Analysis Overview
SHA256
8c56dd074eb31203e0a968ba4a82fd189a6401f33b88382aefab64714987a4b4
Threat Level: Known bad
The file 55club.in_12.txt was found to be: Known bad.
Malicious Activity Summary
Stealerium
Executes dropped EXE
Reads user/profile data of web browsers
Legitimate hosting services abused for malware hosting/C2
Looks up external IP address via web service
Accesses Microsoft Outlook profiles
Event Triggered Execution: Netsh Helper DLL
Suspicious use of SendNotifyMessage
outlook_win_path
Suspicious behavior: GetForegroundWindowSpam
outlook_office_path
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of FindShellTrayWindow
Checks processor information in registry
Enumerates system info in registry
Modifies data under HKEY_USERS
Modifies registry class
Opens file in notepad (likely ransom note)
Suspicious use of SetWindowsHookEx
Suspicious use of AdjustPrivilegeToken
Suspicious use of WriteProcessMemory
MITRE ATT&CK Matrix V13
Analysis: static1
Detonation Overview
Reported
2024-07-03 09:35
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-07-03 09:35
Reported
2024-07-03 10:05
Platform
win10v2004-20240611-en
Max time kernel
1798s
Max time network
1172s
Command Line
Signatures
Stealerium
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\build.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\build.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\build.exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\build.exe | N/A |
Reads user/profile data of web browsers
Accesses Microsoft Outlook profiles
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000\Software\Microsoft\Office\15.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\build.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\build.exe | N/A |
| Key opened | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\build.exe | N/A |
Legitimate hosting services abused for malware hosting/C2
| Description | Indicator | Process | Target |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
| N/A | discord.com | N/A | N/A |
Looks up external IP address via web service
| Description | Indicator | Process | Target |
| N/A | icanhazip.com | N/A | N/A |
Event Triggered Execution: Netsh Helper DLL
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key queried | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
| Key value enumerated | \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\NetSh | C:\Windows\SysWOW64\netsh.exe | N/A |
Checks processor information in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\Description\System\CentralProcessor\0 | C:\Users\Admin\Downloads\build.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\Identifier | C:\Users\Admin\Downloads\build.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133644730819085085" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Set value (str) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell\KnownFolderDerivedFolderType = "{885A186E-A440-4ADA-812B-DB871B942259}" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 = 19002f433a5c000000000000000000000000000000000000000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\MRUListEx = 00000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0\MRUListEx = ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\MRUListEx = 00000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots = 02 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags\1 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0 = 5000310000000000cb58d19e100041646d696e003c0009000400efbecb58c394e358784c2e0000006ae1010000000100000000000000000000000000000007068500410064006d0069006e00000014000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0 = 14001f50e04fd020ea3a6910a2d808002b30309d0000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0\NodeSlot = "1" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0 = 7800310000000000cb58c3941100557365727300640009000400efbe874f7748e358784c2e000000c70500000000010000000000000000003a000000000014937a0055007300650072007300000040007300680065006c006c00330032002e0064006c006c002c002d0032003100380031003300000014000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\0\0 = 8400310000000000e358cf4c1300444f574e4c4f7e3100006c0009000400efbecb58c394e358d04c2e00000072e1010000000100000000000000000042000000000069c75a0044006f0077006e006c006f00610064007300000040007300680065006c006c00330032002e0064006c006c002c002d0032003100370039003800000018000000 | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = 00000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\0\0\MRUListEx = 00000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\Bags | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\0\MRUListEx = 00000000ffffffff | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Opens file in notepad (likely ransom note)
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\system32\NOTEPAD.EXE | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: GetForegroundWindowSpam
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\build.exe | N/A |
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\build.exe | N/A |
Suspicious use of WriteProcessMemory
outlook_office_path
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000\Software\Microsoft\Office\16.0\Outlook\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\build.exe | N/A |
outlook_win_path
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\USER\S-1-5-21-2447855248-390457009-3660902674-1000\Software\Microsoft\Windows NT\CurrentVersion\Windows Messaging Subsystem\Profiles\Outlook\9375CFF0413111d3B88A00104B2A6676 | C:\Users\Admin\Downloads\build.exe | N/A |
Processes
C:\Windows\system32\NOTEPAD.EXE
C:\Windows\system32\NOTEPAD.EXE C:\Users\Admin\AppData\Local\Temp\55club.in_12.txt
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff85540ab58,0x7ff85540ab68,0x7ff85540ab78
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1740 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2208 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2272 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3100 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3108 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4444 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4584 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4592 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4264 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4632 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4764 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=4784 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=4732 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=3660 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x39c 0x344
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4552 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=4808 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5460 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5296 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5340 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5352 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Users\Admin\Downloads\build.exe
"C:\Users\Admin\Downloads\build.exe"
C:\Windows\SysWOW64\cmd.exe
"cmd.exe" /C chcp 65001 && netsh wlan show profile | findstr All
C:\Windows\SysWOW64\chcp.com
chcp 65001
C:\Windows\SysWOW64\netsh.exe
netsh wlan show profile
C:\Windows\SysWOW64\findstr.exe
findstr All
C:\Windows\system32\msiexec.exe
C:\Windows\system32\msiexec.exe /V
C:\Windows\SysWOW64\cmd.exe
"cmd.exe" /C chcp 65001 && netsh wlan show networks mode=bssid
C:\Windows\SysWOW64\chcp.com
chcp 65001
C:\Windows\SysWOW64\netsh.exe
netsh wlan show networks mode=bssid
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=2364 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:1
C:\Users\Admin\Downloads\build.exe
"C:\Users\Admin\Downloads\build.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5836 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\build.exe
"C:\Users\Admin\Downloads\build.exe"
C:\Users\Admin\Downloads\build.exe
"C:\Users\Admin\Downloads\build.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=1848 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=5276 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5976 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6120 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=4668 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=4800 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=2352 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=6012 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=6188 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5744 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5904 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=5852 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=6292 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=5316 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=1680 --field-trial-handle=1972,i,3947972125235276540,4392673102341338254,131072 /prefetch:8
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 13.107.21.237:443 | g.bing.com | tcp |
| BE | 2.17.107.131:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 228.249.119.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 73.31.126.40.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 99.58.20.217.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 131.107.17.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 241.150.49.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 15.164.165.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 140.71.91.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.221.184.93.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.27.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 10.27.171.150.in-addr.arpa | udp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| US | 8.8.8.8:53 | 106.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 3.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 196.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | apis.google.com | udp |
| GB | 142.250.200.14:443 | apis.google.com | udp |
| US | 8.8.8.8:53 | 195.212.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | play.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 46.169.217.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | clients2.google.com | udp |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 142.250.187.206:443 | clients2.google.com | udp |
| GB | 142.250.187.206:443 | clients2.google.com | tcp |
| US | 8.8.8.8:53 | 206.187.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | shorturl.at | udp |
| US | 172.67.69.88:443 | shorturl.at | tcp |
| US | 172.67.69.88:443 | shorturl.at | tcp |
| US | 8.8.8.8:53 | www.shorturl.at | udp |
| US | 8.8.8.8:53 | 88.69.67.172.in-addr.arpa | udp |
| US | 8.8.8.8:53 | mega.nz | udp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | eu.static.mega.co.nz | udp |
| LU | 31.216.145.5:443 | mega.nz | tcp |
| GB | 216.58.213.10:443 | content-autofill.googleapis.com | tcp |
| LU | 66.203.124.37:443 | eu.static.mega.co.nz | tcp |
| LU | 66.203.124.37:443 | eu.static.mega.co.nz | tcp |
| US | 8.8.8.8:53 | 5.145.216.31.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 37.124.203.66.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.api.mega.co.nz | udp |
| LU | 66.203.125.11:443 | g.api.mega.co.nz | tcp |
| LU | 66.203.125.11:443 | g.api.mega.co.nz | tcp |
| US | 8.8.8.8:53 | 11.125.203.66.in-addr.arpa | udp |
| LU | 66.203.124.37:443 | eu.static.mega.co.nz | tcp |
| N/A | 127.0.0.1:6341 | tcp | |
| N/A | 127.0.0.1:6341 | tcp | |
| US | 8.8.8.8:53 | gfs214n173.userstorage.mega.co.nz | udp |
| ES | 185.206.27.83:443 | gfs214n173.userstorage.mega.co.nz | tcp |
| ES | 185.206.27.83:443 | gfs214n173.userstorage.mega.co.nz | tcp |
| ES | 185.206.27.83:443 | gfs214n173.userstorage.mega.co.nz | tcp |
| ES | 185.206.27.83:443 | gfs214n173.userstorage.mega.co.nz | tcp |
| US | 8.8.8.8:53 | 83.27.206.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | discord.com | udp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 8.8.8.8:53 | 233.128.159.162.in-addr.arpa | udp |
| US | 8.8.8.8:53 | icanhazip.com | udp |
| US | 104.16.185.241:80 | icanhazip.com | tcp |
| US | 8.8.8.8:53 | 241.185.16.104.in-addr.arpa | udp |
| US | 8.8.8.8:53 | evcs-ocsp.ws.symantec.com | udp |
| DE | 152.199.19.74:80 | evcs-ocsp.ws.symantec.com | tcp |
| US | 8.8.8.8:53 | 74.19.199.152.in-addr.arpa | udp |
| US | 104.16.185.241:80 | icanhazip.com | tcp |
| US | 8.8.8.8:53 | api.gofile.io | udp |
| FR | 151.80.29.83:443 | api.gofile.io | tcp |
| US | 8.8.8.8:53 | store9.gofile.io | udp |
| US | 206.168.190.239:443 | store9.gofile.io | tcp |
| US | 8.8.8.8:53 | 83.29.80.151.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 239.190.168.206.in-addr.arpa | udp |
| US | 104.16.185.241:80 | icanhazip.com | tcp |
| US | 162.159.128.233:443 | discord.com | tcp |
| US | 8.8.8.8:53 | www.google.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.169.46:443 | play.google.com | udp |
| US | 8.8.8.8:53 | 99.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 98.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | i.ytimg.com | udp |
| GB | 172.217.16.246:443 | i.ytimg.com | tcp |
| GB | 172.217.16.246:443 | i.ytimg.com | tcp |
| GB | 172.217.16.246:443 | i.ytimg.com | tcp |
| US | 8.8.8.8:53 | www.youtube.com | udp |
| GB | 216.58.201.110:443 | www.youtube.com | tcp |
| US | 8.8.8.8:53 | 246.16.217.172.in-addr.arpa | udp |
| GB | 172.217.16.246:443 | i.ytimg.com | udp |
| US | 8.8.8.8:53 | www.virustotal.com | udp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | static.doubleclick.net | udp |
| US | 8.8.8.8:53 | jnn-pa.googleapis.com | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | tcp |
| GB | 216.58.213.6:443 | static.doubleclick.net | tcp |
| GB | 142.250.180.10:443 | jnn-pa.googleapis.com | udp |
| GB | 216.58.213.2:443 | googleads.g.doubleclick.net | udp |
| US | 8.8.8.8:53 | www.recaptcha.net | udp |
| GB | 142.250.180.3:443 | www.recaptcha.net | tcp |
| US | 8.8.8.8:53 | 110.201.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 46.34.125.74.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 2.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 6.213.58.216.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 10.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | recaptcha.net | udp |
| GB | 142.250.200.35:443 | recaptcha.net | tcp |
| GB | 142.250.200.35:443 | recaptcha.net | udp |
| US | 8.8.8.8:53 | 3.180.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 35.200.250.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 14.213.58.216.in-addr.arpa | udp |
| US | 74.125.34.46:443 | www.virustotal.com | tcp |
| US | 8.8.8.8:53 | 202.187.250.142.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 67.169.217.172.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 8.8.8.8:53 | e2c53.gcp.gvt2.com | udp |
| US | 35.217.93.191:443 | e2c53.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 191.93.217.35.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons.gvt2.com | udp |
| US | 142.250.69.3:443 | beacons.gvt2.com | tcp |
| US | 8.8.8.8:53 | e2c22.gcp.gvt2.com | udp |
| BR | 34.95.145.254:443 | e2c22.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 3.69.250.142.in-addr.arpa | udp |
| BR | 34.95.145.254:443 | e2c22.gcp.gvt2.com | tcp |
| US | 8.8.8.8:53 | 254.145.95.34.in-addr.arpa | udp |
| US | 8.8.8.8:53 | beacons2.gvt2.com | udp |
| US | 142.251.177.94:443 | beacons2.gvt2.com | tcp |
| US | 8.8.8.8:53 | 94.177.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 90.16.208.104.in-addr.arpa | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| US | 142.251.177.94:443 | beacons2.gvt2.com | udp |
| GB | 172.217.169.67:443 | beacons.gcp.gvt2.com | udp |
| GB | 142.250.187.196:443 | www.google.com | udp |
| GB | 172.217.169.46:443 | www.youtube.com | udp |
Files
\??\pipe\crashpad_2324_CDDBLYSCVNTJVRNK
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | bf04d62ec796745b17de6f8f01bd5724 |
| SHA1 | b6ab740950a982c16814110e65ef3c3b6bbb9124 |
| SHA256 | 0e667abc8ecbaecda623becf8f00a1c6cbdcbc00764f8a5afccba81120529a4f |
| SHA512 | 39ceb264db02237dee60f849f1c5788b7f0408c13b30e03fc30611245e413862ca55f9aa129a1c6b0a447a8a67de4259cc502ecd82277bd4c68ddfe4fe648342 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7882dd8120b7eb85467337323df5271d |
| SHA1 | 59affa244859d101839d6323be7f510145a97706 |
| SHA256 | 776dc547ff5dccd6f05dc6d068d59b79800ace430661a990a85e723ab529107c |
| SHA512 | 3ab700392da4e3832f07b949ff3c47a21d6b000e0fe96372f684c8fa5deaa760a10a8aa5a67ab6b618f406e6b7948804e358b1f5d12b7589b6bc24e058b27bb4 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 4f34252cd5148fad447eed3d6df9dae8 |
| SHA1 | 2ca1833ddab8f3c8ac927c22c2e481a165c73837 |
| SHA256 | 7807971ea42e42f177725d9f0659fbcd924d751ad3afe999fee8b0489897802c |
| SHA512 | 7a4e719f4953559fd232ab97b88c1b0ac0067b77af849948c8235e078c54f4838f7099334e020ea569cefff1dd53675481d629a13b51c4a6e3bd1a246a5d0fcb |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences
| MD5 | d3adc3ab2bea685e2d6c8d9e01dcc2c1 |
| SHA1 | 50adf51093efecfb0a56668b74b905c7da9e444b |
| SHA256 | 65e2f7110f50ddb947aa98bc0240ca6c8609041eed765de0e07c5a507850669c |
| SHA512 | cab43a3e675ad1002646daeab47d5061f7d173d70df95906e605ea916214c7fe1cb05fe082a664b1da3b41b43de181be5c926e82001dcac4ff7ee52669413e71 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_mega.nz_0.indexeddb.leveldb\CURRENT
| MD5 | 46295cac801e5d4857d09837238a6394 |
| SHA1 | 44e0fa1b517dbf802b18faf0785eeea6ac51594b |
| SHA256 | 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443 |
| SHA512 | 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\File System\000\p\Paths\MANIFEST-000001
| MD5 | 5af87dfd673ba2115e2fcf5cfdb727ab |
| SHA1 | d5b5bbf396dc291274584ef71f444f420b6056f1 |
| SHA256 | f9d31b278e215eb0d0e9cd709edfa037e828f36214ab7906f612160fead4b2b4 |
| SHA512 | de34583a7dbafe4dd0dc0601e8f6906b9bc6a00c56c9323561204f77abbc0dc9007c480ffe4092ff2f194d54616caf50aecbd4a1e9583cae0c76ad6dd7c2375b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b
| MD5 | 950eca48e414acbe2c3b5d046dcb8521 |
| SHA1 | 1731f264e979f18cdf08c405c7b7d32789a6fb59 |
| SHA256 | c0bbe530abfce19e06697bc4358eb426e076ccdb9113e22df4a6f32085da67a2 |
| SHA512 | 27e55525ade4d099a6881011f6e2e0d5d3a9ca7181f4f014dc231d40b3b1907d0d437b0c44d336c25dd7b73209cd773b8563675ac260c43c7752e2d2d694d4d9 |
C:\Users\Admin\Downloads\build.exe
| MD5 | 5eec5f0bf6ad3ffb8291b1b0f4149905 |
| SHA1 | 9e9ca2443e0fdde861b47f01d1f09357803b333a |
| SHA256 | 06b604974ee2ae611b9cfbfbd04e923e3f0933e4d69cad366ea2c6e3f720282e |
| SHA512 | c91ec95540614035c3f580de257fccdb7f054812d5ccd56d8e5ca537d5ea383d1585ffe9b07fde39941498b4841d7917241d97e83840787c0f2bb83a7055eaf9 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7e5047e39386989a0675e929e04a9acb |
| SHA1 | 827ef93b08914f0a57a1766dd719e628172b0170 |
| SHA256 | 2711e5a127661ca6f78791e4009e8ad7142ea21537c4ed9b6e96198f3477fa08 |
| SHA512 | c328bbf4783b2caf46c8cc63d653087f9d80c30c237f5c9604e38b64576634e1c66a7a673310f7e6db1029659f0e9b8fc84df918a6a507d3d9d1dbcd6d89774b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4415ee3e7580b1167e24159282eb9c13 |
| SHA1 | bd203fd76ca5a779f55d412a18a6db92556374af |
| SHA256 | 35b30dcc2d58512c18bc5ae2a151051206d4d889c751b223fd6e4ac48c3895fd |
| SHA512 | ea98722372fcf4bdd338a6e4ec3331535495f49fe6e580ec76d055e210220fbff3efc160108370a1d9bcc41c0cbdca98200165a4552bd26c15016e21c0981286 |
memory/3852-259-0x000000007501E000-0x000000007501F000-memory.dmp
memory/3852-260-0x0000000000B70000-0x0000000000D04000-memory.dmp
memory/3852-261-0x00000000056E0000-0x0000000005746000-memory.dmp
memory/3852-267-0x0000000005C20000-0x0000000005CB2000-memory.dmp
memory/3852-268-0x0000000005CB0000-0x0000000005CD6000-memory.dmp
memory/3852-269-0x0000000005CE0000-0x0000000005CE8000-memory.dmp
memory/3852-270-0x0000000006C00000-0x0000000006C0A000-memory.dmp
memory/3852-271-0x0000000006C10000-0x0000000006C18000-memory.dmp
memory/3852-272-0x0000000006C30000-0x0000000006C4E000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | 84d04a4a6da58a00104937604f0af418 |
| SHA1 | 6b918631c51e1d1041534771135c685bbf620c0c |
| SHA256 | 614ac248ad294baed6be7157b171ddc9a4cd1e8645edc3ffcfa7b6cfb9d5d8ee |
| SHA512 | 69504ca5a3b2f49edb2d2161737008c5d7da19a7262a26295858af8c9593b85e42cbb3883901263b2402083966f915f33666b116e695f0b0dda30dd3b841da2d |
C:\Users\Admin\AppData\Local\295efae6b51943edaa00ac7410ba6f7b\Admin@PVWYNMDT_en-US\Browsers\Firefox\Bookmarks.txt
| MD5 | 2e9d094dda5cdc3ce6519f75943a4ff4 |
| SHA1 | 5d989b4ac8b699781681fe75ed9ef98191a5096c |
| SHA256 | c84c98bbf5e0ef9c8d0708b5d60c5bb656b7d6be5135d7f7a8d25557e08cf142 |
| SHA512 | d1f7eed00959e902bdb2125b91721460d3ff99f3bdfc1f2a343d4f58e8d4e5e5a06c0c6cdc0379211c94510f7c00d7a8b34fa7d0ca0c3d54cbbe878f1e9812b7 |
memory/3852-335-0x0000000007510000-0x00000000075A2000-memory.dmp
memory/3852-339-0x0000000007C60000-0x0000000008204000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 31278e7e446bba42f0951d970ec9693d |
| SHA1 | cdd0a49ddc54299627cd80e47b1e926aee3cfb04 |
| SHA256 | 8f1edcccdef782dde4a880e1f8a18e4f8e4f4d6962a57fef2ce3260aa0ba4134 |
| SHA512 | 4aa6d73a2846b67ad984b2b4bc6cc7307464932ffa7308dbf974aa5cf6f9978e713a39eaed936fb629b36d0d34fe1a4bb149b228a173d06440c9af399bbb8796 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe59e313.TMP
| MD5 | 8ed52e202a3e82a91de6e2af0f551622 |
| SHA1 | fceb549234143fd861aa7297e4b54f1ce47084a8 |
| SHA256 | 2519734a0413c3b6bdad740ba4917d36e221579598f4ce25c0e35fdda0ed3f37 |
| SHA512 | 684270da2b0ed2cf7e7179cc70ccd844a95a3ab1159569eff3e210ede91f169ccef9dc4f5ec7544bcd03f3880ff2085981f47450f96682e140b756d4bb890dca |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | cb6a966bdef022bfdaafcfec9dfb6d81 |
| SHA1 | 60d0d2160e5083da59f74a42d6f6cc96c7e95c0a |
| SHA256 | 6acf96cea37aa02088598bed43faa5b916c1d3ef74ccacd293a4a1c74d2514c1 |
| SHA512 | f9e8b8594e1bb466d85dd05e5dc29967ca4be497c9ba306b3c3d256bcfb0f1b40ea54372c1e6d5cc419a0deabff9731a7e070ad6f795c885eba7f6fd345904a9 |
C:\Users\Admin\AppData\Local\295efae6b51943edaa00ac7410ba6f7b\Admin@PVWYNMDT_en-US\System\Process.txt
| MD5 | d4d3fbeaf987bb5ea7b356ef7e5308a3 |
| SHA1 | 3c8cbb505bc0c6ef2b139efb99eab357392329b2 |
| SHA256 | 8533065f28cc373715c44a7f70e584bf1abee68ccdedf1e7d2146a5d0fdb28b2 |
| SHA512 | 906d615f0d077d2862d35ebebc6d97040ae6031d58c9ba5747fa1d29e05789c2a51a49e3c638b9451d73e37d1b472e243b4d2876794542508ebb8c637100fc9c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | 14f1d52172761e0768883b32e949850f |
| SHA1 | bca3438a2503f3281c0e492a42c572b0be4d3212 |
| SHA256 | 61b63fc6adf69ddce03d8f35ae53a40f8d00eaf5396229967a4d0d22c9273c1b |
| SHA512 | f1d11cc7f230c41794cb7e290a051b16872d35c2b0fed6dfccf931ae54cdac19507778733d2c0168571b16049936a79a159a672f1b1250df521cd535b79a90ed |
C:\Users\Admin\AppData\Local\295efae6b51943edaa00ac7410ba6f7b\Admin@PVWYNMDT_en-US\System\Apps.txt
| MD5 | e1bc270815e818b8b19cdf59d8f08606 |
| SHA1 | a2acfd6ae3226eb1404111e88864d2ef9465b715 |
| SHA256 | e4f1dc362e5da459b2b37e80f92e6b7115279a5ecfbe22b5c708b5f89cc88147 |
| SHA512 | 845d479c4801422ef27219d59e957d0f49217dc240de69c4cedc93052d945c3edd06ecd6f0b064677a601b343c15c3f7448a0514e4670f4ac9207de36f520d5c |
memory/3852-503-0x0000000006D90000-0x0000000006E0A000-memory.dmp
C:\Users\Admin\AppData\Local\295efae6b51943edaa00ac7410ba6f7b\Admin@PVWYNMDT_en-US\Browsers\Google\History.txt
| MD5 | 2de028bb20cf93c6938c11a50c7b71d8 |
| SHA1 | e325f450ad9f8b9b2d9c772b8b59fde9de8b5434 |
| SHA256 | 9f261699bd83d55083f6ce6cb21c64b3bad76048b764141033e2e007e0e88193 |
| SHA512 | cf42712d397c27450fc283c188b4bd014157de47acc8f76d67fd5022a8b7511156f14d6b80288b744a50a4c2de6862a515d8fa32ad0845ed4aa70b066dad10f6 |
C:\Users\Admin\AppData\Local\295efae6b51943edaa00ac7410ba6f7b\Admin@PVWYNMDT_en-US\Browsers\Google\Downloads.txt
| MD5 | 916af51f526524d884e101ae6c0f7afb |
| SHA1 | 452e220ffe9521b592cec5907e09c24d21672d72 |
| SHA256 | b4c0984aa51afaaa2fc8811ebfc688301016fb1ab7a4776b0b5e943f9b32f8e1 |
| SHA512 | 269e3cdf351f18e8cd34baf83d1d9cb656c0923050eab53518fbec4b20da274b93f8c9bf583b3775f0859d308110665913232ad3133d4d208c43c380d6be6527 |
C:\Users\Admin\AppData\Local\295efae6b51943edaa00ac7410ba6f7b\Admin@PVWYNMDT_en-US\Directories\OneDrive.txt
| MD5 | 966247eb3ee749e21597d73c4176bd52 |
| SHA1 | 1e9e63c2872cef8f015d4b888eb9f81b00a35c79 |
| SHA256 | 8ddfc481b1b6ae30815ecce8a73755862f24b3bb7fdebdbf099e037d53eb082e |
| SHA512 | bd30aec68c070e86e3dec787ed26dd3d6b7d33d83e43cb2d50f9e2cff779fee4c96afbbe170443bd62874073a844beb29a69b10c72c54d7d444a8d86cfd7b5aa |
C:\Users\Admin\AppData\Local\295efae6b51943edaa00ac7410ba6f7b\Admin@PVWYNMDT_en-US\Directories\Startup.txt
| MD5 | 68c93da4981d591704cea7b71cebfb97 |
| SHA1 | fd0f8d97463cd33892cc828b4ad04e03fc014fa6 |
| SHA256 | 889ed51f9c16a4b989bda57957d3e132b1a9c117ee84e208207f2fa208a59483 |
| SHA512 | 63455c726b55f2d4de87147a75ff04f2daa35278183969ccf185d23707840dd84363bec20d4e8c56252196ce555001ca0e61b3f4887d27577081fdef9e946402 |
C:\Users\Admin\AppData\Local\295efae6b51943edaa00ac7410ba6f7b\Admin@PVWYNMDT_en-US\Directories\Videos.txt
| MD5 | 1fddbf1169b6c75898b86e7e24bc7c1f |
| SHA1 | d2091060cb5191ff70eb99c0088c182e80c20f8c |
| SHA256 | a67aa329b7d878de61671e18cd2f4b011d11cbac67ea779818c6dafad2d70733 |
| SHA512 | 20bfeafde7fec1753fef59de467bd4a3dd7fe627e8c44e95fe62b065a5768c4508e886ec5d898e911a28cf6365f455c9ab1ebe2386d17a76f53037f99061fd4d |
C:\Users\Admin\AppData\Local\295efae6b51943edaa00ac7410ba6f7b\Admin@PVWYNMDT_en-US\System\Debug.txt
| MD5 | 043881eac4383f5e99cc0b3751d80005 |
| SHA1 | 6c1e44b6cb04197f16a32db395c1e403b44d9903 |
| SHA256 | 66f7c40be71866d2cbe676c1af057d9659f51d45d1a1f3cdefce1df8102ded69 |
| SHA512 | 66cd3ad7db9335091e5331e1c8840a80e81788e40f8e48126248085fcbb60ffdd93b352ea0b21030a9b630adb44b4c2461e559ba5243488e6cf504f2509c0599 |
C:\Users\Admin\AppData\Local\295efae6b51943edaa00ac7410ba6f7b\Admin@PVWYNMDT_en-US\System\ProductKey.txt
| MD5 | 71eb5479298c7afc6d126fa04d2a9bde |
| SHA1 | a9b3d5505cf9f84bb6c2be2acece53cb40075113 |
| SHA256 | f6cadfd4e4c25ff3b8cffe54a2af24a757a349abbf4e1142ec4c9789347fe8b3 |
| SHA512 | 7c6687e21d31ec1d6d2eff04b07b465f875fd80df26677f1506b14158444cf55044eb6674880bd5bd44f04ff73023b26cb19b8837427a1d6655c96df52f140bd |
memory/3852-585-0x0000000006F80000-0x0000000007032000-memory.dmp
memory/3852-587-0x0000000006E10000-0x0000000006E32000-memory.dmp
memory/3852-588-0x0000000008410000-0x0000000008764000-memory.dmp
C:\Users\Admin\AppData\Local\295efae6b51943edaa00ac7410ba6f7b\msgid.dat
| MD5 | db1c8b9f95cf8ea8a6f1201c0a6c72f3 |
| SHA1 | ec0f7333070c218a5b02d90155a7a07333157e09 |
| SHA256 | df9c9ffa47107db8d14eef084864446823a2edc5806d56cc068d634199669bf8 |
| SHA512 | 36990f2508bcdfbb8e6c3c15f6a7446360c51ec3f4a31ff373b85d1a0c5dac079edbe569c84e4f3f919e326f664bb6f2517d781081d24aae969525f4e21e10da |
memory/3852-603-0x0000000007150000-0x000000000715A000-memory.dmp
C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0_32\UsageLogs\build.exe.log
| MD5 | 193dbdc5c0f693395acd93af077ebf54 |
| SHA1 | 3255f55112ef04fb92eb410e73688eedc94ed69b |
| SHA256 | fbc5eca582bae246982f0133dbe7f0af224bb041b822891b2e2db7093a033f02 |
| SHA512 | 205fa9c95ab6a096a371aa4be3c3ea9ec52ad3f6f2e2a29499dc7f0249f1a48a4e857a661f3b3e3fea9c91b0616d46ac76134d826757348a1c2f77990c43e360 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2c03f19118df13490b9211ae74397d80 |
| SHA1 | 7b496e1bcc4f27a26bb73d26c4198842ba341d46 |
| SHA256 | 0b1f1f0efc6d641b567dd89a6b353b3f6abf8fd8efa24e6322fe8ad8039dd763 |
| SHA512 | 91ecae11f256be7b55821cc6e8051aa8d42caed9463d07ceb848363115fcbd616527de6318aec42a093294b59fcbee7115f4ae89bc170bec5f7b6426bc19e41e |
memory/3852-627-0x000000007501E000-0x000000007501F000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | f7e0afa72a39cb23075e30ac5043c2c4 |
| SHA1 | 2b84843c528762e7332fdb131c630139a0e24c9b |
| SHA256 | 0844a7844ea98871eea4dc5e03b09b4818589d8eb3fb967377d0fe353c186a89 |
| SHA512 | ab09bafe1162c10e3c66f2ad72cbe6e20e0ba4b0b73c6518d0c634c1fe78a1096e73468ff711e1a6a7a75cdfdb4d1f0fd7f2a1c92fc551f04c794ab18b6ed240 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 13fa896c7b6e7273b824e3b072d097a6 |
| SHA1 | 406bd9cb32a6305b0a01547e5dd0140e4d238846 |
| SHA256 | 4046cf919dd2898ae4032e1edab727d2627436ce14539101177cee0905c60d0b |
| SHA512 | 63e4216c38f6b04dbb8e7a40e03296f011c37837dec88a40c3699da9f6c936ca2f2d2f904533a42c13294eb4644ce9ccfe9130142d801d9cc601501515c69871 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\IndexedDB\https_www.youtube.com_0.indexeddb.leveldb\MANIFEST-000001
| MD5 | 3fd11ff447c1ee23538dc4d9724427a3 |
| SHA1 | 1335e6f71cc4e3cf7025233523b4760f8893e9c9 |
| SHA256 | 720a78803b84cbcc8eb204d5cf8ea6ee2f693be0ab2124ddf2b81455de02a3ed |
| SHA512 | 10a3bd3813014eb6f8c2993182e1fa382d745372f8921519e1d25f70d76f08640e84cb8d0b554ccd329a6b4e6de6872328650fefa91f98c3c0cfc204899ee824 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt
| MD5 | b6f48def1ad0dc727f479ce8ffec8a6b |
| SHA1 | 488a3d7c23f20d7c90d9cd3010d31836d67b4028 |
| SHA256 | 88b9c140ca5cdbc682401e0cd009ef606ef17510c596d69c12b629f720543aec |
| SHA512 | ff657c31fa12c36894ac6002bbc33c3263739b9727aa255687ff9299087d47b2a6b390cd0bb6ce588b992c245e497f5e9178de97bec3c72a2d696160dd9f3a9a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5a8f60.TMP
| MD5 | e8cfab755a38eb7ecd80d1e069184040 |
| SHA1 | adc7e1266fa4b43ef77022388ea28de0ef6eca5f |
| SHA256 | 3be4f064645874de04489e9d82eac939e16ff28e643cd8281e3c8bb47d62a750 |
| SHA512 | 6e283fadad8417c12d2fa8d8338e3241d9560fc87e90b42cf3c3424bd009db066203324a2e03cc17490cbd730f3098a9a24333b5152c50efa45f0ca0ead23b86 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000045
| MD5 | 151fb811968eaf8efb840908b89dc9d4 |
| SHA1 | 7ec811009fd9b0e6d92d12d78b002275f2f1bee1 |
| SHA256 | 043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed |
| SHA512 | 83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d0ca368336b3d6fba63d2d3fcc0dcfac |
| SHA1 | ecc1f8d0db4f3d98d78d691f97a60b9640e74d5c |
| SHA256 | 06675f7dffeb9b2b6ed0d8cbce820726c52b6cc1c85738192a7b11a0de67d04c |
| SHA512 | 578bdb88116534e41c0b239ef0453779a443670745f6df8b2463c94b76cf18c8fe1d3879b18c9d6aaaafaa0a00386b80d51f3d69ac2201728f06dbd9db792c78 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 2d095c4b6074067ecc68bcb696c7d944 |
| SHA1 | fe2ef289285da168dec59773466230741cb46470 |
| SHA256 | 3e4e89b66705134b30b3f9741e9c608299d72528e4f5707ad2c0cea8df59218a |
| SHA512 | 670b55ccc709700ffee857667fb7d5e375e3aa6e711924801e00e56cbec3007c2dd187acb19a9cc0149ae0b141d26b0f417b3aa214228d8b993df0e93a93043b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | eaaef04fa890de4620be82edaca26188 |
| SHA1 | 5c37042a485cc88aa1fc0079931acfe2b3a8dae2 |
| SHA256 | 714fb14deb8e2cc73f5dd85d81c1afdbd794e7a0060fd92d5b026d1717fbf20b |
| SHA512 | f80d3c14cb5a752c9b51429a57e6d8bd46b64ab0cf3280c2575c945d1c0e6b36ec05db1d6eb392141279988754bd32427424e2bce7b353b26060d4aacd735cae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c8dd584f460e97fc8b5977bbc39d9025 |
| SHA1 | 197f66c1166444e74f85722f610ece25823c05a9 |
| SHA256 | e2b3e05f025fe4ba83ceb63a542c0e947858717a2d450b50c20414bc71104806 |
| SHA512 | e326f0b2749cec1f63a76b0d293eb82e7d51fb6e2e7e268e0b1b708a188b70632c0d29c74c703656410ebed94b3efecdd0b1e230886721d94d37cbc78e44e5b1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index
| MD5 | b901f01657d68d715e0501073974d29a |
| SHA1 | cc73b183f04adf16e5cdfdb25645528519b02dc4 |
| SHA256 | 2aa57456fd6d121d4bb5df7400527aafd10f2148d58d9bcde779642988e246ac |
| SHA512 | 97a246ed2c20d743e6efddd8c6139f1d8d166fb32bf6ccd192f8e75ce99ac6c879e43b25d0bff46e3d669faa675366e8e2dc8362d07127ee4fc349560962004b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache
| MD5 | f5832b218f44a0e365f9da32057752e1 |
| SHA1 | 46dd05a73173994e64d278fed02a7be91697288e |
| SHA256 | 09adb7d480f2cb764f4d5f76c2b18fa4df29835329200aeae4cffdbc37fa65d8 |
| SHA512 | d0cb85bfdcd5c0eb9b59807b12d5b6204025999aae1f8f7b14ddd2fabe6b8d5cf5ce41cb015d22c729750fb31b72ba87f9464e7621bc349ab81422fbee9e45c2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 856f365579877283fc6c8c5f58ed1ef6 |
| SHA1 | d27a4a830497418236a943721cc42f6ddfe94a3f |
| SHA256 | 9c3d60004d9e242c5dcd124ea4638e62ccd329196e327a9c55c2957b61c36242 |
| SHA512 | a29a1b79904c7110ec88262b9db8769008b134a9e05dfb61d52f4e4aaf67100eab5ee0b936a6d3a9d84ace167ff975aa94fcc567c46b6a6beb631554bda2b465 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 8cb115c46a3ab10e8d815f6c88826617 |
| SHA1 | 2067fea05cda460810c57b5bed88ad865b8b64a6 |
| SHA256 | a511b7774c813a7cb27653dca553c87efdb19450d1807a59e26667780ef03a1f |
| SHA512 | 721ac74c66e9d04683b5e633f278a43ca4ca101d5533767059170aa79425f8e961c8ff9ed772c0fa90253604e9368ba9eab19f6df13de7074f4db902ac85f645 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | aa48e9eff3bfe59888a3edf60d69a35d |
| SHA1 | a7119fe8cc2c8d744e873c8689c8d540a972e636 |
| SHA256 | fef179c6c8daf7d63aed08514337272b7d947f97acb348053e024dd02580172d |
| SHA512 | ac06335d039a747f9d5639a3203c2480d6160af8c36c93218c26d0e15ff484df89cb9edb80e745e22a4a6a59c094d0bde04ba1d3719ddca75a1748bd9039976f |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | c6bb1b59db8b46b22a44eca343b56ca7 |
| SHA1 | 2ffeb0187f05e400f43d0a3fa2a7fc8488e7f7c7 |
| SHA256 | 36d9f8f354dd2d748fd33fba2901903ed1f1a06a2969bbafa178a86a4904b092 |
| SHA512 | 3ee9da819efed60b476e7894cca2af5c427761abbf7191126a9d9aaf2783813f93405fccb43fdde701fb79c5994cc28da6a956db22241cbaaa8b1bff02107263 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index
| MD5 | 835e58e65b07ad8794051f0cc522de73 |
| SHA1 | e25aa2cd415e62a513bb728a005ccd6a10ca0a93 |
| SHA256 | fd8a6baddff15fb194b0b9cbc6492ec277baef6d05c1a4f47f31df714ed5678b |
| SHA512 | 1d68f0a592200472dcaa5ff27911db6a607a6935295b486447cb2b888cc686a157202c1af924b315a1d32fc5328055c444bcaf7e4fbc13bc90d5936f1bdd23dc |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000049
| MD5 | 6b5c5bc3ac6e12eaa80c654e675f72df |
| SHA1 | 9e7124ce24650bc44dc734b5dc4356a245763845 |
| SHA256 | d1d3f1ebec67cc7dc38ae8a3d46a48f76f39755bf7d78eb1d5f20e0608c40b81 |
| SHA512 | 66bd618ca40261040b17d36e6ad6611d8180984fd7120ccda0dfe26d18b786dbf018a93576ebafe00d3ce86d1476589c7af314d1d608b843e502cb481a561348 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 33a0cb71a73e4846922378fa8e7597ec |
| SHA1 | 08a934e4c9ac132265f7445cba30d70a5e09bebb |
| SHA256 | 142bcd9a10f8a4f5e8e6dcddd7ba1874cc77b84ddf9e0e552ebe91e26ed273cb |
| SHA512 | 09d6002a6e4fd13de6159edd5f198c177a4a1324c04ffa0d0538780a6aa3b0a6c0bb77555bdcf2b0e29055e4b52ff933384b2baf8998c36994532129dcc6bfd7 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | e848aa0013407edb9195caa58ba7f5e3 |
| SHA1 | daf310a8b7a14cf6bf52b5d313dbf737c16919c5 |
| SHA256 | 779c3d61da9b3cc78027754a2dd6b5c57d29fb082a32285ff93242d1ec72e971 |
| SHA512 | 4bc91b8e8bff0ec9ef966fda8b9b68d80f20f287a107f7b871be264cbab2b84036e501c405ccacd22f92ad7586c6d15c31e7cdeaed7e90e0f6c1dcf5a641020a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | df94147260b10618081e60c96be37041 |
| SHA1 | e6993c0d434c95549b5b31c17afdd792c98a2140 |
| SHA256 | 4053d34644c6ae158725d47dce86e4b6a398087abcc67b47a00f0c2384d684db |
| SHA512 | d60dabe530fb5a3ea2402935ef32d4c13f38ac905bfc63f049f82cce06f910708867e68e1c1344ff2dfd4ce939738977c1098c233127f594191f4f6e5179a90d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7f6d8801c0f23f8a4df6015014115ebc |
| SHA1 | 05a90a655e0cba9faa45519fe3b04b3a6fbe4dd9 |
| SHA256 | 7727538ee96a2df5262f83ac2cc828bdf0017784d4b695c4005f8b033d9eaa07 |
| SHA512 | 23a6302292638d734f7f2677a40ba579ee7383ab6a7e45b916024c8b26876e0323c7e48bacfb241f143f5dfb309a89ab0b7d287cab00b40b251f8d572b412857 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006
| MD5 | 858e0ffdb68a4d9a6523f340477fe29b |
| SHA1 | 4b123671c48e350f3d1e60e710aa83ba7594d5dd |
| SHA256 | 759e8e8be5cc43816ed6352f12f69c3042cdbf3409e7d557a338837eccf702fe |
| SHA512 | 021008ff278b4e5c046c81170da3540eac12859260d0948f7c4846a5721b461894c205169bb6591cced9ede9dab10ccdca2d77cc218fbb2e784f53f78e42d761 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007
| MD5 | cfd2fdfedddc08d2932df2d665e36745 |
| SHA1 | b3ddd2ea3ff672a4f0babe49ed656b33800e79d0 |
| SHA256 | 576cff014b4dea0ff3a0c7a4044503b758bceb6a30c2678a1177446f456a4536 |
| SHA512 | 394c2f25b002b77fd5c12a4872fd669a0ef10c663b2803eb66e2cdaee48ca386e1f76fe552200535c30b05b7f21091a472a50271cd9620131dfb2317276dbe6c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 36de34fabc641c288ef7115437905f40 |
| SHA1 | 24e61fbfb1e4250394e6ece8482d5fc6f263fc08 |
| SHA256 | df245a0782cfd555fe3e7972b4a1ff6d078b6ebdee9ded5a4d15c0a140d20e57 |
| SHA512 | dda1fa216774b574fd719f5dff63cc7361411cbfa74143730db6c1a45b6817d249c0baa51bc7f5d0634692688117f4c8cab28152c02514c8ad89e9fb28dc6473 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | f6ba8b456a2046949a39eb901e3494cf |
| SHA1 | 93e54fd3ce2237f5e2116e9286d27b4ae3c1af0a |
| SHA256 | 47d831fe120102ab9e6182411cdceab3708de44de082dda42428d8d817ec072f |
| SHA512 | 4bca2d41f0ca1055d69af28ac9a1d3781a4d924cac92ffed5d010bb1c47034051cb792b82048d71e97cc9d2dcf125b5573b99130f194445e81a94fbf1748c5d5 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | 7607b9a491d22be7f29a407ce1720e26 |
| SHA1 | 432864394bbe9a5dffd5f1607bf349b4859cf0dc |
| SHA256 | b603558e4ee68d53493c674f61f074e44071e22a3c5a98fe4f254e884443d00e |
| SHA512 | 00da8458b0112ba8d87faea9c67f50e522f58d9f81fd7ead9054499f83fc4a634f8ebc34aeb6d43160f9ad79072c257113d455667727d74dfe4205dc7da8c9f0 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | e8d4f2cedb042aecd4b62978a01cfa6d |
| SHA1 | 3f034c78fd7ff63ec6e2e3a64f0625d8c226aaee |
| SHA256 | d2f987b975d46d06f05740ce29e83f01c49d2868372d11cda6bf3c03437e050e |
| SHA512 | d50a86c474d5474fdf8e9d0d2762fdff951ae261abf598997df448d998c3650defc325ec3e44d8868160c9b7a67f459699578eb1c7d960185607a7f5bbe2d52e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History
| MD5 | a2d1cd38419ffde9132a7cfd84ec59ca |
| SHA1 | 6ba1288996743e4653fce2da8818e339cabef561 |
| SHA256 | 03957e7e34497eb23688ce478874893da4f4e25ecbddf55df308de4a5bfd4342 |
| SHA512 | fb63cd433c2a223cf2c47515d3a1d8aef5eb352e27b80a9bdc06a6bc8dda778b184a05d54c69101f58b3ca20932d386c7941a9553622f8b146d44a21cf001593 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 1f52f9e9915963ae71d4f7c916d25195 |
| SHA1 | b1fb3a700e6f6d8f649ae8422b2d67ec809d4e2b |
| SHA256 | be95af8571f055d40a536ab82ec33898b894a9ce143c5389640fb5f6e0353847 |
| SHA512 | c24bffe8185cb4c51a6335132a1024880f23ba01a93ad7cbb3e27924741ae86537ddfa77c25a803e07eb2924c547602c7c7f9e29ae359373049de3f3bd3aa3d6 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 290900b935db6fd862f1cabe06a0a300 |
| SHA1 | 3e06eafa846d853e6e8d3a4f1bf2ccc99ad40549 |
| SHA256 | 5e8e5494ae3ec0202db475dbfae56b408db10b8624862483779efed112ce9f2b |
| SHA512 | a3cea7fbefa9c82cf61c11f96e03f363b88823663e8e96c72d37705453f57df4d97b5ed34ad95e68505e71c8e46e985fe12a7a39b0238357a0cb23cb96cccdb3 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\GPUCache\data_1
| MD5 | 760fd13f6b5253197373ac360adc8d6b |
| SHA1 | 2a3f6217b42cfda8af50ccdf95a02410ff5eb72c |
| SHA256 | 7c8bb4f043b11a0a7bc63e5630d865de65f35483db9d60926b91519c5e9785c4 |
| SHA512 | 7b2e7c8855fc3c9a5f73bf690d956292066cd8119feafd83e9012efb868134b29d25e139a395b0affd3e5e9315719792d77f8a72b0973c4dc680c4236e8fd613 |