Malware Analysis Report

2024-10-19 07:23

Sample ID 240702-g4z65azepb
Target piggy.png
SHA256 38ce15ff72fe07a74ac9e4692fac7c0b964ca3c4f6def07d942fd94ecfd80981
Tags
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

SHA256

38ce15ff72fe07a74ac9e4692fac7c0b964ca3c4f6def07d942fd94ecfd80981

Threat Level: Shows suspicious behavior

The file piggy.png was found to be: Shows suspicious behavior.

Malicious Activity Summary


Legitimate hosting services abused for malware hosting/C2

Enumerates physical storage devices

Enumerates system info in registry

Modifies data under HKEY_USERS

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious use of FindShellTrayWindow

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-07-02 06:22

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-02 06:22

Reported

2024-07-02 06:23

Platform

win7-20240508-en

Max time kernel

0s

Max time network

0s

Command Line

C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\piggy.png

Signatures

Enumerates physical storage devices

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Windows\System32\rundll32.exe N/A

Processes

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe "C:\Program Files\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen C:\Users\Admin\AppData\Local\Temp\piggy.png

Network

N/A

Files

memory/2988-0-0x0000000000410000-0x0000000000411000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-07-02 06:22

Reported

2024-07-02 06:28

Platform

win10v2004-20240226-en

Max time kernel

260s

Max time network

288s

Command Line

cmd /c C:\Users\Admin\AppData\Local\Temp\piggy.png

Signatures

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A camo.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133643750243755581" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2128 wrote to memory of 4788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4788 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 4776 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3744 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2128 wrote to memory of 3560 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\cmd.exe

cmd /c C:\Users\Admin\AppData\Local\Temp\piggy.png

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0x11c,0x120,0x124,0xfc,0x128,0x7fffa5579758,0x7fffa5579768,0x7fffa5579778

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1816 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2192 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2288 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2964 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3276 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4676 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4588 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4932 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5144 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4832 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=5464 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --no-appcompat-clear --mojo-platform-channel-handle=1344 --field-trial-handle=2356,i,13261194862334667799,7441241219475888176,262144 --variations-seed-version /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=1212 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3512 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5844 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5968 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5296 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=5688 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5980 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=3268 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2968 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=3552 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --mojo-platform-channel-handle=3316 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=4708 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2928 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1720 --field-trial-handle=1900,i,3914607091036996346,17505769726658064430,131072 /prefetch:8

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c ""C:\Users\Admin\Downloads\word.bat" "

C:\Windows\system32\cmd.exe

cmd

C:\Windows\explorer.exe

explorer

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Windows\system32\notepad.exe

notepad

C:\Windows\system32\cmd.exe

cmd

C:\Windows\explorer.exe

explorer

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Windows\system32\notepad.exe

notepad

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:4528 CREDAT:17410 /prefetch:2

C:\Windows\system32\cmd.exe

cmd

C:\Windows\explorer.exe

explorer

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Windows\system32\notepad.exe

notepad

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:3704 CREDAT:17410 /prefetch:2

C:\Windows\system32\cmd.exe

cmd

C:\Windows\explorer.exe

explorer

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Windows\system32\notepad.exe

notepad

C:\Windows\system32\cmd.exe

cmd

C:\Windows\explorer.exe

explorer

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Windows\system32\notepad.exe

notepad

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1764 CREDAT:17410 /prefetch:2

C:\Windows\system32\cmd.exe

cmd

C:\Windows\explorer.exe

explorer

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Windows\system32\notepad.exe

notepad

C:\Windows\system32\cmd.exe

cmd

C:\Windows\explorer.exe

explorer

C:\Program Files\Internet Explorer\iexplore.exe

"C:\Program Files\Internet Explorer\iexplore.exe"

C:\Windows\system32\notepad.exe

notepad

C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE

"C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1004 CREDAT:17410 /prefetch:2

C:\Windows\system32\cmd.exe

cmd

C:\Windows\explorer.exe

explorer

Network

Country Destination Domain Proto
GB 142.250.178.10:443 tcp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 0.204.248.87.in-addr.arpa udp
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 23.44.234.16:80 tcp
US 8.8.8.8:53 95.221.229.192.in-addr.arpa udp
US 8.8.8.8:53 97.17.167.52.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 196.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 apis.google.com udp
GB 142.250.200.14:443 apis.google.com tcp
GB 142.250.200.14:443 apis.google.com tcp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 14.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.179.238:443 play.google.com tcp
US 8.8.8.8:53 238.179.250.142.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 13.107.253.64:443 tcp
US 8.8.8.8:53 21.121.18.2.in-addr.arpa udp
US 8.8.8.8:53 76.234.34.23.in-addr.arpa udp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 226.16.217.172.in-addr.arpa udp
GB 142.250.179.238:443 play.google.com udp
US 8.8.8.8:53 consent.google.com udp
GB 142.250.187.238:443 consent.google.com tcp
US 8.8.8.8:53 238.187.250.142.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 encrypted-tbn3.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn0.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 encrypted-tbn2.gstatic.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.180.14:443 encrypted-tbn2.gstatic.com tcp
GB 142.250.180.14:443 encrypted-tbn2.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.180.14:443 encrypted-tbn2.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com tcp
GB 142.250.178.14:443 encrypted-tbn1.gstatic.com udp
US 8.8.8.8:53 14.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 lh5.googleusercontent.com udp
GB 172.217.16.225:443 lh5.googleusercontent.com tcp
GB 172.217.16.225:443 lh5.googleusercontent.com tcp
GB 172.217.16.225:443 lh5.googleusercontent.com tcp
US 8.8.8.8:53 225.16.217.172.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 23.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.109.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 154.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 repository-images.githubusercontent.com udp
US 185.199.111.133:443 repository-images.githubusercontent.com tcp
US 185.199.111.133:443 repository-images.githubusercontent.com tcp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 234.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.113.21:443 collector.github.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.113.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 21.113.82.140.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 camo.githubusercontent.com udp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 18.173.189.20.in-addr.arpa udp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 github.com udp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 216.58.213.3:443 beacons3.gvt2.com tcp
GB 216.58.213.3:443 beacons3.gvt2.com udp
US 8.8.8.8:53 3.213.58.216.in-addr.arpa udp
US 8.8.8.8:53 getfirebug.com udp
GB 3.9.51.5:443 getfirebug.com tcp
GB 3.9.51.5:443 getfirebug.com tcp
GB 172.217.169.67:443 beacons.gcp.gvt2.com udp
US 8.8.8.8:53 5.51.9.3.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.187.196:443 www.google.com udp
GB 142.250.179.238:443 play.google.com udp
GB 216.58.213.3:443 beacons3.gvt2.com udp
US 8.8.8.8:53 github.com udp
GB 142.250.187.196:443 www.google.com udp
GB 20.26.156.215:443 github.com tcp
GB 142.250.187.196:443 www.google.com udp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
GB 172.217.16.234:443 content-autofill.googleapis.com udp
US 185.199.111.133:443 raw.githubusercontent.com tcp

Files

\??\pipe\crashpad_2128_HUBWEJXYEYYDHSON

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

MD5 99914b932bd37a50b983c5e7c90ae93b
SHA1 bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
SHA256 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
SHA512 27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 57ebafd2cf0e999fc097fd93914f39b5
SHA1 f074d905f3768523a067668c5e196c3a41ef80ea
SHA256 5f4e2c551ad65adc372606b2e7f8f74d523997937ab0ca178e499c228ef60fdd
SHA512 4b731135ddf412f30b66ecd5769ec7365d8f593462ce7fa9e7af2913b5d1b92315f8642c9390ad234d52d65153d772846c554018de715d239efa26f627c4b67a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ed586b3ff5511dc185a3b9aaa92a37a
SHA1 a06f0e02c304db137015ef857110f581f2fbdbde
SHA256 a4e5d2d99d36999b1a597268ca526868c72fdd05904f10a93fc301f8dda436ec
SHA512 0371ae86cdfd007bbadeb3f28579d7b5ef108bd9daaaa86f27a6bc6b2acfb23f78ade09e006dfd7ba43ba7e7c720d2a1491b2772e9a7db890172a0d0dc4d965c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f02417bc753ccd28a6f6c4378929c273
SHA1 f8cd52085caf48bad7f6ff0aef94c97b837c3891
SHA256 f69c397fa4398d92ba09d48370a08edcb76d65d235a872bb00d56f8f54b18dcd
SHA512 ab15c376149f63cb30e32219079b77f509b451a01d67d23e5942a6af68bf6a0a01cd890c28e685b7800f68c05bf09e741fd9db959e093309e853577fcc668640

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f9de96e920374ecfe0100a6cf9b566c6
SHA1 938b447d2f56812f8e2e9ec508148d5708702446
SHA256 cc5a32e0a4e8adbfd6b2b3d22a90e962ee0792e4b63655a9e4f3379eb66b0c9c
SHA512 4935c989bca3823288599e657946f3980a58287a7fb8195008aaa155fcd932b8917eca9d2fb1519a1ea2e2afc512bdb8ccfdabe1c9e6350d8d0884b964e0490b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 da12f9cdfc2a27e7322fd891cc85e98a
SHA1 0dcf90d0242c3065f2e639e234e5b74e4e561668
SHA256 f7c973f79600ba13b60252ff4ca16af07dd963c4cb0b16c205b9a3cac42095d4
SHA512 9445a070de663f2aa801cb3d2e0e38bc7be2823ace20ed968b4b63a51426196a9f0927c293e5abbcadf4e06708dee2926b34359328297fc5f69f09ed944817c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b8799cca73efce90d295587025fdd520
SHA1 441113f1ed630c57c87d0e749eaf1d2694862a68
SHA256 f6ab19c2b4f1cc5d253649bcaea517676c3ee52dc41e56dfc91f41c6f175ef2b
SHA512 0318ce8bebadbd7a27b154da1e259c7fc95a580f2364fcb46c4329ca7654bfb67990e641cb29e1e8ebefb961939ac31a8405947ff196139b1858dc1d4c4effae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\f2b7291d-548c-45e6-b1e9-b3e967380cb0.tmp

MD5 d2511ca3a7edaa0815054a3a28263a83
SHA1 f237589b3def30d3e28a864d19921ea829b48ceb
SHA256 7256196862c365d3d6dfd4c2546cd25b2238b06c6bee3ad65099613a0df50d86
SHA512 238d47020b622d58f23208f65d323885c2d647d5d429e6ed6a990c52335909d4318356a31b891539f8bff2a136bebe02b1084bc5942def10e429ef54ec2d4f7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ca45239f1e51c85b99e5042931d5fcd2
SHA1 e1edb955724d46a4503ff40b5d61f6fa9bcf6790
SHA256 60175de2c9799ce34aad3108d9347bb030d2d79f957fcb30ccf044cb33f7e617
SHA512 60ef740e2687820792d885d10cce716219bbbcf827670ed3769cd7ae5e19422c2481c7f8bb128a0a12fd6dd777ee8b2249f9e71ff0d6200cd09cd63d173db13c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0e62cdff48fbaa2a7a88d9c07f44190f
SHA1 9752ae7bd59528b0ec2320b3e24b596853f2709a
SHA256 a441763a925aa2fe4ca4c0e96b24322bbd7f4375437773ec131130b9e445f745
SHA512 93638884750cbd762d42b8d668116247959695f084ef7c16ba6f2b893b61cdad42c9589a46c02e9c5839e207615c627644cd5ed899cb0c5ad8bac90f8ef067a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001a

MD5 8f5c02a2d7cb398342851ad2ca3c87cf
SHA1 21b7243532e43301a97ec5cf0d11e4d621b0d784
SHA256 08e636b5f642629c05ffe78ffb5f1b808fe37fe9a7b37409b11bb95e7990ece9
SHA512 348549184e00dd37d1217bdaed5fed7faa08362c3838ec8c0c2469359b659c2cae11d5aaface994499195b38412e1c07ee2300e531f2cc552e2d14761418f27c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001b

MD5 d3ce8132fff199a89682d53d7c7f33d3
SHA1 cebe2b4b10cdab32d5e883b51e21f4c8c62af86b
SHA256 24f1cbb7ca9a5e6ecbcc90504ed4c768ebe3a8ad2def99b58ea7cc89bc13813e
SHA512 4e5768a5278c732bf4878457d8acdd39b5b0230236e4577f856e5757aa38a508eab84c7f6b8df853ed5c4e9edad8d0233bbb1358e7b9aaf2e59d5ec2498791ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 45f0c79fa4f7dd86ab38988e7cd028f4
SHA1 ca1207f50d323617086b4a289681ba574462ea43
SHA256 85ea71a7b77b9c93eb108435bcb04c8cddae3c2fb2d25cd7fffa4a137aa6a0d0
SHA512 b7f41894406409b87e78cf94d96a90568d484a878b13f317260dd1897322f1e6e31a4fd98a17c0a259eee81256472c0ae5119dec8c6d722a287e9c0b1abd9d81

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 879007158b74063e87127a502ed82793
SHA1 6f6a1f311dd593534bbcab1d2b1610797c281a4b
SHA256 20c0e60f7566f57195a9a6854c295f8e41323124cfb55f1a3efe42c9a8f9d97a
SHA512 6cccc2f056d170dd4127f2c59deb79acc081aaa6eac585d1a2f0d00ae79926aa2e22e49783ae406b309f4fbfab890c0e48dec7518409858841b6ac73c105f5b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 ef0ac493761f45576ac0031312ae32ad
SHA1 d6b35fa6204905f1243f4bef630982cf69f75268
SHA256 6fa1ba3e0a61b8dd4eb098639fcb56d1faead3c324cb46a1a2e320e036e0ab1e
SHA512 03a6428990a1512c9547fe11423882827d0798dc02be3e6ad4ea13cb8053cf54843c7cab980168d8e8a934d65edb7ebc6ae311fc64aa67c11c02bf0d3e43bf00

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe594c90.TMP

MD5 b00c016840a748cc788456c6d2e3bb5d
SHA1 f9f20eac64991f7fbd3d6d20d079063bf438970f
SHA256 30184ff597e49df9bb6b82156d92701a6c501a79c8310dc73994097e65c540e1
SHA512 29848238227ddc7963d66861a108968f20cc0fd29dd7b92222452e730619f11453627e73e11f184d6a15da4cb8d9b9a3e0860298efd6506c7a3e4782966401af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 bbd196016e87732d2775e4c8040537dc
SHA1 f40992ebafc3487ded9c8df6a9213d8bd84a62d5
SHA256 a4311566bfd481ee3075f2a7b6f72f55489b38a00fa813ede2089c3a6f005b78
SHA512 7cbd04f4e90b2455d6e5002d377a5af08eb7635f911af54b486636cec07a618b860f3eb268f6d543cb1c77b70493285b7522440e1e9768fbde2a3ccea978d8f4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a6ee13a40e13867c43f03d8c57aa8d3a
SHA1 12c8419a32a0089a06d2d43720910890315a3f52
SHA256 c7e291b0b23d8586c6447d0f23234365fc20fd50f0d45bd4f5e6cda8a450a224
SHA512 672b5a17d7170238d51fd9bd12d2b9569d44a1a40550affb62a8563564499cd1658a08829c0ec3ff3683b7ca5d35fb3a3827a593399c483aae30360f76229513

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bedc4eb824bd49918f75d90335233244
SHA1 50ac0c6d74876d0a8a2f272bff8e8a44ee6462e5
SHA256 ef9951ddbfddd6f524ecf692dd9f8eb68918ecd0edefba1904d73e34c71db4a0
SHA512 ecdd3b494b935f5d2a5a30062422def09efc9f688f6f5bea1eec36eb1b92b8f9af409790d77b9013b1cdc10d0c88d17c7d876f2ded3b30fe51fd0857388e5491

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000021

MD5 628ba8d31375849e0943894669cd033c
SHA1 4fa6d50a37fa2dadec892474d3e713ef9de2d8a1
SHA256 80e3440c312f921afe33a7d4a3d11d1d2dc7162f8f50b748b796f424441d10d6
SHA512 d4406493dc8767c479460f3039b038866549feebf392280384da08adbcad2e871720d046220cb67ebe3ab75c14e06a31df2fa7c0f2c17f91eda26ba0a709d27f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000020

MD5 f31a1ab9f483d9db21349522e39dd16e
SHA1 01a275d7fc1c4f578fa506c8e0bf9b7787dd4806
SHA256 463800c9ec072ae72a4f6fdc1f2f779c792cb7ceb6f57c7d1231eabefad2bd9d
SHA512 cab9bf13c36b854bef939e1d09c8d896caf1d7c20f6948f70f27eaf2869e49c8b9be728b4c95926ba869a987516a79d3193d416b0582b7570a58269c8caa7603

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000022

MD5 669b1563b95fce26d9ddc3c7e9bdc538
SHA1 275e4ae2606a0da908003b77ea06b24ea8b66214
SHA256 d46765072d87d9892a0f6f8f9849eafe0abecee9d662e99f8b45d8c5b22ac667
SHA512 09e066f5a1974927b2cb607a8b953f2732928c7347f65cdfcdb573170840562de6eae091a61108827b3ae0799c16bfbd41d858ee1a8bc57d9bb1fac814438302

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000024

MD5 0f3de113dc536643a187f641efae47f4
SHA1 729e48891d13fb7581697f5fee8175f60519615e
SHA256 9bef33945e76bc0012cdbd9941eab34f9472aca8e0ddbbaea52658423dc579f8
SHA512 8332bf7bd97ec1ebfc8e7fcf75132ca3f6dfd820863f2559ab22ac867aa882921f2b208ab76a6deb2e6fa2907bb0244851023af6c9960a77d3ad4101b314797f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 0e52c094a93d5bcd8875cce575d7da9a
SHA1 de9ecbf399f77a497c96c1a4b3509153ad9751a2
SHA256 abafb66ae53e45e075a02ab40e19bc2dbb0126d83f4da5f1fbd3bed1a4b4fdce
SHA512 b2cbb5075eb1cf84b9b24c2a2f3165675496d506d5e98a8868c18514c5740c366b5a29a925dcf6f6cacdb8ce6e39eb8673b15ebb55c5e9078e0d7eff631905cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 65d10b8db3a197beb96acc6e046f1e48
SHA1 e828dc14994d82fe8470e95946a8edd37d09e511
SHA256 29c6b1c207958f7bbed46b0f2ca66f7c1582a506c64ed24ce7574a535177da0c
SHA512 0affb8c301edebf6536e97ac0e44a15f7dccc749d40f67319e86cdc3252cc2fda51257dcf18ee7f56b40246ea17ac85dc401d33df9956adc5260553671948829

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4f3a648a54b40e54bf3ffe7c5d8349f9
SHA1 31d4cdc71c91e7bf01852dea3327f74f89c43106
SHA256 6c734e2bb3de8b26ecbd23ac7e70a09e7670e6ac750687d5ba5f9c41ec3d4004
SHA512 bbe5d33fd081afb79bce92711c278697822ec0646cd51d817769383c90818ce043090b19184fed3b06b4564a16fb69c087bf6515f7604a4e6bc0b41c10a4eff5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 26fbab7b89f120caf31e35ebc00c7a81
SHA1 cc79045e71846d5d87a4c6b4fdf6dff3fcbbadba
SHA256 1d16051aae4ade8b61a9b96fdafdde8a3918452d01365c6406fd5b496cc3be46
SHA512 7bff04aaa7520466ad46302bd0fb2ef1d4337e248cb9a758db1cee4fb4b8c77e43953d7c58b5c44caf0b9a6c46521f24bccb0d583dc77d1320c3a145f6a32906

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f0d8d7e954352c8221cd43acb8696da1
SHA1 adbbfc31275c323c03267dc7d2c45f0146213201
SHA256 2b561c9f8cba54a4a759124046781c4ecf2cdd2da40f85dbd2e84ac5d220ae2d
SHA512 c50e926444c839f09e0e782f2dbc47dc3dc9e8d01832a656d10712133e303fdce8b4bf2b274120d3e680a4b996a56ea20288bda68bcbaa6913e4ead45a39f2dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

MD5 18afd1da750d6447a8954b3e2e0c446e
SHA1 f8c8a7cbf81af5c9de298e031dfd69c1ec836f81
SHA256 446938498d26217dd63160bcd02aa1ee15e7fa76b8f0902b459ec6db609d1cc7
SHA512 a033fcfacf5f9f74ce8a02ffb6adc4766fbfe1d25f86ee4afc54c5f3ca1ea9655d65f6c29c67e7a86ef28edca1e8b2fcaa362730e8a6bedbdd8a16b52142dfb8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

MD5 4bc7fdb1eed64d29f27a427feea007b5
SHA1 62b5f0e1731484517796e3d512c5529d0af2666b
SHA256 05282cd78e71a5d9d14cc9676e20900a1d802016b721a48febec7b64e63775f6
SHA512 9900aecac98f2ca3d642a153dd5a53131b23ceec71dd9d3c59e83db24796a0db854f49629449a5c9fe4b7ca3afcdd294086f6b1ba724955551b622bc50e3ba1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

MD5 f817e737bd803df8a4f12c1937ab0d51
SHA1 24e172cdf9d4b77b0cb4c271aed4a7c9eba98fc9
SHA256 17b0202476b336c41e4108aa245ac863c3e19ef8c5e430fe112a0900f0a18802
SHA512 d417d62e0fdcdfa883d4ffb317546e7ac5258aac538cbfad4eb111b134839750a65c55b5230507ff6912ffd272c0eb6317bcdd95c38cfb81c63b8e85b1359346

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000027

MD5 7fb1f32a308a59e167e201dc4c1160ec
SHA1 8f52c9884726d22f48751040d9d622213840d605
SHA256 c38018600386a5b57c7a90afaf3dadad705c210ee49b58854133b0614da81226
SHA512 b9d96a8518c6e5a61166e4077f084da92664e356515c29c7cc064525714d3035074e4031ea9b1ad929b62be6616eace309c8a8302b9fc3990ec0d21af0e9615d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9b0ca0bd284804d295dcc797c40c1cb1
SHA1 53adacbfcbc43a6860736f73944ac39f2b2d4b48
SHA256 0dcbb580abc9cb5f1a36b8594d901ece117ad1c07ab2b3920ac436d99df91e17
SHA512 4f092fa12416c1d1b89153835ce57bba5efeaf2fd045cf5d82e73d95dc91746ede70544f91a8b894d6deee190b417ba6d5ebc1abcc49d8c6bcee3425d1b97c48

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\08cd4f688689d170_0

MD5 173baa802658c42f991e07d2765c32fe
SHA1 87e7846630ed3d5da42b4d73a0c773cd46d5c9b3
SHA256 2e44b597f3b84a34f42d2adec308ed6e9677c006ec4fc307e5ea72333e745753
SHA512 2e01d2d23720e2d6bb8d682fff496ca00889630807c6cf6c988aabd21c94f4e1f547dd4756f542d6b72c2ca25c5d102758e657469ea80f9ddc9a5401cdbbaea9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e9bf643e30184d46_0

MD5 fca1c4029afe1af2f99048d8289649f1
SHA1 0191c2102cac88224560ef98846f6dfa709be12e
SHA256 3c31e41739d1f7bac5f369f1195291a42bb65accf59947ef055a89023adb3476
SHA512 588f019dfc706c124249ebe2f7ed62e99652203e2f72c315ee32510b64149861222fb098e62bda1d40c24aab4c2d08765fd08b11c47847ace3429d1a7d4ff8dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fc4a4ed98af7ee65_0

MD5 573168c0115026c9138e5e32bb97566f
SHA1 66aa0d593cc065d1ea611a54bcf6f03003d2d664
SHA256 bd3dc7d00deb59348162bb14942a758f533a4b2ac9c45fadd85460d04053c152
SHA512 b84fe2cc2593ef2b7f41252af37586087a183804130e0b2967b96e5279f9c1ee8acb6ba52f3d9e23bd5ba9e4a03f503f7b0da0fcbe19ce04afe8fa2e3f53c70b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3edbda3bfef82063_0

MD5 4c5eec3a21ed01e0f811ea4c4e0d9a8f
SHA1 fe43db7bf56933c6121f5662ba1d752c743ec8f7
SHA256 72ffc31ea6a03c73d84a1b38360f36f3a3f47f34a04fe3809da03b10b71fe2cb
SHA512 01557921f34b93dc22a798a9ff07c6ffb372667cf0bad9077fa862bfc8f4e19c3dc21f36ee69b178aeb975270ab8dec81e0311e55fedc76496f0a66ba256b76f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\746c75bfd512d549_0

MD5 057dd7cbf73a47ca1baade74c9d13a32
SHA1 f6639d465149baa4224474d614645584f856f469
SHA256 0c718c2e7cc5a1c0c5c32e6dd816de126cd88d28a75caf92838d34125f032ac6
SHA512 0a632f40cf1dd19a0982a228afe29e94f40dfe1a69234e9f9e4558662bae93a383f244faa1cfcefb8ea0e7c9eb97a233a43be8d2821f465a5f25fcf599f391a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bfb894b35507e8e5_0

MD5 868c436b11045e625434234b96487b8b
SHA1 5b58e12d7bc6ef4a3d33c91b9c2bac5ca9d2336a
SHA256 6ae6802c15fea0b240907dc1cf635fbf09134d9c4b385166709ceac85ded4132
SHA512 9ce422bd17a67c658870c70342289b310b5ba3ba2cc6f36e2d82ccb98962ea063c51dd59e0d2eb07a11b001fd4526aa62c5d9a9d9be3a35cb64c1f150f6683c6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\726cefc096415047_0

MD5 66b2ad9f68bfc9c578dc5fcbd167d243
SHA1 aaa9dc7188c534484a71c196471e6971f5203634
SHA256 7ef0c2773998c75d46bae4b51da065b23033b00ad8b27fc5a538eda514a1b59c
SHA512 99a755cedbe38989893d7c256a3329c0c05ba27bc11fd19cc0a977f18629f7fb4152877ef440a11489940d4f9bdaaa057ce114a186b077e677dd8bcc2148af45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9eef8b1beb817a84_0

MD5 79c5495060c925c5e5eca9be95010296
SHA1 a9241955e07bb96a5e3609f50f6f83ed3796b453
SHA256 929b9e1f6a754b1e17c577558b9a3970cb54955a8a625924c1dc810414ea832f
SHA512 7e9f48200cb3c316e1627b71d905b8d24992827cfa791c355eb133b42d4c448fd9b99e3934708f34ef86f7ac733b6d812621a01d069c5d45b08eea9cd9523ebd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a58397873cfc208_0

MD5 a13c9f9048364ea7a89cf7612410502e
SHA1 c824c78193e480ed25979d7e3703200accf7d711
SHA256 1549d1de03748728bdc1928faec187b4a4537d423cb50b650a2bb5cd9f8ed0ca
SHA512 495f0a95a5b45b47f1eb95449aff4d40840ace45900d7037b7b041456a5d44aa10cafa544277008f5e8ebb151357a29cf6b57747d684899bba0935c8d3f731b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\70dc6ffb39f6a9a5_0

MD5 adfd2c1065428f32f3cf0214dc0f9c84
SHA1 2d05beec9021052680b476e11f337be55f6f8483
SHA256 8e375307828d0b505566afe5113ad6c813537c3d8bef1cdf1d9bb6db19c96255
SHA512 9228c7a3e54e769ef9682e768d7682cdbc5c89b2bf233f2ba5e3f7816dd6eff0acbf6325a4015b045f0d99337b36778ed457aa1fdec66a1738e4ee33d22d178b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\54d038a883eb59dd_0

MD5 1ba7d8dcfde494a79941b09726eacc7a
SHA1 fae721a17d942ae5e040c5c2939515ce9117f2bd
SHA256 fe2248c4f985a7b98f51f28e8779ea5dc2eebb1d3faf7935dbcdfd9a5a48e529
SHA512 e0c111eee6ed997ff52ce4d22d30e1e91b553343f4befa8a484200a3b205f9260c01e508c14641faaf2633e6984a109462844858581c7500d5485e452a72dd9a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7ff1d0a061446b280b5f969e45b707a1
SHA1 b4ccf4586627477469661ffbdb2e04eae7d9eaac
SHA256 92bda8668648601f6645717247366e1c761c69cb67d79c691462cb3f0dbb7730
SHA512 dfc179a51a2cee23c490d0d071e001b42806b8223229ae9ebc36221a53ab36bd5fa6b3a4d974d0675f9122c8db8714d334db768b8c1bd629b613537622b61ad8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 815a00773c4eac57c633fbc8513b83a6
SHA1 a49aa63739e751d1bde86f07fb20b2cb662cf744
SHA256 7405a482814bfbd0df7de841df86b90bfc1c4734fd9f34e56b4b131d97871b08
SHA512 ed891882a1bf0e575a4a4d03a25fcbb847080b8db708d43373942524c51ec96db5410cc2252f8134c33f352042b8064daae78f7da0cee96c5dd256f6060af161

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3ef2bd7ef42d4c1d685ada244c4f6b67
SHA1 6113447f57e1396e8827c618510b65d284ff8277
SHA256 53ccc722ea840fe80578832b005d489507eda1a86ac37f044ac80d9d05ce71ba
SHA512 c87daebf18f2f07b473e98c75727b0612cec71ca7814fed92a51dbf9b4c4cd717dbfbf8f7d8b99b14aa743b5439eb6df8c82da7c29350e3cf9d4438c13217e39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 f1068d80c73ab265718372313cfbeec6
SHA1 79bc4bd04b8a5f7724ffdee53dbe760d2e2d4172
SHA256 7d9da2779e0e33d2184f851765a7c1ee8f69514cb929a1b9363dbe24828e02b6
SHA512 11d74031aeb64fa307fef28781f26f4e3e2196ec894a3b60c901969ed1ae1f1667a24059430796853fa4474b0e985a62ccacfc5da4b5e439edec757e0bb00282

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5512d92ba910018d889394005e844647
SHA1 e3b2224761fdfe62745be5ad7fdf051e736c771a
SHA256 a97e7f7f108e3a93c860f876ac50c64fb46915320b388bed199547b5082b2f4d
SHA512 2d4d0b9fd95968e01e7838c3367fac21ef6972a9a7462448d16128894db9f12ad00d7751d64b27a23fa1e8517b3d5d138cc62c46818700f8a739dcc7189ca381

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1744c6b61d4c7ab3054ec9b00af0f421
SHA1 cf233eca0f1bdd1227e8eae6964491b7859e7c89
SHA256 26aa9f89f613cc56b0144b06cc2efc26c02e510f585fd5d440343d7aa19d8f44
SHA512 b2ec0b3673dfd93f0892f8af1806423c5a9036d3dab5219db305112798dabbb2aeb7bd72a4da068af53e9003666bc4a5236f7d17f8678df9521464ef0aa80291

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b5d70a377c181a45189eaaeb5757b6a2
SHA1 6ce90a0d27b2606df57f78525147aa58664973ea
SHA256 615efa1c637703ea4c3441212cd5d349d1607ea83258fb43872eab8498002555
SHA512 c04069d3b7ac393aa1c200e16ff1c9ec4aa43e5af88ca4d35316ae84bb3b33b0de117c1d2c2d5cc1b08bfd16b8eab4fcac178071eb6f88682ea96e2c47a56a87

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ed51c3825aafc22d76bfcb006f3a99e1
SHA1 cc3e72b7fa54fd637c72b47102612f88835d8e7c
SHA256 d913d6b28b20ae6ae0bdb56a0cb1934c8662db428803c9eefb6ed6431c08caef
SHA512 4ace61e37de2486949882dd81f7a547bfd0df6bff0d98234be9959673c365988865aeff9498855107c9dd598ab4fad6806dfbbe86281b8b2463fdeff40ed3958

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b7f0381f4b5bd05e1fb2f5245087b887
SHA1 4b59d08312866aad41a38c3d7f6c60eff62f4ec7
SHA256 b8bd231f77324aab4e18e7bd6903747202657f781682b1b1d871d93fa88e6765
SHA512 1796dc39e786b8bb5d7b14515ed005616a4a4a1a46e62424908beae1613383e72f041b25a9d496f4db395ceaeb2bb04585de35275dc695de620ea52941f4a493

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 2280e0e4c8efa0f5fc1c10980425f5cf
SHA1 1d78ccb26fef7f1bf5bf29de100811e1ac8bda23
SHA256 b9225cb1f0df94ebe87b9eb2ad8c63cf664d2dfdb47aeaff785de6c7ce01aa74
SHA512 b759fcbf578947c0290ab703652df9f37abb1f9f5cf6140acaa8c4d4ee655ee0ee1f9bee9d4fd210d9e12585a51358b52e0e9c0878abf2713e6fd69a496ac624

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 96f84f5e3a5c0fa7984fd576831a8ca6
SHA1 ccca953627f91e3bc297cf909bbb938da3a44702
SHA256 ebe5b40a4d9f95aac4dc7ceb665ab9755c28be08329103c6e7629996922cd38c
SHA512 c6161247d4ced7a4d212791899f0614711bae2afbdc8ebd283c2385b1fff3e5fa5b25d900b93689c3a7a28f8a28924b2ce2f352c98eb5c26693dbef203ec7578

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4c72fa40eb6f02d862674aa8907d7068
SHA1 4b1c1e591440ddaeb556c27a98cb37884c7aec26
SHA256 5fadc15eee287bf7678a0e5e1d25aee7fb7a2e13217e96969ca19bba140b3ed5
SHA512 8c292fa707e3199bb45aecab0e3bbbf610f52bdba0b5c79ca35f105e3e5eac59eef8ec1d1960403c5af6ac0cf013424bfa621677e127abda7854015b956e0adb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b4782f2e16e492eb04291405ff718b53
SHA1 e0bf7f0bd63eafa2ed6ec134e0f38cbd9dc344d9
SHA256 427eaeddafeeff1e6eb8a922eb9eb25b8fb250c4b939bd52aa9a81f774f0d5c4
SHA512 e7f37cb3cddf56060ea230831a5d4b4c2837c7794064c0125b4c3b3ab097ec85bec77b7603cf3182973901c1c8803ff3283cdca0bdf12d2ca61fd7367cc22d7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cd575fec20de5bac_0

MD5 75afe6dda7fe42b65be6e31de411fb9a
SHA1 54b960b32c2214ea06845b7e43cee2991c6d3804
SHA256 d9ab0f6db18dfd4fe5b9bdf15a5988c4ecdf94167269394bb3683009191f2176
SHA512 e07e5282d53a699f75bb2e73e1d6281c1a9bd4736c708f66a65a2de72e23d9fcaf8f4e0f73a59eda54de816bed4aaaecc1a13bff393bc6bc98884fe130f9b5ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b5c0b0d2ff0cad95_0

MD5 12062b605bf310243fa30261aef35e80
SHA1 b6e6d40092839df7ff5c2435a285673644178859
SHA256 4826f080ddbdefa99cb8b08524c02d675446f5dde3e795c88dcf19b40f482d6c
SHA512 9d40dfa9e5175ce419e375fddbefed05bb540a7aaef4cc44b055d619a385145d710ff624d113148220ce63bb3c0c6f6202b0544b837901fde0eeb30c1e7c370b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

MD5 86983f96fdd4d0e8e99cf6cb99699bbb
SHA1 731c5beb265ce52186c5862109050890f087f22e
SHA256 48718f1307a42db02450d31a0723bc32351cac42a0a0a51a79666620c7683594
SHA512 c315d53ab4390fda1a1ad8611f0be3821793cde590d16620f2f371a0428d653f54e6a432170809ee7bd370905f0a1a5730c8dd134f91552c632fc24f56433219

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

MD5 4ca3c9806914acc847891bf2a3ae9b2a
SHA1 5e6d9ccf79c7a593be586dbb784f1cb8bbd24d3a
SHA256 d8474025add64e3a8b4acade8dd2b0c19b8366aaa38bbfdfaa4b6a6bf45443d0
SHA512 efbfb42aa348edab459aeb746277a8bb3fe789f28d1c1bbd23b5835bf5f88deb7d245d4824f834d47a7c310a2d68fe4e52b72ba9abf71f67353d3c45c4254350

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bf1e0f09978c533becc2720110a09f95
SHA1 a174f33d305d156861b7120cc2279f25cc3a1707
SHA256 eb379e1d2e4bfda04e3400b33ffdead5e8967603b24cff9e9641f0188146d242
SHA512 75eb6b2efc6f322b9b5a3ae8ab474dac771251d70245cfdb1022a5a64c334464fceaf6d48ea8f7af7cd9c42538b59a37f84ba37459428ca8d05aa9abd4c5a6a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 fef59c5fdf7dd773b3f9b3c49f83e9ed
SHA1 a9469737d38a7c69440d3a026124e3c7c1dcd612
SHA256 886a34f362e71004d615c88b11d02377d5d519da4e693a3906918ffc145db429
SHA512 d3f1c5001f2f802d06a4286aa401aa8eac21a1bedae160cc217622712294cb991ed2a0b7a8921c1f48f9cb8fa1e3ceaddd9b89e9fb84de78df9d8a4ed91ef0e3

C:\Users\Admin\Downloads\word.bat

MD5 bbf9cefe6043dacf49f0fd9e7179dcf9
SHA1 740d83bd084c9457e7e97771c23abe56b25cb4fe
SHA256 33bda8cd3d91bbb892f6d045aec7585ec753c7ace9e7a8722c63b49665ffebcf
SHA512 9bf3060e5a1bedc8049053196a684068e00b7e8599e340e93c3e8bc831fd0f9a9f98668b7e5023ed3f52e7538e6b36d1e27b57666506e1b1c931648c4fe6fe3a

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2DEABE36-383C-11EF-B9F7-5262F08EE73F}.dat

MD5 f2d7262f33b6b62dda3b607d161c07e9
SHA1 f5cc5bf276d3f3761bd844d4582729208370b333
SHA256 f9e6ed63929aab804ee49cba2a31ba6769fda4c018263442c6afd0034d2a5c64
SHA512 3a8669c57c6f1ab182229c36dd142bb653a109d5496bb4261f913ae904f69cf424a4491380b0096388919a080835b69a03d9e351df044eb73ae39d66246f6d49

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 328ff53d5b595cbf27841994e620b702
SHA1 cd80d94d04871c5c7d8cc006210285043c2960fa
SHA256 7b1996b0b3ee1fc53a4d5c735eead24b02943db7031ccac202768b61c3a17925
SHA512 0acffe2eb59fee498fe5fdedff07f474ad7782d7f6e6fb70a6fc4ef3ef7f46aa14cee7f0995da985de3bdbef811b31f093eb57447f8c7bed1394ff4572596ce4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 31b197c63a6c06cdb8e1880404a30c4a
SHA1 53cba3e198a0966d5f96c2c6a47ac78935faf2eb
SHA256 395d17acc28f3422c987ffede3ae34e7aadfd72e6658940c15ade6998e76d712
SHA512 0c06eddbfe21c5aa9418660ef74360b63b0badff319482b910c1920b3825794dbcfcf79c35876dc1038710503ccf74770c32d72e04dafe9feba05cf4c39ff274

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2C5B434B-383C-11EF-B9F7-5262F08EE73F}.dat

MD5 1b9b6f4794821cb38ef1691d4db1062e
SHA1 da4120b1c9b461d6a8cdda4e2329fb8928b63651
SHA256 fbbf590f9ba7b3ab161f1c1e6f51e8b62d29208279385eb8f2cd86b948969f05
SHA512 50f2a62a58efea95ca093c6c27a2d7d13bdfcbb696b8935c825fa54fa46e5327855403db2d03d64f45e385d0e9d895a4605ad25dc150952c1532035de3f03641

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 333898bb9ac55667a3ef47d5b5fb5e23
SHA1 739171800e0622dc0038d34a538442b1eca3a17c
SHA256 63ac1a1e062307b2b0775b28b9c081df428aa5d6af3ea7a956432b2f8f068a8d
SHA512 a48335ce6f308b8b0d46e66fa68d541e5def5e310db5f1888c8e0cd8e8cfbf1e9411885bdcfa9396e5dfe4d59691e5784dedae17e171fe6e23563fd5d5ff0f79

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 472e61e45182b94ad3082a4701d507c9
SHA1 7bf2e61db3d91e126f7ed1de2208bf3c47b04bb8
SHA256 31430e1a85ee4b2af6d154172542d56df48b503d8c58dd3128c83f54e8c3730e
SHA512 abd5c59831c25aa9c0aad63d4745d57c5151e1d8e2f450300d2bfa022ba8437057c187c988d14761ebc88162eb17b46f6def05c64380df4549cf80a44a4b7d5e

C:\Users\Admin\AppData\Local\Microsoft\Internet Explorer\Recovery\High\Active\RecoveryStore.{2C5B434B-383C-11EF-B9F7-5262F08EE73F}.dat

MD5 1b87163dba8fe9d7940fdcd068540baa
SHA1 23b175a6c6fecb59cffa64014defabce8a4619be
SHA256 260d3d73c8b5c50f235bc627cec85c46213adee72e2a896f17eedc7f10702895
SHA512 51ad888f556e2e94839fa57bd455c9572b38c76ed5fc023b813a4bd166d0d339ca9e1aa2bb2e0931c0bfc9f13220c3130cf08d6a9f08d692feaa7b2086b20a6d