chrome&needsadmin=prefers&ap=x64-stable-statsdef_1&installdataindex=empty" /installsource taggedmi /sessionid "{0F5C0656-D63A-4BA2-827A-BB7BD60D3AB3}"

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /svc

C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

"C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /ping PD94bWwgdmVyc2lvbj0iMS4wIiBlbmNvZGluZz0iVVRGLTgiPz48cmVxdWVzdCBwcm90b2NvbD0iMy4wIiB1cGRhdGVyPSJPbWFoYSIgdXBkYXRlcnZlcnNpb249IjEuMy4zNi44MiIgc2hlbGxfdmVyc2lvbj0iMS4zLjM2LjgxIiBpc21hY2hpbmU9IjEiIHNlc3Npb25pZD0iezBGNUMwNjU2LUQ2M0EtNEJBMi04MjdBLUJCN0JENjBEM0FCM30iIGluc3RhbGxzb3VyY2U9InRhZ2dlZG1pIiByZXF1ZXN0aWQ9InszRUI4NUI4My0xNzA3LTQ3MTAtODFERi1ERUM4RkQzMTIxMkZ9IiBkZWR1cD0iY3IiIGRvbWFpbmpvaW5lZD0iMCI-PGh3IHBoeXNtZW1vcnk9IjgiIHNzZT0iMSIgc3NlMj0iMSIgc3NlMz0iMSIgc3NzZTM9IjEiIHNzZTQxPSIxIiBzc2U0Mj0iMSIgYXZ4PSIxIi8-PG9zIHBsYXRmb3JtPSJ3aW4iIHZlcnNpb249IjEwLjAuMTkwNDEuMTI4OCIgc3A9IiIgYXJjaD0ieDY0Ii8-PGFwcCBhcHBpZD0iezhBNjlEMzQ1LUQ1NjQtNDYzQy1BRkYxLUE2OUQ5RTUzMEY5Nn0iIHZlcnNpb249IiIgbmV4dHZlcnNpb249IiIgYXA9Ing2NC1zdGFibGUtc3RhdHNkZWZfMSIgbGFuZz0iemgtQ04iIGJyYW5kPSIiIGNsaWVudD0iIiBpbnN0YWxsYWdlPSI0MCIgaWlkPSJ7RUM1MzVFQzYtNTE0My1BRTc4LUQyRjItNzUyMkNGOTI0OTlCfSI-PGV2ZW50IGV2ZW50dHlwZT0iMiIgZXZlbnRyZXN1bHQ9IjAiIGVycm9yY29kZT0iLTIxNDcwMTI4ODkiIGV4dHJhY29kZTE9IjI2ODQzNTQ1OSIgdXBkYXRlX2NoZWNrX3RpbWVfbXM9IjU1MDk0Ii8-PC9hcHA-PC9yZXF1ZXN0Pg

Network

Country Destination Domain Proto
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 update.googleapis.com udp
US 8.8.8.8:53 update.googleapis.com udp

Files

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdate.exe

MD5 9a66a3de2589f7108426af37ab7f6b41
SHA1 12950d906ff703f3a1e0bd973fca2b433e5ab207
SHA256 a913415626433d5d0f07d3ec4084a67ff6f5138c3c3f64e36dd0c1ae4c423c65
SHA512 a4e81bffbfa4d3987a8c10cec5673fd0c8aecbb96104253731bfcab645090e631786ff7bde78607cbb2d242ee62051d41658059fcbbc4990c40dbb0fec66fcd6

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdate.dll

MD5 5e6dc676b85a50207cdf415152d931b6
SHA1 0a1dc7662919a6698fd284eac962791ae45d85f0
SHA256 ac655d1723ac9835c05ec9271388ac23d7981b954b1f0375b02d3d9614676cb5
SHA512 e822a4b9f8e6f9dc65de1024b285efeb774d314b64d608c80c4dd2d13523b43af0d82c4d130b1e14e677b74954a5723fed1170c024afdeea55682cedf90321b9

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_zh-CN.dll

MD5 411c1358ae7382f217f70da8c36831c3
SHA1 22992bd86a87583419012d182f613f252a941caa
SHA256 6e734350856231eb8a3fd190f5d3dfe139db71ce4b8e32129f15be9641623558
SHA512 269dce0f6a88ba24b7235fd0edae5b347f3fa9c8d32ddc9b936391ec35baedfe74e65fca0d2be7336921eb164a97cb9206a53fc788b0e2d2083ab7b90420a2d6

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdateCore.exe

MD5 c394f4ca25e1f06070d7518fede6d621
SHA1 b98c244b75fd6322eb1b5ba244e9fa0a3388887b
SHA256 ec41c9b58f78bf2c564b3c9c291b62c94d983e33cec34102a206a1d859ab619f
SHA512 767e0511c726d9c63f875b06d23b24606beabdb1e38cf0b2f81a6dc5b650938bef2379d9cb104c796ca9562322acdb3edb3cad2dbe875601437646353cd0bb7c

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_bg.dll

MD5 fcbf870832bb9009b1938f7e125d5d53
SHA1 358a691437dc96074cebf3a53e2e20566d9a165e
SHA256 8c4c5ad521fe7622741ee56df47c5816c972f101ad7b4a10d68eadcab4d23c1b
SHA512 3150d35f6b07239e3be75c30ac43921ad2b6c78bc8736aa175f4bf489ddd83906b6c51dcec760b7e184dfd75df7cd73eb5fc2ca6dd57f04d0dc96db0fcbada7b

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ur.dll

MD5 f1e5f5bb4fd58853b5e45a2c002c01a3
SHA1 d0a1be617b165fddd8fa5936b33fcf98147c5000
SHA256 625553e3e196c081b25adef1dd16f38f1983857cf3fa04dd19b0b5afcf161a15
SHA512 e79a2bcd960c89d44da28bfc4fc241d4136592b5ce553ff1f04a1b49f7c357da47e837d3ac070d59e7386e07542dfb246d209c644dc8a1950ed632a377069d77

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\psuser.dll

MD5 4e5d1f133d87fc4d129b5a32aea8e363
SHA1 69b91982a3fce6297025c221992e3ab7dfe31986
SHA256 75be2d68097f0141c011ec40555dc64884b0e7e41c38bbe8901c82d8ac16185f
SHA512 e67acb5af52669981f191d321187bd65cb808606596db8eecb0b44430a64f14f447624bbf440c206353ac3623345482aeaefe8ca26f9b0e3b8784b774340bb07

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_zh-TW.dll

MD5 63c74c5156dfb2fc839026c3578eaddf
SHA1 d63a0a2ac1d32986025ad5e2ea318cc9873efa99
SHA256 1706ec63d2371cc86d50b91794a2c831a80e2af26ee64c9f3f188239a78ccfb4
SHA512 0d06556db333bd0075da43d95d1fae68c844977498f08be0afa1fe421303e341d00aa94ba692b856abc96cdae71fafe0a397a0b3c0fb78edac01023f602f85d8

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_vi.dll

MD5 3a392bb4edd1fbff054d51f60774a2cb
SHA1 01b0370956e4d59e52303718317890dabbcdaa7d
SHA256 294cdb1ef59a2a63500dd99377780c36fb48527e8b7f5df4ee9ab883dc21fbe2
SHA512 92cc079b409a0ac10aa0d415b77e7e074d9414c0fc7b298170d0663956445d3c45ac9e7d2a9cb45d3fe93c26f21ded0944b4fe5e974f7c061858c4727bd21cfd

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_uk.dll

MD5 fe2aed1583898891045279d27d104d35
SHA1 8489d544ad1647711d2c2e41d49e5e8b43b1a208
SHA256 b9690c9af1b32adadbc8d4ff6ad21d8115707aa9e1e2d462aa7193d00385cfda
SHA512 54aad0a375de75be19fcebd096bad0eaf791da277f7a2c4d0cee9758f05b0dd4dbddcb64d0bd57286c8e4ce51f03460ef3fccfabef79746aca24256a3bac796a

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_tr.dll

MD5 2e1e12eb8bc61a8c1d588aa83290b6e9
SHA1 7f929c532eac310aa2dcfc04f4e42e8734f58a1e
SHA256 69f6641ca3101cdc82ce1fdf57d91ec8d7dbe734eea95aaac570e560728effe2
SHA512 9a14602d019fff7a995f7a8476acb53705c407d7d53187a3bd34c5a3c28db1f66d6cd29a2bbe67a45db2a6930c2c3fb8bc15142420407b2c97b3ecc3c66024a3

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_th.dll

MD5 3b5cafe0e4a4a23fe38d567dcc78be64
SHA1 e6a24a444d12a71fe4450cba4c53c0c83355ca9e
SHA256 c311c3febcc34c0ecabac628c87d67db80c72b0abbc56b6a2c299c3282f983f7
SHA512 5dd94e168dfac4a74df43794b416213f5cb8dd3bc783a97bb1c422b03aaba0625c103693be3aa62845f11f9fd51101cef0e0851357f64996e943ddf0c4ea6653

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_te.dll

MD5 db63e00192a60ec363e1fb29e7141601
SHA1 29bb8296f0481ae71795b9cc14f2d5a602dd1fe0
SHA256 6a8eaec8b0ac6e106f6274435a292cc2a497148ede852d5bb0956eaddf50782d
SHA512 7eed2025399cdf213a1bc453ca2e77ee77751eed32a1fe6331384a3415d3b72813b1545b9909f62a8149914cac4417bef4d555b656cfb50e19a3b15e0d30427c

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ta.dll

MD5 07c6464371241c979ce5efe1fe92900a
SHA1 2c3b60a3da8082145477496f4362f8a6ac5f295f
SHA256 7e0adc4fd460d8f0c3287bcb511f8545de3f176237cf158af3220422aa4aef78
SHA512 95e48a2a9dd0f81e7c400efc03b7d760f613195a55498128e5ba00a96b1e11f515271f5c8a87d0167a8ef45af48319d3153be8e15dd21eedd153da06135afa23

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_sw.dll

MD5 a42c752f56b3f51f8d1ab6a50790e806
SHA1 d6fc4d6321a84ca376f4c8d479b03b32580772b0
SHA256 1d17cf6e3317a318a9054c871a0ba86e09769740b97b95dce85e4dc7a12122b5
SHA512 526c43f9e468684c282ec8826e785ccf24663225d297814fc35caa144e9cd18aa246f067c3e9ff4412d8d6e5605ce4ec544d9327fd1c70ae989b8705c5b9afa4

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_sl.dll

MD5 3c5089e53596a4da4afe806ad8dceb8f
SHA1 71483a85a5657b3464ac92cdcf197e1d8938328a
SHA256 be092384bf937833932810753229ce892385bdc04d7b74d4b98a5b65654ed399
SHA512 8c8ca4b5610cbc6b15fcb13d7e272aa14a9cde0583a6145d09ad30659bbcda74f449699a8b427bcabaddb1ec2108579ef813cbfe3bd1d7ab2d48bfab2f2a3ee8

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_sk.dll

MD5 4b078ea15f27ec10d5efc2266034d10b
SHA1 8c854acc9b59ced40dd0fb5c025a60b1ed3cd036
SHA256 4e7f079af3089d4515265a2c677ef90a0550e9d7610fe671246ab7a0fb6a016c
SHA512 a1e81a44889345045089767b3e26b5b72460ce1fcf404bcebacac7c748eea03ee91c04b53ae6d892541e3253fd18946d89a5f818892dae22a787197e182ff8b7

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ro.dll

MD5 0ce5f79c84093cadd70de72ddfe62f30
SHA1 850c023ee8cfb67d0841e14acdf452b43a14d3cf
SHA256 26798bd5a47390777f96084623738ef4765c3e83196c57216644aaae3cfc1cb7
SHA512 441f2b5591873153f9b7543c3816ea897f530333fafcc3bfa9d04b41956c8e736174b7efae6cd90c2c19b148c74df46fa6e7b4c8e0aa2ad8256558bdb6aa2a0a

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_no.dll

MD5 db9aeb7e97860331e138651a22e24d8f
SHA1 0b0f1e84e6880bada837c4375f866b7f3ed33cd3
SHA256 e61549000a3fa28169dfb2fc412b3cbcfb71365ebfca4a6548cace066d9ca64e
SHA512 d2ebfb92849082ce73bc7c96e2d815b6b231592f39d4d1a4a51b69d92b932a05415f45e478e043574138f3f624003d2d303a876073fca9f7e9eada3f6b185efd

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_nl.dll

MD5 cd9b4f820419fc45b44733043f0ea237
SHA1 304ec89bcc625d1247be6b10f24cab32bf82f42d
SHA256 eff3e26f862d5f7d7fe9f041c25bc1bd4d2cca99cf130c6d3a635646fb844d1c
SHA512 8d8884f4996e486a6519341144160a65303ceb83e6411e74847ec292a2b836096b6bb0ec08260b56d6beb9c043b63fa107c467aa2f3889f05a1d74015ab5810b

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ms.dll

MD5 45377dbb953ebd20c910902a28a551e5
SHA1 4504b2914f0af6bb97d8f83ee038f422119cc475
SHA256 cb63efcf7a0ee6f90ae4f98d3f293167bb0abb6bcd7d7a98abdbcabf05a0b6ad
SHA512 28388943807be044e573982c08517257ace39e47f62276dc875733ea60c0966d91d626e7323875cc31d7373ee1b43d091ec1c7f246c5624b5912986d59b80260

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_mr.dll

MD5 b83085d4048276a9b50fbe86b03adf43
SHA1 2676798d1b4618e3e368c0e134d0447bb401fe3c
SHA256 ec1cf480fa641e4dd357e9ba40dbda77cd2308290d3a1352c9276e0238bbc879
SHA512 ae14270fd418e52c4f8e869fdeb705b65e7c4ea77806edf323f225a233ab6209df1f41e87da34f7d4e3a1d27e3684398d587d16fed9de1aa8c6d97f181b1cebc

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ml.dll

MD5 e9ae14f275b9466b4abe1226f6e58edd
SHA1 d78d898a1ad8056a88e9b62f29828c147e6c9499
SHA256 003a2deb8fd80cf3133e9b885c3c5e193eca49357c6b184cdd459268a4ae5bab
SHA512 d2fda17280433e14e745780690b430824bb9637622c5a6fe9ba7a4ce2ff7300ef73b59bb05a903a28b671aeb234e0a81bbae73526f6ade9802c73344d67981e3

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_lt.dll

MD5 1fc15d6cd66af672888db7dbdb5424b9
SHA1 ad84f210ff0a73dc7a439969b915e4d8484a4eaf
SHA256 55a3cc193d9be9e066bd8d79e194fcef5a0b47e1fcfc66e1ae861f509cfddb8e
SHA512 a1f37897056416f498f4290f21f34fc9f268280a39c99a0a94e8c4f7dcb05da1c0f88000aff3d8582ed1a00507bea05959f0ba7e7098bdcb055beffc897d8e46

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ko.dll

MD5 f4680f24cb49d6e4d60ea661dd5050d5
SHA1 f02bc71a6017c8c68ae430f617fdb596ff3da415
SHA256 f70bc35a85e9a17387dfb54990ff7fde87469b8b955d4a27d191f10bf09bdc73
SHA512 ef50ddb01294972281ebf7535d3a3c55642b3181ed28b422ad003d38ab4018ae6974744538bacc4da20128f6c70f29676dc803995a8afb38a9c11203e0f43c48

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_kn.dll

MD5 9d17cd27cc1e85ff52e7334809d15e8a
SHA1 819b3ed2968babae154af83402bcd710c04bebf6
SHA256 b03327ef6b5ede5ab75c2f38c8d21253220c9a97d3e678930f574bfdad37abf2
SHA512 81203288d0c4ad9141ab6939ddb3c122cf8e079b617ae0f8cad63c3bb8ac0391a925daa362a898ad9fb92a7466cbfac7eba66decbc2f52b2344bcd3886865b6d

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ja.dll

MD5 5ace7c553818885d6d71ffa2f9493a86
SHA1 0680f7f1da209c16383c9223b7e0f993aaf68121
SHA256 e7194d8bf9f6f2a0e91a3614e189e664f18a4d3708efe247accc41a999ce1ea2
SHA512 1a886b516052b2ddfc832d4e5cb497f51f495be4fdeb3959d763c62323af40556795348b2df74140ddf2f5a5dcf9801009cd8ae7cc534e7078c95831bbe24293

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_iw.dll

MD5 dba251c2816ac398780dc82c71eccb7e
SHA1 4e7672200547e8bad5f79f08ec2306d5b38adc5a
SHA256 0e4577ee3dab91f4146b7adc930db6f5a6196b15088eaf85165f3cd3d5acc767
SHA512 c5a5b6d19cf608cbd55d5f49fe4f287ca39d1dc7a12fbc964170c648832215c7ad69a82b4576a34acb18f63a6b3566dea9291b0c39c616fc4ef41588f6a01c1a

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_it.dll

MD5 44eaff00934dd8c2dc8b85ee71a2d211
SHA1 6840488de77df1808355b78eb8595a1c642d0139
SHA256 76c6d0757ab872f7e4b7511ca560954807ab54a9b79c7f4dc09eeb7ab7aada22
SHA512 a7339546a4030a27c37b39c19924318f5903bc326eb024ce3f6eaed6dd8e794692e52095d2e78cd2b910ffe195f7e22d801ca56ddf0863c6be619d5d0419a616

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_is.dll

MD5 cd14c40103fff4f09af4b17850055d9f
SHA1 dec6af9ec8a41b79578c08bafcbdc7b06808e569
SHA256 807c80aa1100a7c40b8e1cf8f94ad3b3d677e1fb34d0ed297c6d26197b9afd19
SHA512 88b0cf0174aa14827ae6e75aa4d1cdbd5e274ddbfbab18f0ed7f4f28e7c5febd9f245c1d2292f0a0f38731eec7892723cce070e75f31709a816eb3a2e129a636

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_id.dll

MD5 f96e860939d18c6d603b4397d616e284
SHA1 d4bd4cbe62f4a03ba685c4d95188e050e1bc2aee
SHA256 bd072d16830d713928202f4724efcad43ba7c6ac13054845325fb5b5b078cc32
SHA512 f52ead1a5c7dfe3ecfcba54a30e2d827983a56ffd20efd2a4da8ddf2a2be7a1bf6dc6e0b00e89f4b260df7ded2c900c91f1232a1938c81ab5dfdff52c4e41057

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_hu.dll

MD5 e3128bcf0e7158a2b7928638526d676c
SHA1 9e1cbd1a57c15c818f6f450eed0b98cb2ac4d83a
SHA256 9cb66703c17e759ba375918802d7024e464dc0b6ff27508e55134f6e175f4098
SHA512 222e47b25aa7444cf034c479b8f1b9a3e59d428331d36a89a39dbdb82915bc88061be7474c9371b808a33d58e00c37569d269c832e76ad684bd10b0512db6540

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_hr.dll

MD5 942d46bde19225a121050713fa4e7489
SHA1 00a7b54f512ecc1bde75151874ac2acd40c842b5
SHA256 d900010dcdaf794e4f9860095444098d333670e7f5b9fbf43d3c509ba00a0310
SHA512 d319599835215c4be56f6633d4500098780cb4f44fa4616dd1e68e910dc25d9ccae11782a80157588206960ea9452c3b1e01cf8085e5426cfff6851aa5c5f8a4

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_hi.dll

MD5 bd236e310ac09c204730c8d19c9cc9c8
SHA1 50d366ca989932c048b27d152a1aa14fb0e279a8
SHA256 5680d48172727c09337bf989a3dee0f3d208d50051da680e21e119ca638719ce
SHA512 187842cca331e99f15eb30748304ec9afc815af4b690aad72f10d66ee7720930ee1074744d54f3a92a450aa0b7c57d62dcb1646f34a7b6337b2775b91b83c084

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_gu.dll

MD5 fd9ba30d9faecc531196ec3947af5bca
SHA1 f9e70f78bb184df133926ee7a9062365b500367d
SHA256 6849d9f5d4071a721f50f710b0368b9bdb3c11c8ca7af3ec20159c8cbbc7b080
SHA512 c9b1f076d285ceea3c8a5f70ef1f73208d6b4cfa47be797aef9f0cbc6e867756678b1223e9e073f953ac818ccd30f067828e1e95d37b1c539874e12951b47f6e

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_fr.dll

MD5 68407e546d792b1acb458f80584f7b3d
SHA1 2b1b704b32b71e704b6ddea92934a725394dd63b
SHA256 a1433572f2663564e78afd08b30c3b4d54e665de686472822dac9418f1c86f6f
SHA512 0922c52991edc9011ccd17910da82a5ccc33f741a998400862fba7587d0e48d340247bcf7bebd62fd000a70697405f90c138bde5c0756e069c19ad83c3b198bd

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_fil.dll

MD5 a59dee26777edd1c57bea14b86574677
SHA1 b15f3d311af6605f1a41489f5c284cc4877151f3
SHA256 1ab0025299074334b74000134698678f1baa1a5411aff2a7cf8e24bf55012794
SHA512 895c2a02441397651df09272372a26b099a0ab699ed1a29718a1a90d437dedc3eb1b46fffdde91767f2d2332ecd32c882f65469d8b7a1f857ff08f81d604c225

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_fi.dll

MD5 d8e017c6822f8174ece2cf8eae7a0491
SHA1 46031ec2a7250b381ef9896c923e6c88bd7a3dcf
SHA256 bd68a0cfd99ad7bbc0113c402ce8496b12deed64cb70dceaf07f463bcfb4d1f9
SHA512 b05369498c740b0f1e838c930c8f0453fed4f86e134be1d17d904982df8a547dea9fa6f987a8a5f7e8bafbba296fae3a31264244926b8176200e1de8b042a37a

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_fa.dll

MD5 684aaebfea848089c00067c35ada212b
SHA1 f274acf09755f8312822451bb42e15a12962c961
SHA256 eecb88f50af6fb8a8d1cfdc9634f51daa19bd2043ede11155f3aca0498002f08
SHA512 fb17021ed6d44d9fef25bf3c973c790d33bd86f8b3a34dcf299a841a1edea9515a9c7426bde5e83530a85396f05f8b184795b5fc78f1228b89ba06ac1406fc0a

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_et.dll

MD5 563379d1bfce79af192d69be4ea6e174
SHA1 cccd55328a2cec7e73383bbdfa4138103e199985
SHA256 3b6db8fc9849acd2f7bef58e02b5bf3389610a6b80160d9524aa858130bcde1c
SHA512 f233c2675390bcf64fa203cc42fbdb79c0bf39fac108c8bb0d561e1c0a631d83dc44b9bc863879f82b92da91913a85333637385beacee6925810e3602cb20f00

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_es-419.dll

MD5 85279c5d2242d2bf3f0be7b591045968
SHA1 34dfb454c905a038038e9322db899d4658329331
SHA256 369267a8613331fac8f4142f348e36ca74612342f79c787bdf1b7d075321a37c
SHA512 41f63ee1db5c3d56ecdeba45d944f9c5387bd9d4bc21062248b630b458bb4f995d32f6788bddcf7f1751f49a043604b3a921defd4e88193dddeb9d880d1b6b75

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_es.dll

MD5 0ba52f10a9b1563da8a6aad1ea860741
SHA1 4ac168f6413b6e792c17428c02e2407bffeb581a
SHA256 a73f0498e5fdfd99add448debf2a6018ba638851acd72279b31394be4c15bdf7
SHA512 80f3c6815a1fc0bf55f5f08d5526fb8a2fff4e3903a211b69b8bfdd5228952aa6b51b83c1011a3f12da779372fd56822fc0417bc798e86ef9c5a401519593a6c

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_en-GB.dll

MD5 9a8a2200ce8699c2be333012019cf7cb
SHA1 43d0fb262db6feca29366a7a4e0b4ac98f96a49e
SHA256 5f6e4ded5c15af9bab11794575c68992d2416d8cadfd584bf574dd949a6f1916
SHA512 232597c9921e76f8be895be25df14b7c7c3431eb5b9d245206b9e62671113327b5e5b3fe1de41bb4e6fa7cc8fdd126d422186b3f50e5686a63a9deb91c679afe

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_el.dll

MD5 5b6853de481dbf7bb6b8633a26f3c4af
SHA1 3275d88d6145beb1bbf6f8253840b91bc86a6863
SHA256 b5f08551eb3171596224b4e198f1c884dd3f6b25634b87d7727ec84b1179c8f0
SHA512 19444fc8e94a2615ca99b142bb5611c1ed4952270c351c57986deea5a72bbc092d3e4fb5024c10d6268b39e777358e64bfda9d877be21d7891fe42e987e4d56c

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_sv.dll

MD5 aa33922ed44a0c30ba931bc19221f7ac
SHA1 e33f771cafc334118a4833d852664821ec81c90b
SHA256 51858094e3c64d3a91c0a5ef4755fdfab11c909acab70e7c1aae1e0ce467f48d
SHA512 05b707757b9bc4dd852754cf692511c60c26a1e010fdabde1cd00e34e40671e7fa3bc6b62330e75f932fed90054227c758bdeaac53b672838585d874ebdde913

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_sr.dll

MD5 294a50b5565de738b7ce94708f143189
SHA1 9a8fed6c538253b98074ac94c71899efa1524ea6
SHA256 69844673c7ab4a767403c331cd2a8b64ccbce8f42682125ac358aeeab4d0ac72
SHA512 083911704505e8b247d17aa06c8a3a8e47ff2f7a3af5bb7c34e838b0346ae103c8302e85bdb005b06df418fa719d5e04e65cc1d190ccc7f0a96975621f312a6b

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ru.dll

MD5 66ee9d39a2234f017d8cb7f3429b7895
SHA1 0687e3830bf823bb5102a13689bec80a77e9290b
SHA256 9045ead5bb252a66b3d5351da6d6f0a5d0c41354d07e0d7346783c371d1e26bf
SHA512 d7f79d7ff6780e7cc0460cb466bf0bd34174ee3cc7a9258b0a79b921b92a8c549d9b3f5a593246841162ea1affe609736397750c407dbf015eb289eefc0ab21a

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_pt-PT.dll

MD5 fa41635c158b5b0b586072db4a878901
SHA1 96479ea156dc7d7710880e9b1caf550020d3cd3a
SHA256 8870c38ce5ae1d5e2b34623c67a27feb68bc60c0bbcb84f1f1ca6680af1f0501
SHA512 f1ee2658474bd02e1c3c3da8e207384e8011ab8860e425786218f342e67211ef5e09658886d8fa761993448073fdbdaa66b87714ec893e35fd7948ce21b37808

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_pt-BR.dll

MD5 0fcce0c0b470fbc5af1548e71ba45a58
SHA1 a424fad87682ba4f000053c449dd605292a4de60
SHA256 2e2061554b707078b2c5a722522d9bc044d35a3d699573f6714ba6fbc0a089f0
SHA512 a9ed2b9e4c86f01eb647e74364ae7c55384fb86b68ce82c74e8e1ec003d1a6e9681183dec34aa4ccb73f5cba5cee6d0704a86dcde19537c0e5a9dd5919f69c52

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_pl.dll

MD5 c646d4096c79e17993b331b2e7eb0fe0
SHA1 96f53bd74844e9d324bfec8805716ffc1e9a5f67
SHA256 bb1534205d383b1063c86b035a4f9fcabeb62107d9df3856e677b00d6482f74c
SHA512 a4d35de99e0dbfe76f39605801077c1a6a5d69e4ff13576646f951a366c43ef0032babe7bf3e772df928886a564d082c0daa2c635606dd57e42c0d2b7723a90a

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_lv.dll

MD5 a5c9593d96ea6a7cc51405ab5530885a
SHA1 7b9fce2fb990809530b4acb653544f27400ce6a9
SHA256 0f6d852fbaa2f379a119f82c9f73e1797515357ab84fd758d31f96f0700b44cb
SHA512 8bf5eb8f60e4b9c439007961c1c97680d10344cd224ff9c8df4d542d9b15d4cca110a9dabdea62faa049356c31aea5a9727c2c0372db5379b9a681b956ed47fc

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_da.dll

MD5 1599367d37d000dff381bc4b1e643ad5
SHA1 509ff6e8fea16f93290867389bb9fdb911915cf8
SHA256 c65fabb92fa027943f2d555b807ff34e816c0738fe920ea70d72a8d1efd280d7
SHA512 99397bb8245ed6009431800dfab136bd387892d8e140fdc99473b0c15e4e3692d39246c5c13ec2d8a645bc0f35eada9ed8c08e12e2057d1395034f9635b57b23

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_cs.dll

MD5 2a9b6bee11e31d7e6e36b2b03e4f383b
SHA1 e8649b8532817605df62cef8f365a2e9381ec4d6
SHA256 0b6c449ea5e2f32fb297b39eec297d60ea5d85bf4dea7963bd7f981c0b9b6a3f
SHA512 ba31a0c27d1862c5ff1493b5627a5496e485f9b7976ab3cdf51ff6602726452f68cafa590b64879d12c728b010fb78de53f60d8396f7b57e62cb5ac5ec4fb2d8

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ca.dll

MD5 09e3cb57ceb2819be59e82f0b29efb9a
SHA1 2cd2ee73aaaee65aaafb7f007f313762fa88e07f
SHA256 15b2834475621f43969f8cb40f84150dc508ced9bb57d1efc48b075c38419d6e
SHA512 49b4c4e22f42809e09e3468f48a7d93478eb7dbaf29c24ef5dd3ed8da387626f2d7bf7d90d5b9c284ad47861acd1ea2bbddc329e1611d559a87e24fb8d7e965b

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_bn.dll

MD5 8c4b478fe3821ac45cd134d92b8bac47
SHA1 7d08f0e91d0c5ced0ef9e346e8093fbc407bdd4c
SHA256 bba11848ad429873da1a3d32dc64b39bfbf2204217b37d3a951b8d4b71d8a1b9
SHA512 a9c82462e95f5265db717c410146d74376def92bf35c9fe4a80df4f830e55d4e192ec9104fd4ea155c0f29e7a96592c7a3bbbd6f6c4b786f38ced37d472e192e

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_ar.dll

MD5 365df593c2bc2b514854f019dde61e40
SHA1 bda25bd8c5133b5cefbccf7f4f077d751ef792e6
SHA256 86eead46a325521737024d0d5a98627123ff2483ab28dba3003adb0a9357a389
SHA512 1f98ecef06c3f1bcf8c1d3e8929b5584e1d81e5bccf1739f11d072c235988ff959c62b6c84918ed83700d1a922ce74dbc65f238dfd60c6db9e44b3b242c2439e

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_am.dll

MD5 38d05754a2769ebfa273a504d689f5d0
SHA1 7164a820b9c6539e1a10a820d76255640e822824
SHA256 f9785f026af490e2fccb492568f525f0fec19aa7154dd356607dd3f017271a87
SHA512 012a8bc31cc65b609976d1512200e836896292d0b28f4b7b0b41091f130787d74368afaefc7f467567c74ce26ff02b2661a0f80a3fca92094b1990e10974a6ff

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleUpdateComRegisterShell64.exe

MD5 e8f2a11072991c7849f1b5a3b06e0b0e
SHA1 4f42773ce56e05406d086bc427936ae21fd46839
SHA256 eadaf98f6e10eddd93a5ae75f06016cb28c2c26d59a33c2db9c1a3324246dbb1
SHA512 e3e033158189f044fd24a1aeaadc27216c6b9bb38677fde87bf5c702bfa9d492f32b5a8565492e2c7fd5175fe8aeb63c951251c5f5207e95e09c0b7e854fd9ce

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleCrashHandler64.exe

MD5 7bd9abfc8a31fd0ec1e674feb7ad2b5b
SHA1 1f466c4d5857a4d454780d87dea58d582ebed991
SHA256 af0d678cf5d4bdd7a364e95460eb46e94f67a5037f4e4ad28580282c22f17812
SHA512 4eae644ddfd8ad43255d5e87a07730e7f5277285bf47107855b5a6c736c33443c8ed058a931a222ee19a22d20143b6c5d25dcd43717fee875c03cddeebc02429

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\GoogleCrashHandler.exe

MD5 36cb86775385de4d906cc13b712486fc
SHA1 eb686b0067eb804c9120d25004c959f938d10f29
SHA256 6d67fc790835b85e7b14def65958d9b30e0f6e6bc6d4ead40960a3ca993353ed
SHA512 6668036c67186d408de51c41cb42c1c25efd1244e3c1f9466ffbd383acd44e1eb1ffb046ffc272fed058ee3b2a6caddccc4d2e5a206cd5a9f9b902d94637c98e

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_en.dll

MD5 4f4b37c0e16050aa4f7f6b4d1feb44bf
SHA1 6f79df7f09795618d8c466436dabb3353086dc77
SHA256 72ecc90cf005dd570bcc1588162e6ea090834ec269264e0bb774e1e6f9eabef7
SHA512 b84d02fce7ad0ea02c3eb9fecbd68e604328cd9d2608bcb789859452926c2ca6cb9a198ac552d0249244c83b2fc203b752f30758507920c9a64cc81395ed59bb

C:\Program Files (x86)\Google\Temp\GUM45D3.tmp\goopdateres_de.dll

MD5 da46ebaf3961df89d355eaf6fa6268a4
SHA1 1b18e1fcea322cdbbdc5bb4dedc56dd383bca90c
SHA256 14b5f6c69c33c45246307609645a9400aeec8a4e4ddb8bf5cfc8cccc2621e5c4
SHA512 7cdf7b3a76ba91d3bf9b3993f3750ff4562eeb2ae7b9057a75f943b752a281d10d4086dfa3c0d9eb1a1351f2486090d7b65b8b2b498b5c214b0099d5c0f74911