Analysis Overview
SHA256
ef7524d3b360d66dea74293d427dd93444a4aa1496dbd7f0ff0726f6da97893f
Threat Level: Likely malicious
The file o.txt was found to be: Likely malicious.
Malicious Activity Summary
Downloads MZ/PE file
Detects Pyinstaller
Enumerates system info in registry
Suspicious use of SendNotifyMessage
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Opens file in notepad (likely ransom note)
Modifies registry class
Checks SCSI registry key(s)
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-20 17:50
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-20 17:50
Reported
2024-06-20 17:53
Platform
win7-20240221-en
Max time kernel
121s
Max time network
121s
Command Line
Signatures
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Processes
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\o.txt
Network
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-20 17:50
Reported
2024-06-20 17:53
Platform
win10v2004-20240611-en
Max time kernel
149s
Max time network
150s
Command Line
Signatures
Downloads MZ/PE file
Detects Pyinstaller
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Checks SCSI registry key(s)
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 | C:\Windows\system32\taskmgr.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A | C:\Windows\system32\taskmgr.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133633794792998167" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-3665033694-1447845302-680750983-1000_Classes\Local Settings | C:\Windows\system32\taskmgr.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\o.txt
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=4416,i,6870419347051655189,5491911050420577193,262144 --variations-seed-version --mojo-platform-channel-handle=3776 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7fffe543ab58,0x7fffe543ab68,0x7fffe543ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1708 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2092 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2268 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3124 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3148 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4276 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4516 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4668 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=4620 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4284 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=3296 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4852 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=5060 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5416 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=5548 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6068 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6156 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5920 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4328 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=5724 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5160 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=5812 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5872 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4896 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5512 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5172 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5240 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:8
C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Windows\System32\w3kwab.exe
"C:\Windows\System32\w3kwab.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1796 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=2680 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=2572 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4624 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6360 --field-trial-handle=1668,i,16357392324640514385,7586818111285665628,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 209.205.72.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.32.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 95.221.229.192.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 232.168.11.51.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | files.fm | udp |
| US | 104.27.207.92:443 | files.fm | tcp |
| US | 104.27.207.92:443 | files.fm | tcp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 92.207.27.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 104.27.207.92:443 | files.fm | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | failiem.lv | udp |
| US | 8.8.8.8:53 | www.google.lv | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 104.26.9.8:443 | failiem.lv | tcp |
| BE | 64.233.166.154:443 | stats.g.doubleclick.net | tcp |
| GB | 172.217.16.227:443 | www.google.lv | tcp |
| US | 8.8.8.8:53 | securepubads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | stpd.cloud | udp |
| US | 8.8.8.8:53 | analytics.files.fm | udp |
| US | 8.8.8.8:53 | static.cloudflareinsights.com | udp |
| US | 104.18.31.49:443 | stpd.cloud | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | tcp |
| LV | 159.148.57.60:443 | analytics.files.fm | tcp |
| US | 104.16.79.73:443 | static.cloudflareinsights.com | tcp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 226.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.178.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.166.233.64.in-addr.arpa | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| BE | 64.233.166.154:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| GB | 142.250.200.34:443 | securepubads.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| BE | 64.233.166.154:443 | stats.g.doubleclick.net | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | id5-sync.com | udp |
| US | 8.8.8.8:53 | gum.criteo.com | udp |
| US | 8.8.8.8:53 | cdn.jsdelivr.net | udp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | script.4dex.io | udp |
| DE | 162.19.138.83:443 | id5-sync.com | tcp |
| US | 8.8.8.8:53 | 60.57.148.159.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 49.31.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.79.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 34.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | udp |
| US | 151.101.193.229:443 | cdn.jsdelivr.net | tcp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | prebid-stag.setupad.net | udp |
| US | 8.8.8.8:53 | prg.smartadserver.com | udp |
| US | 8.8.8.8:53 | adx.adform.net | udp |
| US | 8.8.8.8:53 | prebid.a-mo.net | udp |
| US | 8.8.8.8:53 | rtb.adxpremium.services | udp |
| US | 8.8.8.8:53 | mp.4dex.io | udp |
| US | 8.8.8.8:53 | bidder.criteo.com | udp |
| US | 8.8.8.8:53 | tlx.3lift.com | udp |
| NL | 145.40.97.67:443 | prebid.a-mo.net | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| DK | 37.157.2.230:443 | adx.adform.net | tcp |
| US | 104.18.34.178:443 | mp.4dex.io | tcp |
| US | 104.26.9.178:443 | prebid-stag.setupad.net | tcp |
| US | 104.26.9.178:443 | prebid-stag.setupad.net | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| NL | 89.149.192.193:443 | prg.smartadserver.com | tcp |
| NL | 178.250.1.8:443 | bidder.criteo.com | tcp |
| DE | 3.78.168.176:443 | tlx.3lift.com | tcp |
| NL | 178.250.1.11:443 | gum.criteo.com | tcp |
| US | 8.8.8.8:53 | lb.eu-1-id5-sync.com | udp |
| DE | 162.19.138.116:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | eb2.3lift.com | udp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | tcp |
| US | 104.26.9.169:443 | script.4dex.io | tcp |
| US | 8.8.8.8:53 | cadmus.script.ac | udp |
| US | 76.223.111.18:443 | eb2.3lift.com | tcp |
| US | 104.18.22.145:443 | cadmus.script.ac | tcp |
| DE | 162.19.138.83:443 | lb.eu-1-id5-sync.com | tcp |
| US | 8.8.8.8:53 | db3d2950d6c3b6b7b89ff6957b391b51.safeframe.googlesyndication.com | udp |
| US | 8.8.8.8:53 | static.criteo.net | udp |
| GB | 172.217.169.65:443 | db3d2950d6c3b6b7b89ff6957b391b51.safeframe.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | match.adsrvr.org | udp |
| NL | 178.250.1.3:443 | static.criteo.net | tcp |
| US | 8.8.8.8:53 | cm.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | px.ads.linkedin.com | udp |
| US | 8.8.8.8:53 | pr-bh.ybp.yahoo.com | udp |
| US | 8.8.8.8:53 | x.bidswitch.net | udp |
| US | 8.8.8.8:53 | sync.srv.stackadapt.com | udp |
| US | 35.71.131.137:443 | match.adsrvr.org | tcp |
| US | 13.107.42.14:443 | px.ads.linkedin.com | tcp |
| IE | 63.33.151.117:443 | pr-bh.ybp.yahoo.com | tcp |
| US | 54.147.209.196:443 | sync.srv.stackadapt.com | tcp |
| US | 54.147.209.196:443 | sync.srv.stackadapt.com | tcp |
| US | 54.147.209.196:443 | sync.srv.stackadapt.com | tcp |
| GB | 142.250.180.2:443 | cm.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | cm.g.doubleclick.net | tcp |
| GB | 142.250.180.2:443 | cm.g.doubleclick.net | tcp |
| NL | 35.214.149.91:443 | x.bidswitch.net | tcp |
| US | 8.8.8.8:53 | u.ipw.metadsp.co.uk | udp |
| NL | 35.214.132.90:443 | u.ipw.metadsp.co.uk | tcp |
| US | 8.8.8.8:53 | 11.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 229.193.101.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 169.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.34.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 178.9.26.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.97.40.145.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.140.106.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 193.192.149.89.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 230.2.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 176.168.78.3.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 8.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 116.138.19.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.111.223.76.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 145.22.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 194.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 65.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.1.250.178.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 137.131.71.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.42.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 117.151.33.63.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.209.147.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 91.149.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ssbsync-global.smartadserver.com | udp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| NL | 185.106.140.18:443 | rtb.adxpremium.services | tcp |
| NL | 81.17.55.123:443 | ssbsync-global.smartadserver.com | tcp |
| US | 8.8.8.8:53 | cm.adform.net | udp |
| DK | 37.157.6.243:443 | cm.adform.net | tcp |
| US | 8.8.8.8:53 | tpc.googlesyndication.com | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | tcp |
| US | 8.8.8.8:53 | 90.132.214.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 123.55.17.81.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 243.6.157.37.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 225.16.217.172.in-addr.arpa | udp |
| GB | 172.217.16.225:443 | tpc.googlesyndication.com | udp |
| US | 8.8.8.8:53 | adxbid.info | udp |
| US | 172.67.138.13:443 | adxbid.info | tcp |
| US | 8.8.8.8:53 | as.ck-ie.com | udp |
| US | 8.2.110.113:443 | as.ck-ie.com | tcp |
| US | 8.8.8.8:53 | 13.138.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | vid.vidoomy.com | udp |
| GB | 195.181.164.14:443 | vid.vidoomy.com | tcp |
| US | 8.8.8.8:53 | crt.sectigo.com | udp |
| US | 172.64.149.23:80 | crt.sectigo.com | tcp |
| US | 8.8.8.8:53 | ssum.casalemedia.com | udp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | tcp |
| US | 8.8.8.8:53 | vpaid.vidoomy.com | udp |
| GB | 195.181.164.19:443 | vpaid.vidoomy.com | tcp |
| US | 172.64.151.101:443 | ssum.casalemedia.com | udp |
| US | 8.8.8.8:53 | 113.110.2.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.164.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 101.151.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 23.149.64.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 19.164.181.195.in-addr.arpa | udp |
| US | 8.8.8.8:53 | user-sync.adxpremium.services | udp |
| US | 209.192.201.180:443 | user-sync.adxpremium.services | tcp |
| GB | 142.250.187.238:443 | clients2.google.com | tcp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 180.201.192.209.in-addr.arpa | udp |
| US | 8.8.8.8:53 | ads.pubmatic.com | udp |
| SE | 23.34.232.193:443 | ads.pubmatic.com | tcp |
| GB | 172.217.169.42:443 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | image6.pubmatic.com | udp |
| US | 8.8.8.8:53 | creativecdn.com | udp |
| GB | 185.64.190.78:443 | image6.pubmatic.com | tcp |
| NL | 185.184.8.90:443 | creativecdn.com | tcp |
| US | 8.8.8.8:53 | pixel.rubiconproject.com | udp |
| US | 8.8.8.8:53 | 193.232.34.23.in-addr.arpa | udp |
| NL | 69.173.156.149:443 | pixel.rubiconproject.com | tcp |
| US | 8.8.8.8:53 | ap.lijit.com | udp |
| IE | 54.229.249.83:443 | ap.lijit.com | tcp |
| US | 8.8.8.8:53 | 78.190.64.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.8.184.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 149.156.173.69.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.249.229.54.in-addr.arpa | udp |
| US | 8.8.8.8:53 | fv5-3.failiem.lv | udp |
| DE | 88.99.139.66:443 | fv5-3.failiem.lv | tcp |
| DE | 88.99.139.66:443 | fv5-3.failiem.lv | tcp |
| US | 8.8.8.8:53 | 13.227.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 66.139.99.88.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 18.31.95.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 74.15.31.184.in-addr.arpa | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | udp |
| LV | 159.148.57.60:443 | analytics.files.fm | tcp |
| US | 8.8.8.8:53 | fv1-3.failiem.lv | udp |
| LV | 87.110.219.224:443 | fv1-3.failiem.lv | tcp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| US | 8.8.8.8:53 | 224.219.110.87.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 83.210.23.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.214.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 11.179.89.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 43.58.199.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | tcp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| GB | 216.58.212.226:443 | googleads.g.doubleclick.net | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| LV | 159.148.57.60:443 | analytics.files.fm | tcp |
| GB | 142.250.200.3:443 | www.google.co.uk | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| BE | 64.233.166.154:443 | stats.g.doubleclick.net | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
Files
\??\pipe\crashpad_3948_XCBBGKTVQUHDODWO
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f3414bb8cd09b9af7b610557652e2633 |
| SHA1 | 404537aef2debb27434ccd7340aa0ccd6d74cde2 |
| SHA256 | f55e673c41c58734ba8dcf70376eacf4ecc7f204d41e7875ed43c32d786879d8 |
| SHA512 | 19ef1cc310454ec38e58d03fb05aa941a5d91ac473d7b841a30368ece6a54ed7cd2c7f586abeaad7ef4c60bf2092efc18e9d9929b7c6741677126357679f675b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c0fbeac68410d2b87138d6d8bb6f6742 |
| SHA1 | e64879c1b7a126fe5ed47e1e2f7b2cec9b9e77b6 |
| SHA256 | 76c47608a60b6e1cd61564560008cea4643897afb3069dad536b1fd19132c199 |
| SHA512 | 8eefb3b5c2fc6c754d212349edad63565d2851a68da7498cfe728a0a8db576de135e9aef5375edbca1badd79f91fd88dcf28fadb7206e3e049230dc73af5939e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7791fa8516b74798ab4c1236b1caefbe |
| SHA1 | a2a4a8e618a04284e95c19419f7999d43146ee5f |
| SHA256 | 4e7e46dd0ad48edcc2ccd36a3393410593cd6b6b77933bb19b8d97acee6a4763 |
| SHA512 | 3699c8b26b1a372b225d84876cad6bd1960294d73c65afc353171f837dfdfe638b2baab4439a67c033f56e32a5c75ae85a210bf19e89f786024dc76b9d0f40aa |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0c3e57244c239bbe91d6e5171e9cc2cd |
| SHA1 | d5384f9c9f12b5c4bc64f8773de018152a709f13 |
| SHA256 | 6087f8c023224bdd8875b8e247b476c53f8c9c6ed3a0d74e3dd58d390fa37767 |
| SHA512 | 23df8ff43a4c0637963f4d98d17c4751b4ec913ee4fbc62bb4bb84ae40d28f1dea84d148148b162ce4f7e424079e6eb081ca8163aaca48b35d04eeed2878c839 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | d9a0d5bb4317f79c3e4463202c51808d |
| SHA1 | 14e63cce8a5008a46b7123bfbe6eed51bbf8f4c0 |
| SHA256 | 6198d2afbaba0c781c67d060905bf49889266e17ec66a7de71d130cbc2c1300a |
| SHA512 | 221d229a8b20d26bd6423ac7cd6393c41f1bacfb6646c8b76c3d07497133e342b10cb87f254ee4ca3cbf384247c8f729777798a90007211925748efe829c159d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 18959f2e7f3307b8c418fe888866bb58 |
| SHA1 | 5f554f943320876dc1ac88ee67c73c3aed23a871 |
| SHA256 | 33392e153c1323ee2e79f01b38eecb1d1609cb737e626de647c6e9fa877315c3 |
| SHA512 | a07252784eb796c2e5ad4ed063ce93dfb65444a96730f49afd9fa08a5369eace950de3b347dc81a1ff87fa7ce11a7cd0b67c9018a7b13f14287487d9a42d597a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 0e8fa58d1ed7d5ccdb85a4ef50167b0a |
| SHA1 | c2daad7126621ac2d6d9f02037b1e37d852d9df1 |
| SHA256 | 838bb18cd604ab5a084fa485a55f11ec50c7d09d6b8cf1a7f0c267d9a27ad938 |
| SHA512 | 72f133474e12d7dfbefd9c97c243a257ca56f654ff4e151213fda28af38f065af798c1fdf7729fb381a123c60c2b59d3abcb7e9c36f2b6068eb59e22aab32a53 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 4ef5ec99a0072f69a2f2d905d32a0230 |
| SHA1 | 68700f99e478fe43bf4d70b103440f96440a6a14 |
| SHA256 | acc0ec3dd78d4aec4c71e75bcadd88aa6e27139db910b28d8a1fcee803d64e1d |
| SHA512 | e9433eb1d85230f6a2391ae2a844dd83cfefe79772045116b89a2501ba142f801c76aea51d5e92fb9b8c60d2bcd7e91585157718ce1c6d59d2963b656c326416 |
C:\Users\Admin\Downloads\SolaraBetaQB.exe
| MD5 | 7f5857c325382d087fca5ba1ee335219 |
| SHA1 | 5fdcce865adc1e4307823a5561c04f09df12b9fd |
| SHA256 | acc2934714f9e65e9565e42fe41b6bb6e06269da74769c346c1f3502d794548b |
| SHA512 | 4839e7fd1c5b91dd68ddf7983b7412a281b47e1517a17c94a5842a06b08a82063a0a6819f1a741d29ffa13474b37486b9e3dcaaa3e5e1501af651f57688e89f3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 5747e5c1a7f4284584dea7ad7329349b |
| SHA1 | 70f643b7e9f7687141b24fa1ddd3562cdecf6878 |
| SHA256 | cbe5f88a293021214bc2f4415eaf203d622beb12cd6dcbb1f5c623e730764b7a |
| SHA512 | 7b6d3fe03f5c79ade3f5208959f94d68ddc5663dd02f51b6163190e8d157fa089599da2187d52abdc4cf6c0d1ca3df4b6fdda4e6d014847159b312a2eebf03a1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 59f409dc50045a6c23ddbd774589d5b8 |
| SHA1 | 11f5d949ae51a167ce3c463fcd811805e0f4a780 |
| SHA256 | ebf5c361b59df5a9ef8b734b1e60119c2be5720f06a396f607c9db6d7c2ccef6 |
| SHA512 | c6b218d4ff69a3906ee8fae9548e1d0246977937a08d6ba9bf092cd2bb8f6a81843e745149a1e8bf1607240757f01c56d999dddb17cbfb7b1f5b106ac3e35555 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\37ed2910-4a43-42a3-a579-27681a857be8.tmp
| MD5 | e1fa216b0831f9c731151466c8a5c11d |
| SHA1 | 3c0c7c90028209b310fd982b4f0133f1027fcd2e |
| SHA256 | 39da95dc0ecd4fd569a188da602629373a65af135c3e4f7b61424fc3605b107b |
| SHA512 | f6ed428ca24058ba163f8de908d4becd3260bf4e10874a04c3f3af5c304b457e0bcbfd1fe87792f7fc6adc0f80ff27fcd20d8265e1905e531cac9d1c1e70199e |
memory/2060-327-0x00000177856D0000-0x00000177856D1000-memory.dmp
memory/2060-326-0x00000177856D0000-0x00000177856D1000-memory.dmp
memory/2060-325-0x00000177856D0000-0x00000177856D1000-memory.dmp
memory/2060-337-0x00000177856D0000-0x00000177856D1000-memory.dmp
memory/2060-336-0x00000177856D0000-0x00000177856D1000-memory.dmp
memory/2060-335-0x00000177856D0000-0x00000177856D1000-memory.dmp
memory/2060-334-0x00000177856D0000-0x00000177856D1000-memory.dmp
memory/2060-333-0x00000177856D0000-0x00000177856D1000-memory.dmp
memory/2060-332-0x00000177856D0000-0x00000177856D1000-memory.dmp
memory/2060-331-0x00000177856D0000-0x00000177856D1000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | cf09384e5b11af24b740e4d4edd2acd7 |
| SHA1 | 71febe9e56efc81d552e03f1f77bf0b74b76beb4 |
| SHA256 | dac1cf808f2c5426f4c18a9faa76e7232aba3dcad72fa47400fb0e50c80bc454 |
| SHA512 | f9897145c1a686d1bab1b8b160fbfa8196cc5a7c7ba5113d2e0925fb0ac3098915d4bd8eec0050ff085b8d085487be720bd1029db750b8b074258ab6e38a02d4 |