Analysis Overview
Threat Level: Known bad
The file https://erofanx.com was found to be: Known bad.
Malicious Activity Summary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Enumerates system info in registry
Modifies data under HKEY_USERS
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-06-26 19:35
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-26 19:35
Reported
2024-06-26 19:36
Platform
win10v2004-20240611-en
Max time kernel
100s
Max time network
101s
Command Line
Signatures
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133639041543935510" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: EnumeratesProcesses
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of WriteProcessMemory
Processes
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument https://erofanx.com
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffeba8b46f8,0x7ffeba8b4708,0x7ffeba8b4718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2060,8452794495375076019,7984272830302320864,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2072 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2060,8452794495375076019,7984272830302320864,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2316 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2060,8452794495375076019,7984272830302320864,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2548 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8452794495375076019,7984272830302320864,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3332 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8452794495375076019,7984272830302320864,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8452794495375076019,7984272830302320864,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4764 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,8452794495375076019,7984272830302320864,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5608 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2060,8452794495375076019,7984272830302320864,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5608 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8452794495375076019,7984272830302320864,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4172 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8452794495375076019,7984272830302320864,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4232 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8452794495375076019,7984272830302320864,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5136 /prefetch:1
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2060,8452794495375076019,7984272830302320864,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5164 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffeabceab58,0x7ffeabceab68,0x7ffeabceab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1752 --field-trial-handle=2028,i,17833403763004677368,6846239425805375257,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1980 --field-trial-handle=2028,i,17833403763004677368,6846239425805375257,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2268 --field-trial-handle=2028,i,17833403763004677368,6846239425805375257,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2996 --field-trial-handle=2028,i,17833403763004677368,6846239425805375257,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3048 --field-trial-handle=2028,i,17833403763004677368,6846239425805375257,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4364 --field-trial-handle=2028,i,17833403763004677368,6846239425805375257,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4460 --field-trial-handle=2028,i,17833403763004677368,6846239425805375257,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4500 --field-trial-handle=2028,i,17833403763004677368,6846239425805375257,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4720 --field-trial-handle=2028,i,17833403763004677368,6846239425805375257,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3776 --field-trial-handle=2028,i,17833403763004677368,6846239425805375257,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4520 --field-trial-handle=2028,i,17833403763004677368,6846239425805375257,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffeabceab58,0x7ffeabceab68,0x7ffeabceab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1680 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1920 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1944 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3076 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3084 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4356 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4492 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4512 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4608 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4844 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4980 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5024 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4832 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=4908 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4340 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=3352 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3080 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2216 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5192 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=4772 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2216 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4384 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=2188 --field-trial-handle=2340,i,1258985438169018544,4332263093785869930,131072 /prefetch:1
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | erofanx.com | udp |
| UA | 176.114.1.160:443 | erofanx.com | tcp |
| US | 8.8.8.8:53 | 160.1.114.176.in-addr.arpa | udp |
| US | 8.8.8.8:53 | blocklist.net.ua | udp |
| UA | 91.234.35.0:443 | blocklist.net.ua | tcp |
| US | 8.8.8.8:53 | 104.219.191.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 80.90.14.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 233.38.18.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 0.35.234.91.in-addr.arpa | udp |
| UA | 91.234.35.0:443 | blocklist.net.ua | tcp |
| UA | 91.234.35.0:443 | blocklist.net.ua | tcp |
| UA | 91.234.35.0:443 | blocklist.net.ua | tcp |
| UA | 91.234.35.0:443 | blocklist.net.ua | tcp |
| US | 8.8.8.8:53 | globalstat.thehost.ua | udp |
| US | 8.8.8.8:53 | ssl.google-analytics.com | udp |
| GB | 216.58.201.104:443 | ssl.google-analytics.com | tcp |
| UA | 91.234.32.34:443 | globalstat.thehost.ua | tcp |
| UA | 91.234.32.34:443 | globalstat.thehost.ua | tcp |
| GB | 216.58.201.104:443 | ssl.google-analytics.com | udp |
| US | 8.8.8.8:53 | stats.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | www.google.co.uk | udp |
| BE | 64.233.166.157:443 | stats.g.doubleclick.net | tcp |
| BE | 64.233.166.157:443 | stats.g.doubleclick.net | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 72.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 104.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 157.166.233.64.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 36.32.239.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 88.156.103.20.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 50.23.12.20.in-addr.arpa | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 195.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.187.206:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 142.250.200.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 46.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| GB | 216.58.213.14:443 | clients2.google.com | udp |
| GB | 216.58.213.14:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | tcp |
| GB | 142.250.200.46:443 | play.google.com | udp |
| GB | 142.250.200.46:443 | play.google.com | tcp |
| GB | 216.58.213.14:443 | clients2.google.com | udp |
| GB | 216.58.213.14:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | ogs.google.com | udp |
| GB | 172.217.169.14:443 | ogs.google.com | tcp |
| US | 8.8.8.8:53 | ssl.gstatic.com | udp |
| GB | 172.217.16.227:443 | ssl.gstatic.com | tcp |
| US | 8.8.8.8:53 | 14.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 227.16.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 82.90.14.23.in-addr.arpa | udp |
| UA | 176.114.1.160:443 | erofanx.com | tcp |
| UA | 176.114.1.160:443 | erofanx.com | tcp |
| UA | 176.114.1.160:443 | erofanx.com | tcp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| UA | 91.234.35.0:443 | blocklist.net.ua | tcp |
| UA | 91.234.35.0:443 | blocklist.net.ua | tcp |
| UA | 91.234.35.0:443 | blocklist.net.ua | tcp |
| UA | 91.234.32.34:443 | globalstat.thehost.ua | tcp |
| GB | 216.58.201.104:443 | ssl.google-analytics.com | tcp |
| UA | 91.234.35.0:443 | blocklist.net.ua | tcp |
| UA | 91.234.35.0:443 | blocklist.net.ua | tcp |
| UA | 91.234.35.0:443 | blocklist.net.ua | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | tcp |
| UA | 91.234.32.34:443 | globalstat.thehost.ua | tcp |
| US | 216.239.32.36:443 | region1.analytics.google.com | tcp |
| BE | 64.233.166.157:443 | stats.g.doubleclick.net | tcp |
| GB | 172.217.169.10:443 | content-autofill.googleapis.com | tcp |
| BE | 64.233.166.157:443 | stats.g.doubleclick.net | tcp |
| US | 8.8.8.8:53 | 10.169.217.172.in-addr.arpa | udp |
| GB | 216.58.201.104:443 | ssl.google-analytics.com | udp |
| US | 216.239.32.36:443 | region1.analytics.google.com | udp |
| GB | 142.250.200.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | consent.google.com | udp |
| GB | 216.58.213.14:443 | consent.google.com | tcp |
| US | 8.8.8.8:53 | 22.236.111.52.in-addr.arpa | udp |
Files
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | c39b3aa574c0c938c80eb263bb450311 |
| SHA1 | f4d11275b63f4f906be7a55ec6ca050c62c18c88 |
| SHA256 | 66f8d413a30451055d4b6fa40e007197a4bb93a66a28ca4112967ec417ffab6c |
| SHA512 | eeca2e21cd4d66835beb9812e26344c8695584253af397b06f378536ca797c3906a670ed239631729c96ebb93acfb16327cf58d517e83fb8923881c5fdb6d232 |
\??\pipe\LOCAL\crashpad_2308_DLGMGBCCRAVYZRGZ
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | dabfafd78687947a9de64dd5b776d25f |
| SHA1 | 16084c74980dbad713f9d332091985808b436dea |
| SHA256 | c7658f407cbe799282ef202e78319e489ed4e48e23f6d056b505bc0d73e34201 |
| SHA512 | dae1de5245cd9b72117c430250aa2029eb8df1b85dc414ac50152d8eba4d100bcf0320ac18446f865dc96949f8b06a5b9e7a0c84f9c1b0eada318e80f99f9d2b |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a031a5a88b9f547d1646d8adcf1710f1 |
| SHA1 | 5d5fe91ca1735fd35a90ce375976536b834dedda |
| SHA256 | 42fd444f05ea0b6c4b9cde19f4ea9992594c4413ad153321b20cd6b3d80d0eec |
| SHA512 | 56cc46d918e90ca643aab0f041346a54552cc1feff436fd7a29e50d41b36e8ac6cca5a5c0743053e8a6451bceafb9a81ed43159ca5b0129e9c18902c7c292092 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT
| MD5 | 6752a1d65b201c13b62ea44016eb221f |
| SHA1 | 58ecf154d01a62233ed7fb494ace3c3d4ffce08b |
| SHA256 | 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd |
| SHA512 | 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | b935d3d19cc565faa412ba1b1bde7469 |
| SHA1 | 8f294dbd7319c43db7569e1d3af2ce878897948a |
| SHA256 | 5c9115ec4aff128a59c7024544940f7c2926704211aea9f4a67327fc9b9aadb3 |
| SHA512 | 5f9f0009d586fedc8826168b6fd699af83d0d16478d9881b4b49b88d8bda09afe997b72205c8dcaded14587f943ee811284b8360ac9d74fbd159b2a65e007a54 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | a030aa1bea2d5929e8aa2db4fe0f7679 |
| SHA1 | 2c8279dbce2fe277ae3777ac782a1831df1c5bc3 |
| SHA256 | 92d4db9802dd1e940d67292eac434c7d6488845eaa013fb69a76da21a25d8911 |
| SHA512 | 3a0bd4c7123dcf07e590f1fc7ac857997bfb494d84a5411a34a434bb03d50d39fa405689e855cfcec3fa961718ee38a1886b17c18ab093d45f52109d43584ffd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 85f4a4062b25dbe13fa63321e87f862a |
| SHA1 | da26cbbf50096c507c05583c76cbcc560a1ca193 |
| SHA256 | 9e1d03ef9747699f7973d3ebfbd9a446bcabf8ccbaab515bedb66877749875c3 |
| SHA512 | 28e1612f68e3ad6c33b16db5eea7dd31253bea5b0084b9682eee8b16a3cab6ba26bf0faaf2f18a2753f65754c76cec5a3377c1b54df466e3841337ec08515575 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 30e886fcabe3ffd00fd7bbec56514d24 |
| SHA1 | c5bf211d1d4d7bbd2470967d03cb415565dc55db |
| SHA256 | c2e7e646329b3434f60c1db1c6b3aae835497d551e189b01a9ff9c5e2afc7286 |
| SHA512 | 94a6ebcf510b553b164d0feeb9a4ebcf24e3d98cf5474f01ef5430096d7de0d98313e51ad4cce1b50907a6e1ef51e7b7e9260e26035f82cc5d0c1ddf2c38ad26 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | f8a00f460a90bdfae3a25f3fb905159d |
| SHA1 | 28a00ad2bfa56dd11cd2bbbe9624f270b2bb2fa8 |
| SHA256 | 71fb5f2f9cc7b52274b9608d1bc97c579bff7a14bd0ec224a27992a16c5667c9 |
| SHA512 | 66b058f32dfcb5383522bece199e4824f0dc0c32bd172cd8034737ba23a281ce793fa325ac2c700cda3ddb08714916b490c1ca16d049fc933c7c19494a3758ec |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 5a0de7347c9dae1af6c2985588f545cf |
| SHA1 | f5e93dcf14956a43b0d6b00773fe7f71ea443ae3 |
| SHA256 | 85f3d1e030bdc2e6660be0eafcbe49abda95c3d3911af1112421c2bb03d7b544 |
| SHA512 | 320c27e183b67674b115cc28b3de26afa91659c12a8c988e289d471140d57e285c0edef2a5c87960cc38aa4db13fcf460daac2a2d75b3a6be81b2f76dc1026b6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 16cb747304ff1bec33d0d13db21423e8 |
| SHA1 | 6a3e95dca3ddfef9f637102a5336c216883df085 |
| SHA256 | 10f1a621b38f4145c0b38edd49d1dbb2eb4aa670f1bb0caf674ec6cc89e294b5 |
| SHA512 | d75cd5979f232748bf7be7282b53e46a922f476d499a32fbf0755c8b3ac123b0a03fe305eb36472829e1c6f125349f48546c2c1f51e1e6fd90756209b3ba37ad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | 2e1c8d0275947326571e1900adaf375a |
| SHA1 | 01b8d30451951dcabdfe42da50c96c63dea4f0eb |
| SHA256 | f0427ea3fa32b156233303a9f7515e81a2a5260be1c01ccdbc181138a06ec1eb |
| SHA512 | d9c5a7dd2d5950ec08e8e22e6f4aa32e455db68d8cde77f30a16b0c80dfdedd04363acad3642a204f60aa9b8a34d0b7d734943c36f7956c55e371619c2b8bff2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | f5184e649f4a474cbac685c7bba8cf6b |
| SHA1 | 529d7aad34acd21810853f45c1e08a676a9194b6 |
| SHA256 | e51d7493c61d03b7e8160be71a5a7044aa3b74413b3a56be6d3e032204e3e8e7 |
| SHA512 | 67fe6b86cd41936bc05f82f1879e76a2dae8d3324ea347a5eeaf796175ebf3ff1a86ccc096a243e656f5294214b90be96198680dca68035a9605b525d92d1818 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 37a87cfa0536955eff1670d8bb5cf496 |
| SHA1 | e20af1cf7a85831b6a9859e4432e8599c88c295d |
| SHA256 | 1eb83d3b6e2857fedc28607e86fc751ab41af323c113e0a733731c3920cf9c29 |
| SHA512 | 99ce502a25808b39900b00a85db47d7ce549ac8b180d634ff4fa14e0fdfffe3b8664e75fbe2c0d76cfaaa9673a909bb1b4ca90819e252b94bd09eb9580d47ed5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 50a963d214ad5d3e519992bb72c80242 |
| SHA1 | be2709aa6ae0df1ae7a7bcdb025491d7fc2ac74c |
| SHA256 | 7e1485a3bf0746d90e9bca43f02fde71b52f20377153f8df7f284fda1ad47e7a |
| SHA512 | 7872bffe45774a3b2255eaac6ae557141a136d2aa6bbb4fec32b9527a61a8a40fcfcb18e87559752c928348b9622efb97ff08d582f8ecd4431dfbb20f7ae51db |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat
| MD5 | 59b33393f79d6b2739962ecede5d2600 |
| SHA1 | 6964782036fef08504dcc7d213f21bad71c4957b |
| SHA256 | c208be034f14889af4bf6163de9930af6b4fbd75a25cf0937b8af9022f2f1ee3 |
| SHA512 | d9245fd00afedd2a4618b5a7b069d4ed97642a81b090280a4a08ebd43352fc897af635102b74913dae63dd7af52be720e24d02b524b5825c40c27dd52f6f0708 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Variations
| MD5 | 961e3604f228b0d10541ebf921500c86 |
| SHA1 | 6e00570d9f78d9cfebe67d4da5efe546543949a7 |
| SHA256 | f7b24f2eb3d5eb0550527490395d2f61c3d2fe74bb9cb345197dad81b58b5fed |
| SHA512 | 535f930afd2ef50282715c7e48859cc2d7b354ff4e6c156b94d5a2815f589b33189ffedfcaf4456525283e993087f9f560d84cfcf497d189ab8101510a09c472 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Site Characteristics Database\LOG
| MD5 | eccbe1e912d9a90faac2d8b7e6c1bfc3 |
| SHA1 | 787e4c1493b94fb9cfe304aa39ffecaa00e28442 |
| SHA256 | 353e19960aee507c15d2b1d466960cc6bace91a388605e588c40aafb80af0bde |
| SHA512 | 91b3e55459aad3a8f77c8fc6bb00813f300846cb107be4eec539d6b3597ceb2fc2fd85bcdd87a8c31513b8fe34a3d93579ce2dbcc7a3ea7ea295b73a438be227 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\8b5f0c82-04ff-4329-b20c-ce6398c5d42d.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000003.log
| MD5 | d521f2f31ae55c5890fc0a947a6d1a4f |
| SHA1 | ccda557c856352276c90d62a11ddc326a6d173b7 |
| SHA256 | cea7400a06dfc1ba44ac4eb2e72f1ce691f82b6a7b7d437253cddb8b4fd35a09 |
| SHA512 | 81cba414616fae46caee235624e3703bb5d98fd216161081dc5d5a03a7131b4f31ab4e895d6cb8edf1622cfa0d3b0c4ca571721a701f90eaec0b864815a8ccd9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 453c8d58d531d63fe6e8c14d633a3c7f |
| SHA1 | 8c5fc0060f2233dabf564c8080e3ee76293c142c |
| SHA256 | 305ccfd4017022ba1cfe670dcddc929ab29da7744e0787b0928966759e900f0a |
| SHA512 | 5e7c47498ef971118374abed3647b36c77783a7f26ec8be06a98486136df53864ac64c854a260474e9f33dba37b7719fb9c1bea646fb0d862fec51adba634029 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL
| MD5 | 1a0c49d0dff6885025ea787fb16afbb4 |
| SHA1 | b9d625c9a5b16e41ddfb05edb61a2ca21fa877e8 |
| SHA256 | b473e86740c66897c826173499545ca86e858e18d57a6b350d18852d629ae726 |
| SHA512 | 2f2e38d19172e28fa94c9cc805e667467f042bb0da29008c21f7cb953adcf957b97676b1e064e63ca827971cb79b5971ab6921eb545e50f9d981028df16746de |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies
| MD5 | 7703794d28e9176bcd6a2699b67f605a |
| SHA1 | 996f95d13ad2d39ee8200de4ecba76e99424ccfb |
| SHA256 | 41f9617079f7eb3e895b9651adbe14b0e12321f2e7bdf8bdfa2e0d63c80519ef |
| SHA512 | dba5fddfd9a398f3e53f096bd4df70348a330991012ceb496d3853503f99d8c70edc3556ee76976752e8f2c7a2da7490160209514e61194542a549dae6e82d39 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | cfd2fdfedddc08d2932df2d665e36745 |
| SHA1 | b3ddd2ea3ff672a4f0babe49ed656b33800e79d0 |
| SHA256 | 576cff014b4dea0ff3a0c7a4044503b758bceb6a30c2678a1177446f456a4536 |
| SHA512 | 394c2f25b002b77fd5c12a4872fd669a0ef10c663b2803eb66e2cdaee48ca386e1f76fe552200535c30b05b7f21091a472a50271cd9620131dfb2317276dbe6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 1d5f57b36984d3bc13513937212f7c85 |
| SHA1 | 6962d480bc6216080b90505c9f25c8a3ed4c8df0 |
| SHA256 | 7c5544c2101aa4a9ab3bd0ed98d6d1126457f802c8073333d2e7fb7be273dc30 |
| SHA512 | dcb01342a2eb9ff3ed03a23b7e0914ccb626e1136c2a24dc4e8144cd785c90acdbffc877408a922519055f0a375b4a31172e3120744de656d55dcd83b84a4f4a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005
| MD5 | 48f006c079cca065f379b12f9716e4d9 |
| SHA1 | ab7b2f358e18066451ef0d17b2b77c2761d06a7b |
| SHA256 | 7bd2d662f5621c28ae96e27ec78abd2089a86668e5392b4177ca3f3c259cd036 |
| SHA512 | a8cc99957fc71400518883fd5ff439aa688ac8b39399e7efb56f1f930231098a18e8c2f4bba0f6dcedc43ffdc106d6130de2261900d1d3fdd9f86149e16d2a00 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3
| MD5 | ad597af574382a9fe9483ad9272596c9 |
| SHA1 | abd3833c77a17ccbbe0c14f5f1db5245d24a6580 |
| SHA256 | 07b526e976893f53c0b122f6ab90909a3d1b6c77abbcd41681d2cb6a8ea8516f |
| SHA512 | 8a8096df611ac71e87bb5044bf5a9a78fcdf1e4cc3a79d230feab5ebe0f1bd97f5efa43d6c2cf87a96ce372619028f4af2475a255709b965d69c84fafaaeebb8 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2
| MD5 | c4cc026ba9c6a06fb7237734d18d13a0 |
| SHA1 | 65b5b78b21cc2f82ddb5b7ede3777872a676c5ee |
| SHA256 | c620ab7d666c26e8873b9805fcb06d812fb6c5e7ecb55198b8dd924b17da486f |
| SHA512 | 7311a34058c0671e1fea5b5863c8744d5df8abaf85865825a8e013639d36daaf8556c92e18fb32d28fda8c591e643e962d4ac08bb0ec1e8a0f5551b5400dbfc0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1
| MD5 | 097d9c1f597975e07425959f166ba0fd |
| SHA1 | d0b719cdee8b69fe8e1fc0f620be66d4477e7443 |
| SHA256 | 165313a6b82a74b6d52f9fc24898de41d2c163ceea7289c8b28d2108aff16d98 |
| SHA512 | a25b4d50e44c200dce6ddc5d2facd9fabcc18e421809dbba8ffc240c959fc11a1d8ec3a7d62e931f1111319d09c7f6eb58ed245b8815b7ad30aaacf1d23f27ee |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0
| MD5 | daa108bc0fd7d6e0606e5e4086961c26 |
| SHA1 | 70dd5f7147076caed554a44f69f65fd487db05a8 |
| SHA256 | 14c218a456893f738e04f3115e0d404becb00060f110fa9b4821792a5ed23be7 |
| SHA512 | afa2b0258a98327e032a25b65ade98e3e4fb9060ace72baaed5900b3990c7f1666e78ebb9fc136602484bdeed415e797696e000a0c0a46b93a42b66cfb81144d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version
| MD5 | 009b9a2ee7afbf6dd0b9617fc8f8ecba |
| SHA1 | c97ed0652e731fc412e3b7bdfca2994b7cc206a7 |
| SHA256 | de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915 |
| SHA512 | 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_3
| MD5 | edbbe68a14144857446812fc7c27d7ae |
| SHA1 | a092f33157bf4de1d7214f64baa4031f17a7dc64 |
| SHA256 | 098d10a626708cf05f69b378d90386994393f7d0fe42077171606392ca16a858 |
| SHA512 | 1293eace494a74f13979f87aed1f8344efd71e9a2c18ba3b788a9ee3d256405f9f7bdf42454929f9ce5c10f0cc50c2a1b7d3117a4e5ebe313c9072f090c510f5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager-journal
| MD5 | 2ca22e8cb9d3045c44f28d2019be6856 |
| SHA1 | 6527988933758140f7b3b3889a54724dc24327b6 |
| SHA256 | 46edcd79244084e2ca8e90626b9886bde5fb1c6cb3c48ecd8b878a6a99c0b3b9 |
| SHA512 | 0df53bba1e4919b418b213219ffaa3dd524e9e28798b45dedb4eb13fbce26152463de03995ca9d7886fcfb938a35d91d9b024a79f7e99060c8208650fb7d0fc9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Extension State\LOG
| MD5 | c6126ba01e9b1741d680907e6fe4c104 |
| SHA1 | 19c0b2b234ee2fd50c16fabcb906cc463d26f45a |
| SHA256 | 129528b90f117ab8a59c67920ee354593671c4c82db4ea1388ed4d15af7e3115 |
| SHA512 | 0748dbb8c72572c9034afc2646802eba70a53d5bce16a15c223ab89ccdd952d20bd33ac9e6b81b7fe61941a7b50cdb9e840b0d92c55b88a5eac804a17f6bd33b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\WebStorage\QuotaManager
| MD5 | 820fcbee8cf65e7e0ed5eec0bed8cc20 |
| SHA1 | ce8714de26b136d500b676b56f9d8bbdfba32076 |
| SHA256 | 9fdc509002c4fa3175a15839cbd55be0494c68ab9911bca0d0bdf562770cb864 |
| SHA512 | a797ac6a5b8364153a421f50866079bcafea1028881709bf8855afb8db8841748d397200009b195882586c0bde1970700538d0b3b0b2ff5670e23bbaf53e3fbb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_1
| MD5 | 6098aac848ce8e9cca4579d79d1f143a |
| SHA1 | 860eaee69a5a118e50eed28d9372841fd792733e |
| SHA256 | 31638567341f648235166d747e11dea67558f99ad57e9f5f794f12ea5a0b16be |
| SHA512 | 3f1e044fe6f1da1d1ea63ed23a9ce2580567add18680460456520902226460f1466f51440ae028e1173c51ed7fddd1014f9f69e246546a4e51fc70b44f3889d2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\GrShaderCache\data_0
| MD5 | 5ec1a671c14d0e6f812117205f4f1360 |
| SHA1 | 26b5e72b7a727ffaf6f91f60f64a4da95fc6c1e6 |
| SHA256 | ff23cf3502c8f4975718e35ac185d11be5bcddd46df87f1a57b67301f4a214d0 |
| SHA512 | dd3c07f6d734b6a855dd3c80aa4476d895b839e80e531cec8407a6f7ceeeac036881de0ce6d7fe89572b92311d684794c91ebf8aaebe6c312274a2245bcdad66 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Platform Notifications\LOG
| MD5 | c1e7285a918fd89575411de7910229b5 |
| SHA1 | 02dd5cc38f6729d9c8f5b21168ae2779e8ae4b2b |
| SHA256 | f00cca8e5f21e1d93d3136143fe00fea34b9b87038f38b8d32a51176278c8564 |
| SHA512 | 7a49451e61d25cdb205514bc40c2144f0f980dc52ac93e4479cd2acee9bd8d28571fa418ba82528ba7527d97def396e51b0691eb78c2b7e8aa500b7814e6971b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\000003.log
| MD5 | 75c6b0725628a44803ac79c5dce62c68 |
| SHA1 | 79e339ca356f2bb5097d2bf2e27dc0c3e9da1c08 |
| SHA256 | 9bfc86e3fa4113b52fb6f81a6802b4170716aec4914840a57f21c3eeb0900f14 |
| SHA512 | f8869525d2f59e28abb771de9aa03a50cd062cd8fe0f14cea69454b951e21ba7cc4206a43cf2105bd9f346c44641b0d903c95053ac13ef29a75c6f2edbaefe18 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\LOG
| MD5 | b42bcbab2586d2be10b2d5f5a8747673 |
| SHA1 | da999991d82f3001132a9c029b7317a2536fcd3a |
| SHA256 | db95198516a6670cef4e84cd17ee136979947cfaca3c2ef295484a00b61a9ecc |
| SHA512 | dd0a6e8effd21ccecbd1e0b7aada4da4f631673d89861df368fca47bfd1b40d0b086f9b53255e6d3d6c0e1aac96e8e72053afc85d6496cfcc32281f00ca49dff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\000003.log
| MD5 | 5e04cfe388d8f017572335a9f069a0ff |
| SHA1 | 7bf46982d16ea6c51578f1662caf080cc2d2093c |
| SHA256 | 776be89023186c9f412796df5ca031979880d527024a446392dda4aa4495d272 |
| SHA512 | 9303f8d72078f682b3bf6d9e302afdf0d149bcb9cb319eb1da01bfaca3ba8b64019641fe3517709eac99df2210b293e6b562c8b1edc02e7d63cca5a49fb52ca4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\shared_proto_db\metadata\LOG
| MD5 | eacad1f3731a1f9ff4d28448e3d5e218 |
| SHA1 | 67c95fb7076e34711f8aaf15ffebf9334efa01d8 |
| SHA256 | 0b549addfa51f2a618573bbd6345f023f2537b4b678030bda1c459c44cea69f8 |
| SHA512 | 090fef01227338368c643683584da1c3c974fba2142cd03d1e04f33d3bd342e515325f973f5ecf3c459107ab555c517f71690948fed8d8e2e73b40b41fe25ea2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\000003.log
| MD5 | 1a137f2a7592c778ae0a79a9b5bc5009 |
| SHA1 | 72131a6f472856b4a0f098f3492bada6db17c632 |
| SHA256 | 3b608765cd80bd547de3d9a6b9c6366d3345c1fbb3467b095456c34a84443e2b |
| SHA512 | 0515d904e07b1c8c2203e2a49ae972459f138067c248261ce10b2575a5295558bf226f52ca7e6ac3507fb4fa233227e1b4a8815ca9f1a49004fa176e175b2620 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG
| MD5 | f29635f5fb2f4d0b19594373f283385d |
| SHA1 | 4586265f60b4288799662f6d8c46200d352790b8 |
| SHA256 | 786de4bedb49ac6c067c7226ace10b19f4b5a1e04108acdfa47e8db1698c5dbe |
| SHA512 | b8bddb48b4c422b655b9efb85b8b323ff0e90855e55b6eb980c727c96aac391da88ee3fafc371f78b508fdd214d42521cc492315b7f86c3697a10a0d1369680a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 646e6253501fca26f078d6e603890d00 |
| SHA1 | 23e969ac25a3ea28e0c44ab1515d5c9c0a0e94ed |
| SHA256 | 41ebd9b32da3711c364c7075a880f0987aa2350e4c1e09e8a1972a37b61f7d7f |
| SHA512 | 0c6670d7131d9801318921e4143e01c890f3681a46f7ba55da0dedfadfd9dcbbc613cba7053af4b99ec9b83c237a3f5fc8b1e301e7a5802a3f66272a3aa7f2dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 1d242681aea486cb179184f3982a8263 |
| SHA1 | d342224ffc9970dd90e1e4b4390b90b7456c49dc |
| SHA256 | 3907dbb96d5f8584777017e67f4d3c63b8c8290e6cc0ca8da0c775edea1b7522 |
| SHA512 | d929964fe7087dc7714a0fd8a830330410e1813d0c302f42cdc31783011595f6b2caaf712d4a70b970b5807df1dd7f1da58a8f07b861d9f66fe2ec26bff97a6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 139e6214a3871b0c3e3f56977ac7a79c |
| SHA1 | 681e9939569c0454be7688d259f852d831bd569b |
| SHA256 | 91078c6968f27fe12d77cf6005faf983b1fcaf0e798cb483c5dca52938319f34 |
| SHA512 | d18c0abf1aff5b4f0544d5a3142ccaabcf8b5dee353f9387e92d331a560acd0072daf544c7f0f4afafb3374fc3e419eb65253626dadbfed9abd72720b051426e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4d61095e5de9261129d6678605681f13 |
| SHA1 | 8af3c900cf21e97560751ca46e88d8c50385c79a |
| SHA256 | f4f6d17862fc21c8ecdd21239eeed27305a688851f169d85ff368fd50c3023cc |
| SHA512 | ab230133aed83dade7628f00610b14dfe4213714b04330be2d8d14a89a59ef06fbeff694d565ad3f7e5f2a96224c6d9ab5c5e5c0c4c786b4043b5f85ae30d1ad |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | c3283ea176b5310ec63fa57b4be0c9b7 |
| SHA1 | 86ce4062e90d5314b83b6e7016181f51ecc9a2ca |
| SHA256 | 6120b0cd99c8bdbee5bdb6a4d7337142cb68cea1ec8c72963c872de7c80c7514 |
| SHA512 | 20d7535a968c16ed79b4b90a59d6532b6fbcd7e7ef73932e58d01de3713970b88501a142699db7a91afae29fd800ab605f3a6fe67023f611659f5eb7853f8235 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | bfafab09d2c67d63698616a7222251db |
| SHA1 | 63269e06be9cbef031cf1744a23b2131cb762bf5 |
| SHA256 | ebd80179f90503664b60525c910a83f467050c14bb79bdae6bfebd42ac0591bd |
| SHA512 | cafba7dfeb7e854f3631ce9798fb35b50c7910928cd6e7a4eb9f32dcc9279308aafe50693474b2603c38d3c9d45d754bb023d78a571b95bd89ea9293e8db9ed5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 48f18b32b05c6176cc13ffda5d17e5a3 |
| SHA1 | fc2d9f81045219ed92002fa4a11125ee24bae582 |
| SHA256 | ab45c3d436bcd4a9d66364d15ac793467b0f50ec435689fc5142b7b69edd7599 |
| SHA512 | 20d1c2fc7b58daf76ad12186c1d5d0037203be5868c3a42620e9e90813cf4faac8db4317dd271f5a2df33268c56bfdd5553e9fcc7dcf2e565f742d77937269c6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 83932d89031d3f4c410b903f1e135743 |
| SHA1 | 8bdd151669e089d9f05f9f855447c8bbb4b9087c |
| SHA256 | 8f611d3d5319b9d6d64bd3aeaf1034580ae63dd2e098077455ccc8720c264e5f |
| SHA512 | 83db5290e854b36dcbfa966cb444c79f3e2fdbd719530c0e4091cd76067c1655da70fd38e3d332e5057aa9d620283b825921facfdce4b04ef6a785926494811f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | b4e619bfd4c745b5565d42399146a314 |
| SHA1 | 070d1cbd0fa089138b16ce72b623263b6c74865d |
| SHA256 | 7642b1060a7aaefba18916a992a70381fed826d66d24d427a8658688c3077eb4 |
| SHA512 | 857f00c2192ec1b67b51623a0925e8fe2435596bf6cbae2e56be050aa3ff9e5f19a398789d832ece8d69e705b528d1fe1ffb2af3bdbeb03c57bce726d8fb4f38 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 44befccc97b2e4fcad8f02fe86c302fd |
| SHA1 | 2c5cd4145c2204480f39db2338ff55e3aafa205b |
| SHA256 | a21886b01cae18ff20e8da340816538896dde8ca332dc5c82d25d2bad66bcc97 |
| SHA512 | 6dc6a9544f56e5ad03c2a3f739fc18d7c4b92102048c7b4b2f14e27d23b42f1b0732b392614bd957459fc4abdc4597ec6d2c13668a7a98b7e00cf833e0b757c4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | ddabc86b6e8e5453fee7a330c191f3c4 |
| SHA1 | 04dde26a6bb5aeec9b6ebfa09c2de652e40b5bc5 |
| SHA256 | a183ed2e2210e5a7801819c4264040116aba17dd1cb081a8b8ddd21646617eaa |
| SHA512 | 15e9e583b45791f0b16630cc48a5889bea177f21b59f804849ac9a80b710eabb3657d74b624b5fddd9f1431ea0b9dd1b5dffb69acc4a4329155a573dfcb26d3c |