Malware Analysis Report

2024-09-11 09:19

Sample ID 240623-wp2tqssbpj
Target us.txt
SHA256 f4682ac003ffe913d397b9f2f5d3a4e251feae26e704827e1f495d9240b17e20
Tags
score
3/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
3/10

SHA256

f4682ac003ffe913d397b9f2f5d3a4e251feae26e704827e1f495d9240b17e20

Threat Level: Likely benign

The file us.txt was found to be: Likely benign.

Malicious Activity Summary


Enumerates physical storage devices

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Modifies registry class

Opens file in notepad (likely ransom note)

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

MITRE ATT&CK Matrix V13

Initial Access
TA0001
Execution
TA0002
Persistence
TA0003
Privilege Escalation
TA0004
Defense Evasion
TA0005
Credential Access
TA0006
Discovery
TA0007
System Information Discovery
T1082
Query Registry
T1012
Lateral Movement
TA0008
Collection
TA0009
Exfiltration
TA0010
Command and Control
TA0011
Impact
TA0040
Resource Development
TA0042
Reconnaissance
TA0043

Analysis: static1

Detonation Overview

Reported

2024-06-23 18:06

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-23 18:06

Reported

2024-06-23 18:13

Platform

win11-20240611-en

Max time kernel

389s

Max time network

389s

Command Line

cmd /c C:\Users\Admin\AppData\Local\Temp\us.txt

Signatures

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133636396170993354" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1276817940-128734381-631578427-1000_Classes\Local Settings C:\Windows\system32\cmd.exe N/A

Opens file in notepad (likely ransom note)

ransomware
Description Indicator Process Target
N/A N/A C:\Windows\system32\NOTEPAD.EXE N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 5088 wrote to memory of 4784 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\NOTEPAD.EXE
PID 5088 wrote to memory of 4784 N/A C:\Windows\system32\cmd.exe C:\Windows\system32\NOTEPAD.EXE
PID 4908 wrote to memory of 3336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 3336 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 1640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 1640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4908 wrote to memory of 2412 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\cmd.exe

cmd /c C:\Users\Admin\AppData\Local\Temp\us.txt

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\AppData\Local\Temp\us.txt

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x10c,0x110,0x114,0xe8,0x118,0x7ffa596dab58,0x7ffa596dab68,0x7ffa596dab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1520 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2108 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2188 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3052 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3104 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4224 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4376 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4528 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4412 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4764 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4896 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4912 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=2440 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4880 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4900 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=4492 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4924 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5044 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5228 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5428 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=5368 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:1

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5672 --field-trial-handle=1760,i,9010718235512015705,3886218678483694799,131072 /prefetch:8

Network

Country Destination Domain Proto
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com tcp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 227.212.58.216.in-addr.arpa udp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
GB 142.250.187.238:443 consent.google.com udp
GB 142.250.187.238:443 consent.google.com tcp
N/A 224.0.0.251:5353 udp
GB 142.250.187.196:443 www.google.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
RU 176.99.128.9:443 dropmefile.com tcp
RU 176.99.128.9:443 dropmefile.com tcp
RU 176.99.128.9:443 dropmefile.com tcp
RU 176.99.128.9:80 dropmefile.com tcp
RU 176.99.128.9:80 dropmefile.com tcp
RU 176.99.128.9:80 dropmefile.com tcp
GB 142.250.179.238:443 play.google.com udp
RU 176.99.128.18:443 dropmefile.com tcp
RU 176.99.128.18:443 dropmefile.com tcp
RU 176.99.128.18:443 dropmefile.com tcp
RU 176.99.128.18:80 dropmefile.com tcp
RU 176.99.128.18:80 dropmefile.com tcp
RU 176.99.128.18:80 dropmefile.com tcp
US 52.111.227.14:443 tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
RU 176.99.128.38:443 dropmefile.com tcp
RU 176.99.128.38:443 dropmefile.com tcp
RU 176.99.128.38:443 dropmefile.com tcp
RU 176.99.128.38:80 dropmefile.com tcp
RU 176.99.128.38:80 dropmefile.com tcp
RU 176.99.128.38:80 dropmefile.com tcp
GB 142.250.179.238:443 play.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.238:443 consent.google.com tcp
AT 18.66.27.23:443 dropmeafile.com tcp
AT 18.66.27.23:443 dropmeafile.com tcp
GB 142.250.187.238:443 consent.google.com tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 assets.lsdsoftware.com udp
US 151.101.129.229:443 cdn.jsdelivr.net tcp
GB 142.250.200.42:443 ajax.googleapis.com tcp
AT 18.66.27.10:443 assets.lsdsoftware.com tcp
US 8.8.8.8:53 10.27.66.18.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.201.106:443 content-autofill.googleapis.com udp
US 216.239.32.36:443 region1.google-analytics.com tcp
AT 18.66.27.23:443 dropmeafile.com tcp
US 23.19.69.193:443 support2.lsdsoftware.com tcp
US 8.8.8.8:53 14.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 36.32.239.216.in-addr.arpa udp
GB 92.123.128.152:443 tcp
IE 20.50.73.10:443 browser.pipe.aria.microsoft.com tcp
NL 23.62.61.194:443 r.bing.com tcp
NL 23.62.61.194:443 r.bing.com tcp
NL 23.62.61.194:443 r.bing.com tcp
NL 23.62.61.194:443 r.bing.com tcp
NL 23.62.61.194:443 r.bing.com tcp
NL 23.62.61.194:443 r.bing.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 12.173.189.20.in-addr.arpa udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 e2c57.gcp.gvt2.com udp
IT 35.219.224.178:443 e2c57.gcp.gvt2.com tcp
US 8.8.8.8:53 178.224.219.35.in-addr.arpa udp

Files

\??\pipe\crashpad_4908_XHSUACTVXLMYKKYV

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 185959840d80dd843877cc3c8b3d5304
SHA1 7ef6216c5586b791dc320277896927cbfedc3e40
SHA256 9ffc9b63a24c06ecfe55fca551610efcc8b25d1663ee31f4de24146b69527363
SHA512 725fc1ac35b66e64685aabf820e1e9dd53da72868c62572e8a6e5572066384059f73a998ec749097d6f88e311e20c1d2a558ae34edbd585352857b6a7b766dbf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5a731b648f3adf02516d46934d1b269d
SHA1 b1c7bfc5cb26da1ebbd96090cc7a66c6a920a78d
SHA256 0c2f38beb411d26c30ae1124baec026d7ba736937c850219c1a4031045e1d660
SHA512 9051621eefa2212112e502106702b7f2e81d5445c55796783dd67bddeb1d9cf54f5aaa0843ef0148555f040a45d78d05c210470ad04d325b878d4dc601ff87f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ed47d3ae74436e8c7aa999211509fd03
SHA1 b137eb9045324c3cf22795579b56cab8e6ce8e58
SHA256 1cc2505a88e99d88e58f53a149d4bcca7a572c91b742132638652b4616dc51d0
SHA512 2a5fc77486df17f2e12c709cc1f83397e0b46d86f32dccc1123a8f6c7a114db7df0e0282282793c438fe24a630891a9ee4520b25621a5c82068b3c56ceb44578

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 081c4aa5292d279891a28a6520fdc047
SHA1 c3dbb6c15f3555487c7b327f4f62235ddb568b84
SHA256 12cc87773068d1cd7105463287447561740be1cf4caefd563d0664da1f5f995f
SHA512 9a78ec4c2709c9f1b7e12fd9105552b1b5a2b033507de0c876d9a55d31678e6b81cec20e01cf0a9e536b013cdb862816601a79ce0a2bb92cb860d267501c0b69

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 0ede6d8de613b641cb606c10a5b3a549
SHA1 29227b412a3e62db6f7a5755429fd458114b1439
SHA256 fe55014a10a9ac9e3d4c83b873577c657edae0d4a4f893e335c41e3204154c99
SHA512 b26fc13ee684f536a4b75ffbc292025a3f6f2c231072e00b903dd3166edde6ff0c39ac4a08c2aa2a418b65fb61ef06b3a8605d798bb5eab0abc26fafaaac12ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5a4c44edaae8ab41f2d666983d4200a0
SHA1 518fb729b85580b7a182d31cec4672ad8beb8125
SHA256 5719bfe453680b57df01fcf010e7eb124fe622fcabac91f5c3b0c2f985d3ebb3
SHA512 1716de59439ab960b9f976063a3e2030a178defdf000d1ff9ab90c782a69f6d065f955d86b9bd8d253f2516a4398219ecb20f9168a772434a4835bbf58787b07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c8588e4f01ae69129dd22040e4a387ce
SHA1 c703d5e98e49d5954b453ee2c47f24ccefa8c7fe
SHA256 103914bf5d77a1e465e9ac519d89ac26bac52c1d187d6ab7e6553dd7fc4821ca
SHA512 ed6f6e16db0eab5a6df530720de427c00b0f8821b5df8a5c32611da31171d5b3b68ad376db095d5468ad783513a9b0e69f49df901d88db7fb59aa66110078dab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8cbe0602bd216355bf8249f436702573
SHA1 6723482573371d43f954cb427daaea99802841cc
SHA256 775764d4958616e593f2865137cdc2ceeec3578c10bc27002f6e6060efaefabc
SHA512 1e75548124ae31c560d3d7c37cced76b2b368f09f3fbec5e68ec8404deb270edee0a470a31f2078603a01f36b1bdeb9882c343c3cea3ed50b836e0ef0791c8ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 642a2f919c179ca6c9d5abdceab72e0c
SHA1 b62e63ee96aa3fc9a02a67678d6a50dd6c4a909a
SHA256 f0718180c9ef4d0fd1d850bfa48c52f5ec2466203c502b7855683927bc514f19
SHA512 c63219b597e352e42457fa650c136869f4f5da35126caa3ae1b57ff131e488d5a9f42fa7c032c41df3d6c4bbf848ff0070fce92bd0b257300b89c8fb019e2055

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0e4a7d33c2e554e98eabe43f5d3ba830
SHA1 767ae99bb692a29e6729b074bd4d177e86e4870a
SHA256 6ad3249e3d7e4bd0b3336d5068158f334e3da7069e6f99a17d76e3ebe2ba14e8
SHA512 fc0075c5d91e73245078c4dc2ad633641dc3aca0c4daa5f612c507cf6213101d34a52ed5ca4bdbe11f486d15d989a05249dc30c5532db62cd295fcb729813017

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a5e2331c67a36bc2c936b0538f2cd16d
SHA1 8c053a375b33997f62e3472369c092aca2618afa
SHA256 5ccadeb86c3f31f6f55568666335c043c1dc61ce681616a10663af7df63b6b4b
SHA512 2bbd3b11fbe829a846f195905272bda09a5160f5c05b72f7b22742ccc9305a11663de31edacdb7be4a549685fd01cc208bffbf399217e553cdc1c97ac3cd4ce1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da003d3c0f6405cb4833dedac68b3659
SHA1 a540d816a0719d9d31058b43ef97df294e5aeced
SHA256 f62f41255810730e0b51dd56863c67156a80ee2fc289f7217578db0499aa3ba1
SHA512 529bafa56e46c4bb4d06838e81bbce53009c0458c8a6f31424d695b584bdc9a0a5b827508710c35b2125231776cd072b7dbe01c6d741bbc285ddb51dd8a1023f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 961afd45d2387591d167a2dde52d1404
SHA1 6070a755c5220dc56afb05232332676954e5c4bc
SHA256 e878457ee3fe8e1d6d21839ebadd11dbf32802f412c0b1d8ff497adc36427a15
SHA512 c03f61b5757bbb87190a716e400af2ae7a8adb3d873f47f02f3ea959a207afc6aaf3e14bf5ecb84583c70c6cf1bfc7a69998818545e9f247ac996c42499a6913

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 ca56642bacd07f9a91dea68a9c1ac7ed
SHA1 b3e4b8be74de46587674e68ad4a513caffebc588
SHA256 bf9c082d7a5276a0f065d3eaca4e393f19e4a65682f16c3c49cfc9c524787498
SHA512 6479268edfd7dec4c6bad9123e8c422c71be7c97f26bccffbff2f404358c516b591eb085c17e4e7ad51573c9de7251841bcd8ece8fa8731ea31b6ebff8b24844

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 434b2096407b38bb00bb5a3195cc2c67
SHA1 8b4da60f599c94c764665de757a62e7d17e7a283
SHA256 d8969e8523c185b9ec71dd0bf6b75ec613940d07fb4a9a42a80a7c59132a7848
SHA512 1a108eb48d517f8d73d4877a31e3ac9b631b49a045e8067e0447ebbd17e17adc350b9b9c90c1a1c5e4b37375ba57a6778a900ae197b89231e504938c38d3071c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b8e4d5d4cddc0aa2032aedbfb1af9e1e
SHA1 46b8eb9b314376b40b56701ac5f7a57b912369d9
SHA256 da4842a435fed468ef2a4cb8076617db0b835ffe3f5526b9cbd57ec512c76927
SHA512 25065390f3ea35362df08a2b736613b5f1a58b4a0166fe5d64a968b32a540f749ef8819fde16fbc7cf08584a833dcaebeca462bd603fb89924a6f932fd1e1e1c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4055c8f0b9bbb27b4bb7f710f51aab89
SHA1 e22665bc8f5ebf9481508b215470324d3682b1c1
SHA256 8fcf21586976d4d0f33db9c5a1e223d0aac0bc242905f85d9c2d37ed7d9325be
SHA512 21e1922b9379dd72f78731a3e11c34a72b097ae29da0a0427f1e7d582657610439d1c032f6228784f677e55a71f1bb00cf49c247745082cc2b63856b5080b047

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 33a99e9ba39a3df81102e8a531daf28b
SHA1 2567e17b7bfb0a8c8a2a4196c632834b3d4934e5
SHA256 465c75e733e5364276e13052e7e09b835a10810e234cd5019f80df517e35b09f
SHA512 9f4f5fb037810a74890e59f643bc006f3f23c43b612429a19284266e2077d5555867b4916cd1fac3880d9b11d8b5f33dc7cbb09531f587d3f98a810527bc9832

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0462adaa319f7a703651e755dbef954d
SHA1 bd7fd0913e0fde1867afd043f8ffb1dd7e28d5cc
SHA256 c1228b83ccf6818efe8f2c104bdd9fbe8401ba9911e72a5e8043510582843df0
SHA512 3661159865d4e062889690babd0a572b7e294af55a78811f1b5090bbfb1ae527f4f5d8e28947349f2ef134fd8a3f6ae22b25bc282fb48a5ac54208a580188d60

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 e1ecdd1cca1c67e4e368dc72fac06a90
SHA1 45fb00491ae009affa95a2f548520a9ececd5783
SHA256 75d231b3ad47662e20e65288f3e60897b4db4e279111fe9aac90e4eb537acd9c
SHA512 913b11a3d8ab6510e09e74633927976f01d80317ce2d0bf6e984823b3ae7b3fdfa7ab0d93d41f926c4469ee9d4a0002e11a981df42daae62a00932ca85aff35a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 c7f2142f3cfb80c29bfdde95a917a1a6
SHA1 a2e98b8a055450dfd423dfe93c4704caa404d2b8
SHA256 de67dc8c738a80d91aa5aabbd3ab4b687f9b4c43764c8f324a033bc68aff858f
SHA512 c20cde8828a9c862073a632562e26bead036447aea88a9f7073120d765cf8c073ef1e57325ef8119c5bdf70b26275374c50317d48937778654d469e67cef7f51

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe59e96c.TMP

MD5 4c22b95a8fcf76199d7cc5ba1a9c1230
SHA1 3795ac434d6531c07f117e3943d4a1d7b40e74ad
SHA256 6e66400a9258ecb346641aed15a20e90893625db57df2340fe4bfc0996c3836a
SHA512 617b64c22ca5fd30c3cfefb473f44920c3a425e4b97f3be8606cd7510af6be1ea205716c2417e26046eb85279f076212192937327791d89e609f63a05d236aa0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 c9fd3b3ea3633f8872f525fddd8020d5
SHA1 e2088da2a1d58b33f57579f30803de7229706bec
SHA256 f9bc28f82270484ec293b85e076cfe3cca729532bac97b3d272757ad36f05537
SHA512 4c69c5fe4ef03ca634cab7523ebbdf8af3804c30d74ef69ec212a9efc34a3436562f5bd15c725de97ee5d9b682a4c5b47b4a81e27db59c651be949e1f66826d4