Malware Analysis Report

2024-10-19 07:21

Sample ID 240704-ndzagaycmf
Target https://faucetearner.org/?r=473101811640
Tags
wannacry bootkit defense_evasion discovery execution impact persistence ransomware spyware stealer worm
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://faucetearner.org/?r=473101811640 was found to be: Known bad.

Malicious Activity Summary

wannacry bootkit defense_evasion discovery execution impact persistence ransomware spyware stealer worm

Wannacry

Deletes shadow copies

Downloads MZ/PE file

Drops startup file

Executes dropped EXE

Modifies file permissions

Reads user/profile data of web browsers

Loads dropped DLL

Adds Run key to start application

Legitimate hosting services abused for malware hosting/C2

Writes to the Master Boot Record (MBR)

File and Directory Permissions Modification: Windows File and Directory Permissions Modification

Drops file in System32 directory

Sets desktop wallpaper using registry

Program crash

Enumerates physical storage devices

Suspicious behavior: GetForegroundWindowSpam

Uses Volume Shadow Copy service COM API

Enumerates system info in registry

Suspicious use of SendNotifyMessage

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Modifies registry key

Modifies data under HKEY_USERS

Suspicious use of AdjustPrivilegeToken

Suspicious use of SetWindowsHookEx

Views/modifies file attributes

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-07-04 11:17

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-04 11:17

Reported

2024-07-04 11:25

Platform

win10v2004-20240508-en

Max time kernel

422s

Max time network

435s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://faucetearner.org/?r=473101811640

Signatures

Wannacry

ransomware worm wannacry

Deletes shadow copies

ransomware defense_evasion impact execution

Downloads MZ/PE file

Drops startup file

Description Indicator Process Target
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\~SD6150.tmp C:\Users\Admin\Downloads\WannaCry.exe N/A
File opened for modification C:\Users\Admin\AppData\Roaming\Microsoft\Word\STARTUP\~SD6157.tmp C:\Users\Admin\Downloads\WannaCry.exe N/A

Modifies file permissions

discovery
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\icacls.exe N/A

Reads user/profile data of web browsers

spyware stealer

Adds Run key to start application

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\ppcvxtmedh378 = "\"C:\\Users\\Admin\\Downloads\\tasksche.exe\"" C:\Windows\SysWOW64\reg.exe N/A

File and Directory Permissions Modification: Windows File and Directory Permissions Modification

defense_evasion

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Writes to the Master Boot Record (MBR)

bootkit persistence
Description Indicator Process Target
File opened for modification \??\PhysicalDrive0 C:\Users\Admin\Downloads\Petya.A.exe N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\system32\catroot C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\System32\CatRoot2\dberr.txt C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Sets desktop wallpaper using registry

ransomware
Description Indicator Process Target
Set value (str) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" C:\Users\Admin\Downloads\WannaCry.exe N/A
Set value (str) \REGISTRY\USER\S-1-5-21-4124900551-4068476067-3491212533-1000\Control Panel\Desktop\Wallpaper = "C:\\Users\\Admin\\Desktop\\@[email protected]" C:\Users\Admin\Downloads\@[email protected] N/A

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133645655356977888" C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry key

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\reg.exe N/A

Suspicious behavior: GetForegroundWindowSpam

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\@[email protected] N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4532 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3172 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 3180 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1668 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1668 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 2904 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Uses Volume Shadow Copy service COM API

ransomware

Views/modifies file attributes

evasion
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\attrib.exe N/A
N/A N/A C:\Windows\SysWOW64\attrib.exe N/A

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://faucetearner.org/?r=473101811640

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffc074eab58,0x7ffc074eab68,0x7ffc074eab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1696 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2160 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2172 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=3056 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=3084 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=1008 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4564 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4928 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4360 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=4412 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --mojo-platform-channel-handle=2356 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4564 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x2cc 0x2f8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2736 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=1136 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=4060 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=5128 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=1860 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=5424 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=5180 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4764 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=928 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5864 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5956 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=5848 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3388 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Users\Admin\Downloads\WannaCry.exe

"C:\Users\Admin\Downloads\WannaCry.exe"

C:\Windows\SysWOW64\attrib.exe

attrib +h .

C:\Windows\SysWOW64\icacls.exe

icacls . /grant Everyone:F /T /C /Q

C:\Users\Admin\Downloads\taskdl.exe

taskdl.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\cmd.exe /c 230941720092193.bat

C:\Windows\SysWOW64\cscript.exe

cscript.exe //nologo m.vbs

C:\Windows\SysWOW64\attrib.exe

attrib +h +s F:\$RECYCLE

C:\Users\Admin\Downloads\@[email protected]

@[email protected] co

C:\Windows\SysWOW64\cmd.exe

cmd.exe /c start /b @[email protected] vs

C:\Users\Admin\Downloads\@[email protected]

@[email protected] vs

C:\Users\Admin\Downloads\TaskData\Tor\taskhsvc.exe

TaskData\Tor\taskhsvc.exe

C:\Windows\SysWOW64\cmd.exe

cmd.exe /c vssadmin delete shadows /all /quiet & wmic shadowcopy delete & bcdedit /set {default} bootstatuspolicy ignoreallfailures & bcdedit /set {default} recoveryenabled no & wbadmin delete catalog -quiet

C:\Windows\SysWOW64\Wbem\WMIC.exe

wmic shadowcopy delete

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 2316 -ip 2316

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 2316 -s 632

C:\Windows\system32\vssvc.exe

C:\Windows\system32\vssvc.exe

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 456 -p 2316 -ip 2316

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 2316 -s 632

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Desktop\ShowLock.mht

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffc016d46f8,0x7ffc016d4708,0x7ffc016d4718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2140,16007616793265730960,12174896101610390329,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2140,16007616793265730960,12174896101610390329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2408 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2140,16007616793265730960,12174896101610390329,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2684 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,16007616793265730960,12174896101610390329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3344 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2140,16007616793265730960,12174896101610390329,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3352 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,16007616793265730960,12174896101610390329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4916 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\92.0.902.67\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2140,16007616793265730960,12174896101610390329,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4916 /prefetch:8

C:\Users\Admin\Downloads\taskdl.exe

taskdl.exe

C:\Users\Admin\Downloads\taskse.exe

taskse.exe C:\Users\Admin\Downloads\@[email protected]

C:\Users\Admin\Downloads\@[email protected]

@[email protected]

C:\Windows\SysWOW64\cmd.exe

cmd.exe /c reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "ppcvxtmedh378" /t REG_SZ /d "\"C:\Users\Admin\Downloads\tasksche.exe\"" /f

C:\Windows\SysWOW64\reg.exe

reg add HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run /v "ppcvxtmedh378" /t REG_SZ /d "\"C:\Users\Admin\Downloads\tasksche.exe\"" /f

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=4468 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=5308 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=5892 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=5740 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=5260 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=6428 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=6572 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=6468 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:1

C:\Users\Admin\Downloads\taskdl.exe

taskdl.exe

C:\Users\Admin\Downloads\taskse.exe

taskse.exe C:\Users\Admin\Downloads\@[email protected]

C:\Users\Admin\Downloads\@[email protected]

@[email protected]

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7264 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7100 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6856 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=3424 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --mojo-platform-channel-handle=7004 --field-trial-handle=1916,i,6798649236462737778,12925683904966547873,131072 /prefetch:8

C:\Users\Admin\Downloads\Petya.A.exe

"C:\Users\Admin\Downloads\Petya.A.exe"

Network

Country Destination Domain Proto
US 8.8.8.8:53 154.239.44.20.in-addr.arpa udp
US 8.8.8.8:53 faucetearner.org udp
US 172.67.142.81:443 faucetearner.org tcp
US 8.8.8.8:53 cdn.jsdelivr.net udp
US 8.8.8.8:53 unpkg.com udp
US 8.8.8.8:53 cdnjs.cloudflare.com udp
US 172.67.142.81:443 faucetearner.org udp
US 151.101.65.229:443 cdn.jsdelivr.net tcp
US 151.101.65.229:443 cdn.jsdelivr.net tcp
US 151.101.65.229:443 cdn.jsdelivr.net tcp
US 104.17.24.14:443 cdnjs.cloudflare.com tcp
US 104.17.245.203:443 unpkg.com tcp
US 104.17.245.203:443 unpkg.com tcp
US 151.101.65.229:443 cdn.jsdelivr.net udp
US 8.8.8.8:53 code.jquery.com udp
US 8.8.8.8:53 translate.google.com udp
US 151.101.2.137:443 code.jquery.com tcp
GB 172.217.169.46:443 translate.google.com tcp
US 8.8.8.8:53 73.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 10.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 81.142.67.172.in-addr.arpa udp
US 8.8.8.8:53 229.65.101.151.in-addr.arpa udp
US 8.8.8.8:53 14.24.17.104.in-addr.arpa udp
US 8.8.8.8:53 203.245.17.104.in-addr.arpa udp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 137.2.101.151.in-addr.arpa udp
US 8.8.8.8:53 46.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 227.187.250.142.in-addr.arpa udp
US 104.17.24.14:443 cdnjs.cloudflare.com udp
US 104.17.245.203:443 unpkg.com tcp
US 8.8.8.8:53 translate.googleapis.com udp
US 8.8.8.8:53 hm.baidu.com udp
GB 142.250.187.202:443 translate.googleapis.com tcp
US 8.8.8.8:53 translate-pa.googleapis.com udp
CN 14.215.182.140:443 hm.baidu.com tcp
CN 14.215.182.140:443 hm.baidu.com tcp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.212.202:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 140.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 202.212.58.216.in-addr.arpa udp
US 8.8.8.8:53 209.205.72.20.in-addr.arpa udp
GB 142.250.187.202:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 241.150.49.20.in-addr.arpa udp
CN 111.45.3.198:443 hm.baidu.com tcp
CN 111.45.3.198:443 hm.baidu.com tcp
US 8.8.8.8:53 26.165.165.52.in-addr.arpa udp
US 8.8.8.8:53 206.23.85.13.in-addr.arpa udp
US 8.8.8.8:53 172.214.232.199.in-addr.arpa udp
CN 183.240.98.228:443 hm.baidu.com tcp
CN 183.240.98.228:443 hm.baidu.com tcp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
CN 14.215.183.79:443 hm.baidu.com tcp
CN 14.215.183.79:443 hm.baidu.com tcp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 4.180.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 52.111.227.11:443 tcp
CN 111.45.11.83:443 hm.baidu.com tcp
CN 111.45.11.83:443 hm.baidu.com tcp
GB 216.58.212.202:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 21.236.111.52.in-addr.arpa udp
US 8.8.8.8:53 98.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.46:443 play.google.com tcp
US 8.8.8.8:53 consent.google.com udp
GB 172.217.16.238:443 consent.google.com tcp
US 8.8.8.8:53 46.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 ssl.gstatic.com udp
GB 216.58.204.67:443 ssl.gstatic.com tcp
US 8.8.8.8:53 67.204.58.216.in-addr.arpa udp
US 172.67.142.81:443 faucetearner.org udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.35:443 beacons.gcp.gvt2.com tcp
US 8.8.8.8:53 35.169.217.172.in-addr.arpa udp
US 8.8.8.8:53 translate.googleapis.com udp
GB 142.250.187.202:443 translate.googleapis.com udp
GB 142.250.187.202:443 translate.googleapis.com tcp
US 8.8.8.8:53 id.google.com udp
US 8.8.8.8:53 34.200.250.142.in-addr.arpa udp
US 8.8.8.8:53 play.google.com udp
GB 142.250.200.46:443 play.google.com udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.111.154:443 github.githubassets.com tcp
US 185.199.108.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 raw.githubusercontent.com udp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 repository-images.githubusercontent.com udp
US 8.8.8.8:53 154.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 142.250.187.202:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
US 185.199.111.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.114.21:443 collector.github.com tcp
US 140.82.114.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 21.114.82.140.in-addr.arpa udp
US 8.8.8.8:53 66.112.168.52.in-addr.arpa udp
US 8.8.8.8:53 malquarium.org udp
US 8.8.8.8:53 google.com udp
US 8.8.8.8:53 google.com udp
GB 172.217.169.35:443 beacons.gcp.gvt2.com udp
US 185.199.111.133:443 repository-images.githubusercontent.com tcp
US 8.8.8.8:53 accounts.server.lan udp
US 8.8.8.8:53 beacons3.gvt2.com udp
GB 172.217.169.67:443 beacons3.gvt2.com tcp
GB 172.217.169.67:443 beacons3.gvt2.com udp
N/A 127.0.0.1:9050 tcp
US 8.8.8.8:53 67.169.217.172.in-addr.arpa udp
N/A 127.0.0.1:54270 tcp
DE 5.9.159.14:9001 tcp
US 128.31.0.39:9101 tcp
CA 167.114.35.28:9001 tcp
DE 93.180.156.84:9001 tcp
NL 194.109.206.212:443 tcp
US 8.8.8.8:53 73.31.126.40.in-addr.arpa udp
US 8.8.8.8:53 arc.srv.lan udp
US 8.8.8.8:53 edge.msiserver.lan udp
US 8.8.8.8:53 nav.smartscreen.msiserver.lan udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 api.github.com udp
GB 20.26.156.210:443 api.github.com tcp
DE 213.239.217.18:1337 tcp
SE 171.25.193.9:80 tcp
US 8.8.8.8:53 9.193.25.171.in-addr.arpa udp
CA 149.56.126.142:9001 tcp
US 8.8.8.8:53 142.126.56.149.in-addr.arpa udp
N/A 127.0.0.1:9050 tcp
N/A 127.0.0.1:9050 tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 beacons.gcp.gvt2.com udp
GB 172.217.169.35:443 beacons.gcp.gvt2.com udp

Files

\??\pipe\crashpad_4532_TLEFJGCTCTFKKNND

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 dd3a34953711f67479c8c75422d5b4f4
SHA1 81cb65e012f2db67fff6d3bcf44d003d56a51085
SHA256 8e26b872f80324689009be41e35713ba3ee8abd53b95c8fe9e474a8b9170bed8
SHA512 a9fa00fe9da0df430c37edbf4db5360764b985645daf900f0f35329d99a090386cdecb8123c808617ffbbafc7d4bd9b8a89f5da984e07df585a3ec59493c7127

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 43e44adfb171a03302da3af86736efa4
SHA1 1fcd3a34820678befe784a0b810cd8fdb857d325
SHA256 9b5759757304a222b10188c90f8555c7583a5b5e09b95eb10ae6287f506812e3
SHA512 8ba6830f0fc464bc0d9cb4c5368eef48d1f0fb3183e279c80fb91ec20079a6e30efb384bec8312a9aef3a799c97a32e5608af3811695abc3dc8fc8d25d2ec46c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b960e60bb6d4ca1e4e089f6a1183c046
SHA1 428e66d8c9e0d37279e1254ddf98f5706cc22efb
SHA256 f839af7f1905355000f8a667801cd8f9bc08a93620ff75eb9738384d3dd74c01
SHA512 6983262a225f8af615d6f659f35cda63503ac363f8e2ac4e994c55a99cd9a9ed7b3433407086f04c6b7a8c086f77ef2182fe6d0d43b070a137509c9652b8860a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ad2df966eaa09d1a312ff3889f7f90e9
SHA1 2a4069ea6da1fb80b9d3231de95961794e806d7b
SHA256 d71719068dd201a199e860f664f0755cd4d8e75ff6d11c6cceca87c2c54e87b8
SHA512 84008842dea4a21aaa3c3eb42f696fea2baa1ab23a9b4910377ec5aa957cbd792c6de98e1d8662b57ed499281fb239f44aebf029d68d3fb58d87a86472d4f223

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4ddc12a618fb14314a3d48afc3eccbe8
SHA1 eb1da589246c4fec255c06932f57f730cfd6a71c
SHA256 ab1af0c7119c94dc13faf193cd6fb1b9c82d3b8c09f9b3bab27e968cf44f2b49
SHA512 9f8483540ce94588cf4631d5bb4a39a37a7e6beca125d22e3993cac18bcccd97174cca01cd2798f0f9fc28e27557ac6b7b2e1a9b13a8213320b01136537ecfbb

C:\vcredist2012_x86_1_vcRuntimeAdditional_x86.log

MD5 40ab173fcf378f050c1c09374fb1e3f2
SHA1 4c2a8a97e7e1df45cd98a6849175ffff6403e93e
SHA256 e33561b147b9c682e8d70f8bbf0d5f704e43798dc2d57a095eddd263369006f2
SHA512 3bfbe3d53fc0eeb4015fb46bd2e7666575179ad92bcc3689cc3cd4acd544a69b6f57b76cb568749033d5d38f6a401dd33fa929d678cdd73195fa199720e616c6

C:\vcredist2013_x64_000_vcRuntimeMinimum_x64.log

MD5 ce3bdc392ecc0387503cb9a873e9e32c
SHA1 2444451e00f5f4dae1027f82393f2e0ef5a3d88b
SHA256 cc6e522fcad6956250d04dce1ffd61e90be81b142e5425d2dcd64911eb672ede
SHA512 f776454eb5beb073b784e56048dde0a9e5ebadee132cf05b0489d798f55401481dfb970f77c7e5a600fce7e44a07287908505a7d96ec895334ab252726260eb1

C:\vcredist2013_x64_001_vcRuntimeAdditional_x64.log

MD5 79ef5296cf1e6069020872750d62a7d2
SHA1 48224fb21d070b6ddcf22614739bf47167975e21
SHA256 53c82a18261311adb22ac0ce36ad7d9a552f38ac877367ccd71c9b5d761b89b6
SHA512 d5d99f03d50ff9ab65bd0c155fadbd1f8a8ae2a7899d33cd44d7d4f7a871971bd29a510cf26c7fbf21d64fac9604ac541327f1e79bcf8cf69e807896baf63f68

C:\vcredist2013_x86_001_vcRuntimeAdditional_x86.log

MD5 e56ad2c85a65f90bbd6622f09d551da0
SHA1 1d78b25c954ba018c11b641dbd31d5ea44aaec52
SHA256 b66f6bfe7c0961960fafe2bf58766465bafd37d748743bdcdfc4e5cbe33dee6d
SHA512 0845c04e0c1e0a7adb19a3c32eba5f4a187895a6b2768f9e2b154b42e43ec7df6d5f4cf04eb3a0125f7345d376ae762d1cdbf1aa6d22be0adf3414dbdabeb67b

C:\vcredist2013_x86_000_vcRuntimeMinimum_x86.log

MD5 269b1f16d82b4cad110f23004052ef4e
SHA1 b515420cc2aef034da4b98d7dccf0824893e4f8f
SHA256 2197ed4795e05b595dda8550c998270f27bbe05a58580db6a2decb80fb61a86a
SHA512 cee55a5eeb1181a8c4aaa28555356505588928bb13300ee50ec173f0298cce138559b1a4b953b8adbcc796514527210fe4aac809de93af553a999be2cbf8aa20

C:\vcredist2022_x64_000_vcRuntimeMinimum_x64.log

MD5 e63d80f7349f3bae889c21d6f473955c
SHA1 2dcdf1b8fe9c071e5bf30ae5e9f7e99a50312076
SHA256 89ac4e80e2f539319e38b750f430292d073efd561968c3fbaf551761bf735259
SHA512 bca7c63eb2819f1cce97edcf6dc1af320c0d7704aa9b7c3bf6f10512fdb53adf7573f27feee65b9aff1d40a5b8e2fd44c0d52898f24ec1fd2d303263fd9a3b82

C:\vcredist2022_x86_000_vcRuntimeMinimum_x86.log

MD5 7a455167de3943bfb5e39920beff6a63
SHA1 2fc1a551350e9734afc22e245f73ca982f10d31a
SHA256 af054b16a0049433b50d5e4c32de8445ccc485d3c7e45b8329b61e6782d234df
SHA512 1beaca857190b46995b76e64a8d0cd364a83a556cc86ef4a0bc6c4888ad5219b03654eec9207796fc7168b814b20d862c9da5afb7f0394fcf8c908f4116adfd6

C:\vcredist2022_x64_001_vcRuntimeAdditional_x64.log

MD5 464b1d4e4a6ff90976c9f0ebadb1a26b
SHA1 79b9e0f65319fe3385f64e544baed87b124f2688
SHA256 bf1af4b1805abbd74e2cebf61d5991b161060c3fcfdcbd96f25203d543b31a56
SHA512 5f5679aef2e84f1cbcf2a8df6e3dd6392ed721bb5bda1689b721543a71036e0c55a5a9c13d265e44e39dbbd63a1110db30c602d2cedaf5145d0419eb7373bc68

C:\vcredist2022_x86_001_vcRuntimeAdditional_x86.log

MD5 68b8648fb8ffc5fccdca2eda6f887f0d
SHA1 be2434712be3ab155cd11dc64d610ccf33d62542
SHA256 26b24e997241dab9a796abd46fc9b7a613aa915cded4abbec3a40e0dfdbafb6e
SHA512 8cb435dfb5bb78c1ea2a78195fa61c2e72d99f57d39fe1d72d7e865570a72be5a37fab51f3d157b6b7feac76e97cca737ee7fb4f7b8ae526e0c439b882e71b72

C:\vcredist2010_x64.log.html

MD5 2caba40477d788931176c9ba9559610f
SHA1 5f594d573a165e23b3730d3cd6b42d1d118652e5
SHA256 67d84790b58927e07137ed73805b93691657d636557bbbd6ae778182d312084c
SHA512 a654c5581add01632ed292b3a3be8a389c5e06aa1283000f7faf3ae710614c831a1af20cc6834f5089d2cc7792bf6e893667462c6f8033f46772960b7d833feb

C:\vcredist2010_x64.log-MSI_vc_red.msi.txt

MD5 a1dc533e6a460f3c6429947736329e56
SHA1 951f8e41f32924cb4a368b1afcb2064f0bed3c53
SHA256 50711908283756eeb6a9ff72f26c06089e52a2b5fed6a3717698bdc6114c5351
SHA512 8da84385ae4a1ab230e4c6e216bcdd60b4b41833689b6848f6fc7df83c4b589dd77a2c7ea4e30cb9fef988f1448da75e516b6b7316c8363c0bb671e60da7e4bb

C:\vcredist2010_x86.log-MSI_vc_red.msi.txt

MD5 558c47ac9464ac57005c471082ffecec
SHA1 1d2dd97d9db3e4bd3bce170bc6b537d0c72f40e5
SHA256 4f2f345f448cdcf857f59ce7a53204100f185800c27e990f6e676a92371c3f3c
SHA512 b938c3dca63539d033b36fd17b864ef5985856bc5a9ce1421895753d340507352236dc253b53ad4edf7c224f6712b5edb12ecb95c1393e5c6457bcce3004ee11

C:\vcredist2010_x86.log.html

MD5 0f2ca9c093463a9226cb2ddf34d06067
SHA1 46ba28eabcc53049c2c3d7edea4849de55362839
SHA256 ea6b1ba91f334dbf432376b72cd8446528d1023afa09c56e576161519ced9415
SHA512 4e01fddef736ae76ef95755c2cc021184ab1668002191897b59cd4810515a1408609a3cd2702b6434af60525b40631706f8b0deeef8de919a81b279cad8180dd

C:\vcredist2012_x64_0_vcRuntimeMinimum_x64.log

MD5 8fa5b971a416a17652b84f33972eba7a
SHA1 47fc619af3e9817bfba500f430e56c39b8a78de7
SHA256 312c244978a50ee21626eca0b925551ca59e04f1ee2001891e0dec4da829a3f0
SHA512 2c777b7c2e02e78c758004ec2d74b284593d42ea9af4e73f4cf2bfced781ac280ef0a1990131981f3e93ae38950e412f83c615d53aa7bd20e40810e65b228481

C:\vcredist2012_x86_0_vcRuntimeMinimum_x86.log

MD5 64834e3d149753d913244536a511e61e
SHA1 acf66ee86696b969772bd44e2d7a696993c7e76a
SHA256 874d942ec6ca7ad20ae826930c821601fa1a675f456ec91d19cf448a27da2648
SHA512 420d884a4f6684c474693df1bf600f15e3b0fdcbe9c1cd6625cfa38ae10c3ee008366fb84da4d82d36cfb060bea6f8952d7814787444cff7dde673ee7cabc511

C:\vcredist2012_x64_1_vcRuntimeAdditional_x64.log

MD5 8248421fb1b19f6037dd59371478321c
SHA1 30456e3dc60a5aa3ef78a89357e0c2178df6e0b1
SHA256 1df1d80531c21b1a5159e2ba56f8a9afd696be27b4a1479fad60aa3aba671cd7
SHA512 99387f2376a9ec8413b7e09d5f52321e6e0fbed3b4a00ac7e8365c0fd8a90b05542313c2a8939892df9a27ef58a529e55d72d388dcedb76562ab48f15e23cfca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 8806458644702c4e2e3d5d4897bc07b7
SHA1 00f43ea3e352e9579ca6d282df6e244a5db50437
SHA256 573e04d91da72c618ed73850c1c8fab705ac0635136a318009b77dab6b60fac4
SHA512 196a243bc130e237e49b3fb24f65a2ac2877da6dc4b65d18a215d945b1790e7e8313e3ea000ffb1d0ef3ec1c1154ea61d8353ea034832fde3bc669c0d9e880c4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ec917ce806495bd62017a5969bc246b1
SHA1 be3627ac76167ec22a475a0e5bd4e4bbdbbb5760
SHA256 a2d027bcccd6b62e70ff8bc6db2c69bec6467106c7a5bbb604ede3eeb0b2026b
SHA512 045767b9cf1ca2bea0aaa7d43e720e567f98d5960f4a5867f18066605852a8896319f4552317230d43e871da183aae7d26f444dd6fb6f0710c1f04d68cc54162

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2488e5adec3074cd929b8d89ee92a5e7
SHA1 7a0bce734046bc8c39b7b3927e91ef10862e5f86
SHA256 814fa22af92f7fea8c68806f5841eb523600ad308d7bf80f64618558b875f74d
SHA512 e63d0b14cd5276b25ecf02e5df3367b677eb715d616d3fc6bd94a77a50d83897841e9b961c0ceff734f2c791500dbb47a004e81115aa3f1a9b8b2ac0177efc1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9c5d2eeeff27cee9052b33de4001e50b
SHA1 92708285c465bd344be7b6abdb0bf30150234c01
SHA256 c052dbe02ee32ce8427de61b48d4ecb6df47eacb7a91694b7cd0b18911d19be9
SHA512 c6b547ca983289eaf2cae365052910ce36d70e4432fffcf0af2d9c62b47c709d1d7b76736c1c7f08e0f09ece9976c8a72fa416e9e69f28df434abe22f2deca89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

MD5 151fb811968eaf8efb840908b89dc9d4
SHA1 7ec811009fd9b0e6d92d12d78b002275f2f1bee1
SHA256 043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed
SHA512 83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 8dec6214912dbcc8822f10c2b35dec79
SHA1 da00e5281d721d58ad182b89fce617100ea2fef3
SHA256 8efd4df3d7ac19778b793417e291538edd5d2bd3140a0b107a979889469c83af
SHA512 f0f7515457570f7e1c9392bba0fc868c16ababb48a589053dc6aec89706256a85b23f8978b7c0b51e226f5671a70d222162407fcda59adc96b9d49defa418be3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8aab8da14724840c59b2fd5d0cf2b1b1
SHA1 5693de5db45a42d852786ed2bab75fa362857f3e
SHA256 c6baeb84903716668987ad8c4f9f1535d608ed749c24e7cf72cb987e7e0a7498
SHA512 72a7a8d01c2eb6589a8caf436468d063bd69bf5844dfa991fb491d0bc8435013479d9e379b576f88cc51116931e5c0aee6938fd332d1e288dc1618b214ec0f3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 74d1cf93feb67cfa5d9e5da8f5d48906
SHA1 4291d6d70c525c2faa45bd6873c1e9cc9a62266a
SHA256 6ed76d76bce125e2ce39a2b1396fcb7e2420974a73f5f11d88c717c1c7b2004d
SHA512 9ca72a74348493dd9e891388696b82b95a330b7b0322db03df02e080edb3165218982534399f2848d19208a8e45f15fd3d5742c13a0521d2e095c4a0ad6e9773

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9194bcafc4699a804d51014b6937a704
SHA1 176b42e1da27897aecf509924c77b1bce2499721
SHA256 83a04836a8ea32b8cb4e226d2c14be25f962e8fd18af5b58a29d82e23c48bab8
SHA512 3223439eb12b0ccfe7512b62c18d925024b58fe8430fbbf199bccc86d9aedf2194737025b5fdaebde79e2af5bb356a81a63fe5b7eef69984aa496e300e07d2fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 94349c6cfed2e3cc9d028a0ec95d78a4
SHA1 c36c006b131e39ffbac6439ddb24f2e1bf20ef01
SHA256 2d6e7ef9561e247e3f02957378386a42d485c9fe9ea27453caaf7647a5ec6f1f
SHA512 6ce08028bc555d7902f72e418835d0f0d2154ac91479d343c3ff2abebc8161cf8f0bc086613143361e86be82cd3cfe168be63a7dfbe121d86c8e1a36df05a9b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 94f431d0cefa7c7aa6f2509ba0c02393
SHA1 b36de2f796ffe8d46c64b9573addbbd0799631bf
SHA256 13d17128f5b373cdfdfbead83a09643262d5595e4ab06703474ca36c34b443f9
SHA512 1d5c715be19ea374e7399a968d2a173fbfb5e473b16366479a286f899c2ca9e401d896a0d02b08b38e611c59853b11f02366da38aa4bf577305cf34708223240

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 93d45e907c0895b25a65b92d48805487
SHA1 b0b936c0efbe12b3d2057e2990a359c1e0706951
SHA256 bf59bb894428942bcb9ba28683f45dab7fc6eba98ddd3dc6e2c166d18b64fb5a
SHA512 ec20d3e2032b7265d33a4c78cf34f6d35e8bf08ece499a282e41fd438fab98987944a40809b24a630f2dddc8d22dac0e7606a1e3db7a9cf6d669cdd2863bc39e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 185adeba6d5f8f9289b24cd8f01ec5c2
SHA1 97433d3942789a3b0f02a544bd5eb64b6d060760
SHA256 10e0c02bdb050d8dd9aba746805ed8a45c4700abba9781c010f40020ca06cc07
SHA512 8f8049d2c09d3fc857679d3b5bbbb5ca179fa88291387bb4b1e037a846c97d977f4c7f11b064f1f96c1eb46e895ee99ba334ff62e858330518868febe59b3d7b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ecc9a98304bb09b959b0b23f6f44ef19
SHA1 7cf0f5550002088019f4287e97dcd6affd8b5923
SHA256 3a0b90c739a18b69a17f7ff535c26e0d8dcf200afe942db10a9313d13f051332
SHA512 b4b3e890a8cd53515dd7868ea7dbdace3d8100e3c2aadf95e983c6730f78e37741b551442d9547a08b2964cba1c79c41fe9acd810ec96ceac47dad4261fe1ba7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000033

MD5 8680ad8cc782b74ee7a15f0a042c76f1
SHA1 ec430c456dedd9a2360703a826491fcd69f6dd8b
SHA256 af745264049ea73c66c1dc7783e59fcfe94c0506337867380ae638e694cfe5e7
SHA512 7869afe9f737bc31a9c33b03014f4d5239cc48a798deabc0fdc835fd6736a99b17d181e57866ac960bbdb0d1e3e8610cf97bb01762435d8808ca56f1e74dc2be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d4713e4460cbb633dd128e607366da85
SHA1 234802a9176c9bcb0636b039d62fc4107a1095a8
SHA256 008bdcd3bd4787c0fb191509734a8f307cd00ee367aab62e6a67b28fb649528e
SHA512 b44ff2013ef5d93832de14c05e2dd994e3044132ec37a4263d357f5dcdc21d0a7bdf9a4883de68b32094653dcbb4a5683aaafc6ad5b11dfc643fc69db9a664da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3f07f19ae9674fba5daf9a2fd41264a8
SHA1 980df200dae3f6d59fdfefa164248e30a155b1b8
SHA256 0f8994d8e78809804fe7bc219f8dd37b358f8f89e9fda296108f9c12391bc79e
SHA512 17134a4e1fa1973c81d8607790ed1ecae09c39e61528278089c0730877832b4dc015eb85d0fb4cae55978a1e600976ed7ce328d72befaa82fadf0969a8eb87ce

C:\Users\Admin\Downloads\Unconfirmed 266008.crdownload

MD5 84c82835a5d21bbcf75a61706d8ab549
SHA1 5ff465afaabcbf0150d1a3ab2c2e74f3a4426467
SHA256 ed01ebfbc9eb5bbea545af4d01bf5f1071661840480439c6e5babe8e080e41aa
SHA512 90723a50c20ba3643d625595fd6be8dcf88d70ff7f4b4719a88f055d5b3149a4231018ea30d375171507a147e59f73478c0c27948590794554d031e7d54b7244

C:\Windows\System32\catroot2\dberr.txt

MD5 606a6e6af14da8acd3c511192514843a
SHA1 eaa79ed91b07c4c7bd8d9996b577c49e02847499
SHA256 68450af6348f60794d9cf194e6f337a8d21c9cf1421d14fd69c9a19f7142c955
SHA512 a28b830e28dfb7e39ea8f80c3218e08e4a8174ab883b8eddeeb785d617289a285727edff4c5324cbc5312ce812413eb1bba86d253f5a1b059d4ad090153499b7

C:\Users\Admin\Downloads\msg\m_finnish.wnry

MD5 35c2f97eea8819b1caebd23fee732d8f
SHA1 e354d1cc43d6a39d9732adea5d3b0f57284255d2
SHA256 1adfee058b98206cb4fbe1a46d3ed62a11e1dee2c7ff521c1eef7c706e6a700e
SHA512 908149a6f5238fcccd86f7c374986d486590a0991ef5243f0cd9e63cc8e208158a9a812665233b09c3a478233d30f21e3d355b94f36b83644795556f147345bf

C:\Users\Admin\Downloads\msg\m_croatian.wnry

MD5 17194003fa70ce477326ce2f6deeb270
SHA1 e325988f68d327743926ea317abb9882f347fa73
SHA256 3f33734b2d34cce83936ce99c3494cd845f1d2c02d7f6da31d42dfc1ca15a171
SHA512 dcf4ccf0b352a8b271827b3b8e181f7d6502ca0f8c9dda3dc6e53441bb4ae6e77b49c9c947cc3ede0bf323f09140a0c068a907f3c23ea2a8495d1ad96820051c

C:\Users\Admin\Downloads\msg\m_chinese (traditional).wnry

MD5 2efc3690d67cd073a9406a25005f7cea
SHA1 52c07f98870eabace6ec370b7eb562751e8067e9
SHA256 5c7f6ad1ec4bc2c8e2c9c126633215daba7de731ac8b12be10ca157417c97f3a
SHA512 0766c58e64d9cda5328e00b86f8482316e944aa2c26523a3c37289e22c34be4b70937033bebdb217f675e40db9fecdce0a0d516f9065a170e28286c2d218487c

C:\Users\Admin\Downloads\msg\m_chinese (simplified).wnry

MD5 0252d45ca21c8e43c9742285c48e91ad
SHA1 5c14551d2736eef3a1c1970cc492206e531703c1
SHA256 845d0e178aeebd6c7e2a2e9697b2bf6cf02028c50c288b3ba88fe2918ea2834a
SHA512 1bfcf6c0e7c977d777f12bd20ac347630999c4d99bd706b40de7ff8f2f52e02560d68093142cc93722095657807a1480ce3fb6a2e000c488550548c497998755

C:\Users\Admin\Downloads\c.wnry

MD5 383a85eab6ecda319bfddd82416fc6c2
SHA1 2a9324e1d02c3e41582bf5370043d8afeb02ba6f
SHA256 079ce1041cbffe18ff62a2b4a33711eda40f680d0b1d3b551db47e39a6390b21
SHA512 c661e0b3c175d31b365362e52d7b152267a15d59517a4bcc493329be20b23d0e4eb62d1ba80bb96447eeaf91a6901f4b34bf173b4ab6f90d4111ea97c87c1252

memory/1564-1027-0x0000000010000000-0x0000000010010000-memory.dmp

C:\Users\Admin\Downloads\msg\m_bulgarian.wnry

MD5 95673b0f968c0f55b32204361940d184
SHA1 81e427d15a1a826b93e91c3d2fa65221c8ca9cff
SHA256 40b37e7b80cf678d7dd302aaf41b88135ade6ddf44d89bdba19cf171564444bd
SHA512 7601f1883edbb4150a9dc17084012323b3bfa66f6d19d3d0355cf82b6a1c9dce475d758da18b6d17a8b321bf6fca20915224dbaedcb3f4d16abfaf7a5fc21b92

C:\Users\Admin\Downloads\b.wnry

MD5 c17170262312f3be7027bc2ca825bf0c
SHA1 f19eceda82973239a1fdc5826bce7691e5dcb4fb
SHA256 d5e0e8694ddc0548d8e6b87c83d50f4ab85c1debadb106d6a6a794c3e746f4fa
SHA512 c6160fd03ad659c8dd9cf2a83f9fdcd34f2db4f8f27f33c5afd52aced49dfa9ce4909211c221a0479dbbb6e6c985385557c495fc04d3400ff21a0fbbae42ee7c

C:\Users\Admin\Downloads\msg\m_korean.wnry

MD5 6735cb43fe44832b061eeb3f5956b099
SHA1 d636daf64d524f81367ea92fdafa3726c909bee1
SHA256 552aa0f82f37c9601114974228d4fc54f7434fe3ae7a276ef1ae98a0f608f1d0
SHA512 60272801909dbba21578b22c49f6b0ba8cd0070f116476ff35b3ac8347b987790e4cc0334724244c4b13415a246e77a577230029e4561ae6f04a598c3f536c7e

C:\Users\Admin\Downloads\msg\m_japanese.wnry

MD5 b77e1221f7ecd0b5d696cb66cda1609e
SHA1 51eb7a254a33d05edf188ded653005dc82de8a46
SHA256 7e491e7b48d6e34f916624c1cda9f024e86fcbec56acda35e27fa99d530d017e
SHA512 f435fd67954787e6b87460db026759410fbd25b2f6ea758118749c113a50192446861a114358443a129be817020b50f21d27b1ebd3d22c7be62082e8b45223fc

C:\Users\Admin\Downloads\msg\m_italian.wnry

MD5 30a200f78498990095b36f574b6e8690
SHA1 c4b1b3c087bd12b063e98bca464cd05f3f7b7882
SHA256 49f2c739e7d9745c0834dc817a71bf6676ccc24a4c28dcddf8844093aab3df07
SHA512 c0da2aae82c397f6943a0a7b838f60eeef8f57192c5f498f2ecf05db824cfeb6d6ca830bf3715da7ee400aa8362bd64dc835298f3f0085ae7a744e6e6c690511

C:\Users\Admin\Downloads\msg\m_indonesian.wnry

MD5 3788f91c694dfc48e12417ce93356b0f
SHA1 eb3b87f7f654b604daf3484da9e02ca6c4ea98b7
SHA256 23e5e738aad10fb8ef89aa0285269aff728070080158fd3e7792fe9ed47c51f4
SHA512 b7dd9e6dc7c2d023ff958caf132f0544c76fae3b2d8e49753257676cc541735807b4befdf483bcae94c2dcde3c878c783b4a89dca0fecbc78f5bbf7c356f35cd

C:\Users\Admin\Downloads\msg\m_greek.wnry

MD5 fb4e8718fea95bb7479727fde80cb424
SHA1 1088c7653cba385fe994e9ae34a6595898f20aeb
SHA256 e13cc9b13aa5074dc45d50379eceb17ee39a0c2531ab617d93800fe236758ca9
SHA512 24db377af1569e4e2b2ebccec42564cea95a30f1ff43bcaf25a692f99567e027bcef4aacef008ec5f64ea2eef0c04be88d2b30bcadabb3919b5f45a6633940cb

C:\Users\Admin\Downloads\msg\m_german.wnry

MD5 3d59bbb5553fe03a89f817819540f469
SHA1 26781d4b06ff704800b463d0f1fca3afd923a9fe
SHA256 2adc900fafa9938d85ce53cb793271f37af40cf499bcc454f44975db533f0b61
SHA512 95719ae80589f71209bb3cb953276538040e7111b994d757b0a24283aefe27aadbbe9eef3f1f823ce4cabc1090946d4a2a558607ac6cac6faca5971529b34dac

C:\Users\Admin\Downloads\msg\m_french.wnry

MD5 4e57113a6bf6b88fdd32782a4a381274
SHA1 0fccbc91f0f94453d91670c6794f71348711061d
SHA256 9bd38110e6523547aed50617ddc77d0920d408faeed2b7a21ab163fda22177bc
SHA512 4f1918a12269c654d44e9d394bc209ef0bc32242be8833a2fba437b879125177e149f56f2fb0c302330dec328139b34982c04b3fefb045612b6cc9f83ec85aa9

C:\Users\Admin\Downloads\msg\m_filipino.wnry

MD5 08b9e69b57e4c9b966664f8e1c27ab09
SHA1 2da1025bbbfb3cd308070765fc0893a48e5a85fa
SHA256 d8489f8c16318e524b45de8b35d7e2c3cd8ed4821c136f12f5ef3c9fc3321324
SHA512 966b5ed68be6b5ccd46e0de1fa868cfe5432d9bf82e1e2f6eb99b2aef3c92f88d96f4f4eec5e16381b9c6db80a68071e7124ca1474d664bdd77e1817ec600cb4

C:\Users\Admin\Downloads\msg\m_english.wnry

MD5 fe68c2dc0d2419b38f44d83f2fcf232e
SHA1 6c6e49949957215aa2f3dfb72207d249adf36283
SHA256 26fd072fda6e12f8c2d3292086ef0390785efa2c556e2a88bd4673102af703e5
SHA512 941fa0a1f6a5756ed54260994db6158a7ebeb9e18b5c8ca2f6530c579bc4455918df0b38c609f501ca466b3cc067b40e4b861ad6513373b483b36338ae20a810

C:\Users\Admin\Downloads\msg\m_dutch.wnry

MD5 7a8d499407c6a647c03c4471a67eaad7
SHA1 d573b6ac8e7e04a05cbbd6b7f6a9842f371d343b
SHA256 2c95bef914da6c50d7bdedec601e589fbb4fda24c4863a7260f4f72bd025799c
SHA512 608ef3ff0a517fe1e70ff41aeb277821565c5a9bee5103aa5e45c68d4763fce507c2a34d810f4cd242d163181f8341d9a69e93fe32aded6fbc7f544c55743f12

C:\Users\Admin\Downloads\msg\m_danish.wnry

MD5 2c5a3b81d5c4715b7bea01033367fcb5
SHA1 b548b45da8463e17199daafd34c23591f94e82cd
SHA256 a75bb44284b9db8d702692f84909a7e23f21141866adf3db888042e9109a1cb6
SHA512 490c5a892fac801b853c348477b1140755d4c53ca05726ac19d3649af4285c93523393a3667e209c71c80ac06ffd809f62dd69ae65012dcb00445d032f1277b3

C:\Users\Admin\Downloads\msg\m_czech.wnry

MD5 537efeecdfa94cc421e58fd82a58ba9e
SHA1 3609456e16bc16ba447979f3aa69221290ec17d0
SHA256 5afa4753afa048c6d6c39327ce674f27f5f6e5d3f2a060b7a8aed61725481150
SHA512 e007786ffa09ccd5a24e5c6504c8de444929a2faaafad3712367c05615b7e1b0fbf7fbfff7028ed3f832ce226957390d8bf54308870e9ed597948a838da1137b

C:\Users\Admin\Downloads\@[email protected]

MD5 7bf2b57f2a205768755c07f238fb32cc
SHA1 45356a9dd616ed7161a3b9192e2f318d0ab5ad10
SHA256 b9c5d4339809e0ad9a00d4d3dd26fdf44a32819a54abf846bb9b560d81391c25
SHA512 91a39e919296cb5c6eccba710b780519d90035175aa460ec6dbe631324e5e5753bd8d87f395b5481bcd7e1ad623b31a34382d81faae06bef60ec28b49c3122a9

C:\Users\Admin\Downloads\@[email protected]

MD5 f97d2e6f8d820dbd3b66f21137de4f09
SHA1 596799b75b5d60aa9cd45646f68e9c0bd06df252
SHA256 0e5ece918132a2b1a190906e74becb8e4ced36eec9f9d1c70f5da72ac4c6b92a
SHA512 efda21d83464a6a32fdeef93152ffd32a648130754fdd3635f7ff61cc1664f7fc050900f0f871b0ddd3a3846222bf62ab5df8eed42610a76be66fff5f7b4c4c0

C:\ProgramData\Adobe\Setup\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}\@[email protected]

MD5 5ccbf136b3d6b678ed62096b5c1e2012
SHA1 a879ec1a57cedcd60fe8581e2dec9c2c0c1747a1
SHA256 1621d41236b9f62eb5bb86dadf442495cfa54c685fe7b63930c84ac464fff2aa
SHA512 e8aac97461188f4b0fd7e3e28235b4f98993506ad30a65a11565b62e855addc3903c60d20224a73c01808b4faf7bef5083490728df64879edaa965a36c6808bc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 fca51ad82a7aae9e034d812094770189
SHA1 6cf56c5c2eb228c9b594f8291e5a8db8b09c107c
SHA256 b01756514208d13404695a35cd3bf5b0fd4891eaa7aca0a7899b24c40ae4b528
SHA512 8e58e1574292b06bd7520a3639c0bf5f679e2b10da55eb37cc979f44a072aba9e8dee6c89cf3c408ea2951b9f83134d4a384cccab82d0c0f646f7f39f4a881ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3f235c5a825e68488d2696947cba1191
SHA1 258d58fb048751f7e927553fdd9632c735035e86
SHA256 41551590ab0df44f16b6f0348c2b9eed521cc87e34ed3cd15e41539700f8e558
SHA512 e636d7916f75e3c18d39ecae6c71e61b41aa6d2bfabbdf4942778bcac765804c32606ca0a75e990e440c8ef1ce7697a523b7fdd4cf56a0183093c2daf2deed8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 9627147f4a64c40bd75e276dd42acb41
SHA1 e88cb937052892d6b8ce5ad08838c46b91df343e
SHA256 171e582b5f003f10c9d410d1df76804963e90a8ec17264942096ea98f37cc980
SHA512 3f7d3033429ab7a42379266e99e0e41d78fbdb822c28af19f1ce5848fa07db257a401052c6131cc9230923d87392ab8dd77e70ac8f7cc3392b8b495221ed860e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a1919ac623c0c8038d1ab6758b47dbb
SHA1 5a297b74dff67c4353361c649e40cf47b17f5134
SHA256 94bd5f0d336b1b66b49d85fa6a399a188a4d8d17569ffed5cd5d91def736bad1
SHA512 8cb2f12486cdbe3a07621d81c8d4d60c3bef6ce6f81a2d250e49278c4d9d3e68d265177028cd459eeb3d0fb7e107d2dcd9a1a0bd863038aed60537125937d5b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 d74036fa7981490a8d906b278f9eb8d8
SHA1 c122cd2eb4db81be5c950cf51662fbe4f670167a
SHA256 52bc43d143f2726b1e09ea40bf9903423a78916035007ec83ca13f340f90331e
SHA512 d9e88f71f53e19bb357c2c1cf23a2341eefd09a242acca7e7760481172953951a9f1e1ad8ad1995fd979b90c6092365966f8e1ac7fb4aa0c79cb8d226078ce95

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe5c769f.TMP

MD5 7218a71bf6f4ad3f382772f3b3787512
SHA1 d552d9b92f95bf7913a7ddae02012ccb4d95873c
SHA256 63ac1749d5466404883b1fb9b8998f99c7be3af8e5118232f09aa6ce00116aea
SHA512 dc5d2e1d1f980dc9645d5650b6ddd3dd687b0e32000c9593af9726c6cb97b82b2e67a25cd961d1496bc210867bbdc8ee6fb84a3141da28faab4edca06b8910d2

C:\Users\Admin\Downloads\TaskData\Tor\tor.exe

MD5 fe7eb54691ad6e6af77f8a9a0b6de26d
SHA1 53912d33bec3375153b7e4e68b78d66dab62671a
SHA256 e48673680746fbe027e8982f62a83c298d6fb46ad9243de8e79b7e5a24dcd4eb
SHA512 8ac6dc5bb016afc869fcbb713f6a14d3692e866b94f4f1ee83b09a7506a8cb58768bd47e081cf6e97b2dacf9f9a6a8ca240d7d20d0b67dbd33238cc861deae8f

memory/1068-2505-0x0000000074400000-0x0000000074482000-memory.dmp

memory/1068-2506-0x0000000074080000-0x000000007429C000-memory.dmp

memory/1068-2508-0x00000000742A0000-0x00000000742C2000-memory.dmp

memory/1068-2507-0x00000000742D0000-0x0000000074352000-memory.dmp

memory/1068-2509-0x00000000006C0000-0x00000000009BE000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1b333d27d9abfeb78a2439b5245c90be
SHA1 e098338373f1c212a61813796eda52de1027bd3a
SHA256 c148c33e3aa6c17f8c45e298013cd8cbec9b23a50c67822061bc1cfce8212b2b
SHA512 88aa09fd612a491fb2807c2722247a449b5fda8065d9a069f813af80029cc445554d5494cc3f47fef214ea92720d89450f3e3c90fff81312d58d2e825b4ea583

memory/1068-2530-0x00000000006C0000-0x00000000009BE000-memory.dmp

memory/1068-2536-0x0000000074080000-0x000000007429C000-memory.dmp

memory/1068-2535-0x00000000742A0000-0x00000000742C2000-memory.dmp

memory/1068-2534-0x00000000742D0000-0x0000000074352000-memory.dmp

memory/1068-2533-0x0000000074360000-0x000000007437C000-memory.dmp

memory/1068-2532-0x0000000074380000-0x00000000743F7000-memory.dmp

memory/1068-2531-0x0000000074400000-0x0000000074482000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 439b5e04ca18c7fb02cf406e6eb24167
SHA1 e0c5bb6216903934726e3570b7d63295b9d28987
SHA256 247d0658695a1eb44924a32363906e37e9864ba742fe35362a71f3a520ad2654
SHA512 d0241e397060eebd4535197de4f1ae925aa88ae413a3a9ded6e856b356c4324dfd45dddfef9a536f04e4a258e8fe5dc1586d92d1d56b649f75ded8eddeb1f3e2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 a8e767fd33edd97d306efb6905f93252
SHA1 a6f80ace2b57599f64b0ae3c7381f34e9456f9d3
SHA256 c8077a9fc79e2691ef321d556c4ce9933ca0570f2bbaa32fa32999dfd5f908bb
SHA512 07b748582fe222795bce74919aa06e9a09025c14493edb6f3b1f112d9a97ac2225fe0904cac9adf2a62c98c42f7877076e409803014f0afd395f4cc8be207241

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 edffff402869849271c8e190df49c774
SHA1 9abfdcf9a83bedaf9db5f050a8a21be2e0d88045
SHA256 0df11eed2f3847201f0e99c015d69988e913da341a96ffb89dfdcba4b08030ff
SHA512 e1c1eb308a7411834f6509e15e41ad550dec593c8765c1d3a1f899c0a600b653ba24c17d5573ffdec8338187effaf87fb8985267ff26be85c4c708e96b8eab4d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 265da3cf6b0b1ed312847897217dba79
SHA1 38a4a9d78a087513b9b7850ba4c0f2900f7f47ff
SHA256 1a6c2033e5de18493a7e492f515694f4a6aa3d964852795bc1306044a6a65ffa
SHA512 a8129a086c2800ddee709ad9d56b14942c3716e56dfd41c2e9fb3a15b584613b970b9f88d4df4ae7384e90d93e26d451a43eeee534d31b5ad7f3812957197288

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 786d50047b498f7ee170730aca85cdad
SHA1 8466d3facfd1865b88d7eb291873faa8cb9898f1
SHA256 0ca03e0d9e3c0703e45e836d535419b908b68a862aba48d94a8dbd2b2f8eee93
SHA512 521517c82b0fb74b36f5beaed5f9b9d689d5883b851c1556ae3c5e6af46bee955bf466c15ba908ccd47449d04fb3776316c9db912dc8484f0663bb5529450953

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

memory/1068-2651-0x00000000006C0000-0x00000000009BE000-memory.dmp

memory/1068-2675-0x00000000006C0000-0x00000000009BE000-memory.dmp

memory/1068-2681-0x0000000074080000-0x000000007429C000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d5857396c314cc13d74bc6f82de85d92
SHA1 a78b3ad424a6c8de6ed7a5e449fe2839ff9e7768
SHA256 ae5f45b2289a102b133c41fdac014cb887657f4c636d75487878ab71ee1a74ed
SHA512 fe6a82f76868adb90d96fd42b1a77359dc0fa0aefcb2e9f1f80b309e84d0930bd6ae074e5d1ec45a4d8bf34dc8f45754a2064f09537b0a8d31fffbb1f3d1e12d

C:\Users\Admin\AppData\Roaming\tor\cached-microdescs.new

MD5 35db4f046f32d47965d7649efa994b87
SHA1 f35d51eab80e08ffefc1c24a86e632e7fc369c0a
SHA256 55f51a2f98b09676a01fc93c3600121ff0d891ccfe31ec839e510b49055fb268
SHA512 7a1c4bb659a358f0772ac508ae235f5df0b92934ea607d1a8f411f4350b4b886e1c9d2fc5c6d246bd01fd77b563770ae1003e8474286210a202b71347061a22b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5bf5fd1eebdc5693793965126ef3beda
SHA1 7fa6f8984ad0feb8fbc9930b4ddee98ec8139553
SHA256 187da9617a3e31a6988ee1563cd906b309a78f0d92a0d376ce8c2b2b610947c5
SHA512 ae5f34b08b8687b62bec047f9f6b116d3d5807f2b1a799d7ca94b986c5e5a08e5c66aa403ed64980f0bb897147c795e8186ad032c05cb423f29ad123e65aceda

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002b

MD5 f31a1ab9f483d9db21349522e39dd16e
SHA1 01a275d7fc1c4f578fa506c8e0bf9b7787dd4806
SHA256 463800c9ec072ae72a4f6fdc1f2f779c792cb7ceb6f57c7d1231eabefad2bd9d
SHA512 cab9bf13c36b854bef939e1d09c8d896caf1d7c20f6948f70f27eaf2869e49c8b9be728b4c95926ba869a987516a79d3193d416b0582b7570a58269c8caa7603

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000029

MD5 628ba8d31375849e0943894669cd033c
SHA1 4fa6d50a37fa2dadec892474d3e713ef9de2d8a1
SHA256 80e3440c312f921afe33a7d4a3d11d1d2dc7162f8f50b748b796f424441d10d6
SHA512 d4406493dc8767c479460f3039b038866549feebf392280384da08adbcad2e871720d046220cb67ebe3ab75c14e06a31df2fa7c0f2c17f91eda26ba0a709d27f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002a

MD5 669b1563b95fce26d9ddc3c7e9bdc538
SHA1 275e4ae2606a0da908003b77ea06b24ea8b66214
SHA256 d46765072d87d9892a0f6f8f9849eafe0abecee9d662e99f8b45d8c5b22ac667
SHA512 09e066f5a1974927b2cb607a8b953f2732928c7347f65cdfcdb573170840562de6eae091a61108827b3ae0799c16bfbd41d858ee1a8bc57d9bb1fac814438302

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002c

MD5 18afd1da750d6447a8954b3e2e0c446e
SHA1 f8c8a7cbf81af5c9de298e031dfd69c1ec836f81
SHA256 446938498d26217dd63160bcd02aa1ee15e7fa76b8f0902b459ec6db609d1cc7
SHA512 a033fcfacf5f9f74ce8a02ffb6adc4766fbfe1d25f86ee4afc54c5f3ca1ea9655d65f6c29c67e7a86ef28edca1e8b2fcaa362730e8a6bedbdd8a16b52142dfb8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002d

MD5 0f3de113dc536643a187f641efae47f4
SHA1 729e48891d13fb7581697f5fee8175f60519615e
SHA256 9bef33945e76bc0012cdbd9941eab34f9472aca8e0ddbbaea52658423dc579f8
SHA512 8332bf7bd97ec1ebfc8e7fcf75132ca3f6dfd820863f2559ab22ac867aa882921f2b208ab76a6deb2e6fa2907bb0244851023af6c9960a77d3ad4101b314797f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

MD5 f817e737bd803df8a4f12c1937ab0d51
SHA1 24e172cdf9d4b77b0cb4c271aed4a7c9eba98fc9
SHA256 17b0202476b336c41e4108aa245ac863c3e19ef8c5e430fe112a0900f0a18802
SHA512 d417d62e0fdcdfa883d4ffb317546e7ac5258aac538cbfad4eb111b134839750a65c55b5230507ff6912ffd272c0eb6317bcdd95c38cfb81c63b8e85b1359346

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002f

MD5 8fcb818bc23425964d10ac53464bf075
SHA1 396f40d25a7d38eed9730d97177cd0362f5af5d7
SHA256 8b56333cda4211c50ada778d598348b8a846d557ed9117d8b265e004db31e9f7
SHA512 6ec7588257bd1261f9b2876c3aa57fba2b6bdc33a2a68830c8d8d539f449c552cf6923a5e8afb5e665d12cad253a10d68ad665d9eb74ff8250c6daf2f61e6da8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000030

MD5 01088b35a7144b96e1c65db9ecf5aeab
SHA1 3d5b4a4fafdc3867adca4a4a640d6296bba06f82
SHA256 66616d0b8be2030b1f40d1da2a80bdf930172335226111b7965a4480bb584f1f
SHA512 bf639e6539792c3ebab0ddb646b795a1cb14e4359fe97726db69ba2e082debdb920c15d5eb96a552613ead61ee4320de0331c02aaba3f14dd83956cc7affba89

memory/1068-2849-0x00000000006C0000-0x00000000009BE000-memory.dmp

memory/1068-2855-0x0000000074080000-0x000000007429C000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00003b

MD5 5ed224ab8fd9cacd242c8089afef7882
SHA1 f67b3977b7c96feca299d0bbaee81ec5341a324c
SHA256 df47c0172fd9f0d49a15495fd0ddaa36e884a37be51f6dc392a0346e8300d33c
SHA512 d58127ac24c04ade7e261c8160b4a42f5ec919b11b05b2e7b98627026bea1f3c5209da4b95b7400a658954b18d4202427131e4d6f738ed2350a911a4efc542ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 1059f76d666201927f538e1c41a76ef6
SHA1 c39d497207c8152d50093e6a2dabbc10c0fbb8a6
SHA256 27a9552bc49b4deee5ea5d37cfd71a964a02a63061516de15ff0b96a46197256
SHA512 cde0e890070fd944cda4ebb06a83ddf48514cb79fb1ca0e39367e469ee384ebfa11b8b6043509eee95fb7ea73effa3a8c45150d8109b0bed34fb2f8a585c6026

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4989ea80024a51bd_0

MD5 3748d42fa38b01b8bced059864b62473
SHA1 bd5d979d529e1ce57a4515ed13f6214ad762899f
SHA256 623e42792f7ab782a32e1e08e7ebfb9550ec6b853468edff8ee590da24936617
SHA512 76101646f1ce0f8927d9a7be4fd7323339d706f056babc7933e8e391145d03fbb39928b8e694d618a893bafd1797b94358453ba771aeec0f0660122d387e500e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cc48d455a0beb0bb_0

MD5 cfa435196ba185ec76e677d39c60f29b
SHA1 d99eb8a8a29f04cc933e2d9d0bda68b68cd1302d
SHA256 4a681d047dae7fd0473bc117cd652e765b82ef7288d06c7142ef16be83ad3342
SHA512 78e4e1ef058a59a2e58c0bc6b6772c428f47bc55d6a739256ad939c4436ff25b240b9c1df184dc118c561e0595844bd4ede7cb7e5f87403b8818a241b2d6db76

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\79a9404ff24158c4_0

MD5 ff3bde8d7c9484004f915a1f451194e2
SHA1 9ec67c3dd7d6b520c8d672c5515bbdb1254c0670
SHA256 2ccfac45c3021d9ba63b2b8c58f437173c4d40cedb4cde5446614b72b007770e
SHA512 80e8c3e12e86ae50e704fcd4fbb4df90e3652a9b8d5bb6e84962e9d0510682b652b5a2bdc347141ee772673251159510c9a55f2ba648392c500e0868c3c09c7c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a3ad8b7d4ee5aa2a_0

MD5 13ff3a0dc711bc055f751a9a4e9c56ec
SHA1 608362d54638d94dbd25ca37fa39dadc29e9beb0
SHA256 59b1912a2764735e1dfc97ffacaad151271d9d25901f9811c60870e53553abd4
SHA512 ea6b004a1644915cb0d589a8f65354c7111ff88e6abdfabf7f639ac505e8669f89c593c27ea3eb1b841c2d8634778044a8c2cbb44e29648db6197391fa8178b7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\70e3e8edea57383e_0

MD5 597a6c17d30e74a541794fc433397273
SHA1 deb3845648ba10ec96844569adf98a0ef7c86bc7
SHA256 10b0aa1ee74388eae95e39a7d68e6095a54e8aa1e210fbd509b00fa0c24a9937
SHA512 3ad6ce679338675f0ef5d008cf3483513597689d22ad9232047686bf68c3be62c7d543ee06eab5493312aad4819f3f67fb23d21bbb4576917ee5b8531a94500d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c34ef712f36e1e1c_0

MD5 b7bca9be997ba5497d3af460b7fbfb62
SHA1 90b128fbb2450eaf6431684b60e562ac3c6c9de8
SHA256 73e3b9c9bf5a55cca2652899379eee08a9e125d2dda24fb1fe13c7af771d0f6e
SHA512 01831a38ffb6a1f60793001688f7a9a008241366f2fabe35ae9ad7b7c912f7e553046d6fa6ac1aa336d9c95f68667dfc0e607485ccd590b5532eceb0cca5c69a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\37088381f461e316_0

MD5 971133e049e7968668c385b6125ee812
SHA1 dfbadf750260c7671d097291eb0d0120d37f8294
SHA256 cfe9663943572df600fdd9a82cd911f816981f60c9d71151918ef10b1fe03271
SHA512 72a3f7171a9f6cbd90d00e3e8771711ab0669a1f1df7d71ef1308e43c717352173f8fc21f9dbdd386c5a50e9c7bb5802f62461812391da1ff891b7036ac5611a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\37fc8d4ad8c6c9cf_0

MD5 c6b30aebe2fcf5c5aa345dad315087f0
SHA1 30b23009c3c135e4856b11d928d15c7c586fbd57
SHA256 cb43910f727a16c87c0b5ae3231e7aaf3c7d4f49d7a81e9b2b7e430186612f21
SHA512 1e386c3e9994491c1e6d73582530dd48a0c8f7bb2b0f820ef2741176450d811ad5f759a9b740f3b9f133261e4205f497455df2d3dd774bf09c0a892062a701ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\522714f0a63ff7f1_0

MD5 df2336e7d9ae4b44335aedf072a75bd7
SHA1 26dd41ad3c47ec98c57ac2ae02883a36346f160f
SHA256 6c6615aad5fcd8ea9df9d2754cdc83ee40981ef7677462e857705479129caf9a
SHA512 68801e888b3d126107da53d61ed943f8e96a023b59da222bfdc26b6713a6c913146a771a2d57d3122eafb066dbc74d618818abcac8894c86b35bf3f6abc0eb88

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2bcc52b53defbf57_0

MD5 aeabe64977f1f0e2c796f7027b6c78f3
SHA1 555c331a8476edb74f441860c6b3967d02baebbc
SHA256 8e06edd94cc8bfc2b74150c909452ee4f8f8ee059cb883f88cd9ab197089c6df
SHA512 2c673b740a910b191c6f8917863e69fd5047b661e1e9c9b04839a549e5e073edc914e101c2ee063f458ac2e85f6ef4f646372c77967ff83065f0ab8271251deb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5b5794c41704d7f3_0

MD5 ae711a37b64c19ab9ed81e00ddf097c9
SHA1 161ac8cb81030061168e9c84d14d6ebfa7441ed4
SHA256 93e329117a0455d32d7e6467050bfb98b67a11256eddf927990ed4cb6f6ad498
SHA512 53b94db8b9755a70201ec4bb2f8e7c0115e1eadad265447e78ee8c915b797e617e44829008368270cd9692cf8bc9e1f1685a219fd5381195970e06024a623562

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bc2959e97be7ccfd_0

MD5 9ad8d9224c746c706b18b19ee33dceb2
SHA1 a22e3315d1bfaa2e16ab1ac8b9ea6dbba13560bb
SHA256 1418674dd01693012d1090a58a4137b99a9c8349139587318d940350220f59a6
SHA512 c517564025b78c6c091f9af852f2dc9e9ecc6963cc7862812003b2c1a6355900b3d6ddef2919ab019cc873fc1ee80046e6c10a8f152787b70b6381642416702e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\02b6f13dd4d4327b_0

MD5 83f455a6c59e47aa267b5cad8a8d06b1
SHA1 0522af5fb7c85a1612effd16b7bebb05937bdb0f
SHA256 521ac4ec7a4790718017918a8e77221fd9385501dbfd32c92e08c9d18931fce5
SHA512 579e9f36dbf58d2f6b2d5f4f83b8a5fab6915d8523ee6357e6b06ed7da13387442dd5f3b4fdb897314d619cbdf32b3e5782e1b0c06b70a9f76a91908c5ad35f7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\40767c6ffa0c49cf_0

MD5 c326e9a233311cb115c460caa1e0f5b0
SHA1 15d2fd88c75822d06203417a73327dc3397736bb
SHA256 56ab7b8e838c5041173b5a4540ca8b8f2bee0c41ff07adba71d26cbb8408a133
SHA512 b32c631d03ccb48949d633070bd672abd5b8fa5ba51648a10ecf3b1ade14a70b95b24e30b317f507b3bce2e75e7f2d22387aa9c285fe55ca27c2850124bc2bdf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\22c98e1d002ca4ea_0

MD5 ef60437d3e7c60ac1a313874c135f832
SHA1 8dc3d0aefcf7da1136b7089f21cc37318afd72c7
SHA256 b64a13ef9f8e84b528c0be8ceb096d2dc676c0347a2fe6334649be17a3c46a19
SHA512 2be43b7d87bc7fd2b8bdb5dd9d4d668686ece82e454231a2cf5422dafd4aff40bc2f5af39769af1edc6c7f7a1f2793e29fe43f6277eaba13997a2c08ea989072

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7e27cd21baa1a264_0

MD5 b4e5d6f8c84084bf9eaf55734943db4d
SHA1 865052f25e898914468b8ad6fcc6a2c84b6d42f7
SHA256 568f0174343ee4f92010a12bb8a1336a0c255bdb32a091296824f5dfc8918873
SHA512 e04a5d7559431d6c71651df761f87b43d581b87a3c6e0ba899af5fe82de0bbb935ae3a21fed0b5aa7c8c923d48b50ab292bee5971e4a56e21767631fb22ecada

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7edfb1d0585398e7_0

MD5 617f9ed0a66146c5656162c12dbf52a1
SHA1 406af124e9b65fc891d63d09d0090e8b771f4d54
SHA256 3c8e564bc12c2a4d709f46ccf43cbb683edd15156a405c3cd63d36d6142c715c
SHA512 c320f43970fadd0095b3e929391ac7c86e9abd0b5d190dd4f51a84f3f69695a48ff7e8a484762f3bfe16e80f73077144cc91e5d5ad36c52ee22ae6d7ebb61f63

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ae8cee3d41e64301_0

MD5 66ce3c7f4460e633aa3e6bbe9e2eaf72
SHA1 8d7174155273aee48192e1c52bd262d1c39e2a8f
SHA256 4bc3349176f386a889ce4d6f6635fa2d822c5dc78915e70c4d8cdd3951195578
SHA512 6fd47511a205b4e55b6eabdd63396cd9ff2f9ba1f4b180e946f350f47ea7ffe81d25ec2216cde4741948168fcce517788ed2947ff1fb10b0521b9d6d8fa42a8c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\768d0ac0ca872d49_0

MD5 c4ddab4a705d957c16f1ed72d0e2d08b
SHA1 2ca2a4a74898264e30b8e23fe7fc1a92cb6fd0c1
SHA256 13fea995bcb6d3c122502f784c8a21b1b1de1af066a82e7736a4b656144ebe95
SHA512 8b0abb51be983e9313f1841e84648ef55053a69bd66ba8ccda711876186131527aaea2760642165e61761dab7195e8e6408b1c30c622763ec90185d06f4e3aa4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\26dbab8f05a12756_0

MD5 0fae379cbd4c9387a7c1b05706711530
SHA1 7fb16952a627163050e4ad5e10fc599dcec3e7d7
SHA256 a20de68c687285f81d99c3a309101cc11595cd487e4e8954208297c1c129a5de
SHA512 6cfecef6c742433fa385f53a7d9874d053c7443b2feb2311ead0c5559e35f7a901150cb6d0d9bc7625c5717f0f7b77bfa3175b286db5d792aa8ceddb509402b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fd4df3ea1fc43e3b_0

MD5 9b6fbfb1a5de814db0ab550baf6ddc60
SHA1 d22fa9c7250e310287f87e74bfe0c3dda03dda21
SHA256 1764f8cc380be31f099d9c127231725f4fa0351b9293cb18430903e8811e42be
SHA512 8d6dcb76c74ebfdb878c8e4720732d0c7564a2ee9d252e287416ac70437c9dc0f47045f5e45e9d4e0da3c36a06f0249b6ab44593f4b4bd766b1340dd7cb18069

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d953ca0d907d8d4e_0

MD5 01e0b9e19df1888407132627c4574e14
SHA1 6022712077bb43020a06bb9f3e8fd8a4b5358635
SHA256 18f8260d1a76ceea71c18f106989730ef0d3bd6ac42a81dd0fb6653c75efca21
SHA512 26356b14002fd69c899c73ded1c74b04bf5b4daaf7fb6dbf0ea8920c684b092bf7bb9e8450cb05de5679ce811a6b8fb420c8517331e21b5c7bdf150ba4e9452f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a07f969c26e68320_0

MD5 94e31380615aaf8cab6fa998b4aebc7a
SHA1 d08526ec5ea342d0210c1be3944822d30399b0ce
SHA256 a781b3ebb5a0cb12e9d63fb171f2f08a4cc36379bb7f6db191e6aaf3a56fee00
SHA512 9c62aacc8f0b9741eda718d6f38f6fe5facf0c50027d5fda5e69b51a3fc5d59aca3b7fe7acac89ab46e853df42239e4332a54f0c42657dd3d5e736c3bc28fb02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\09c6522fa04e9ffe_0

MD5 b7ccd156013c0f5208f4d2e1729c29b0
SHA1 b1ef980de10d2ab4455c9321a1294bbcd1fcbaeb
SHA256 c9b4861b47a6137c9c740f86bc78236b934b67748dac6c0f0b159da651e7b11b
SHA512 eef68c73807560bb741b4dcef6a16b970c695bc88704493b4d521bcb1e68568d69dc230cb7872933a0652e5bc6d614fde69f0b80c854a92a64900e19f7415b18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f6c78cf3fac86745_0

MD5 cd02f40fc30fe79e18daff65743c8ad0
SHA1 6943e6e63014d8feb19585d81062f198c5043dc0
SHA256 ee99ec11d0b1134e2ef2cc0c3b5f2c4b235d9d40342e1b209188701453534668
SHA512 c470da12ac920d021aa8290e371b28f9afd8c83d2ee7f1f885074a1ebbc49bed74a4bd9b68a0dce02624caeb65a487cf02bf9eb9be6ac63cc5df848aedae1602

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\92789c3889a502b9_0

MD5 ddba0476da568c23747e7446cf10b10f
SHA1 52a41ff3e493080a9d5fe276b4e1ef9150f24e70
SHA256 3b62d16dddcc50e11ab4f0e798a510677e8f3f4c2b5d8eb2ec210ab0ecf6e3b9
SHA512 9cd87414a1e368ba8ed1ca1a3696c4cd7664a9a1b318ef0d20c595569794322adba0e839f0acf5e9bc43d086dfb8c538d101489e51db4d1d7fd8af09586d13b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e3635cc32a6ee375_0

MD5 e8467a64e9e916d2a95580096610a1c8
SHA1 e45ec8deec43f300084722039ef2efe81167a763
SHA256 95ae9cf6203a0cbfe72a2023a4fa16a21c0d84a96d1c469c0d810f0b5b2778c7
SHA512 887c23cef14c5a781095c8f1c6fd679666ee7eb6dc9a74b095b1cd576a942d32135dad8cb2a23e9e60551f5dd1299b3e91a1b73abe470e318f95a28ce1938137

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\117c7c6950d7b612_0

MD5 5ed2911883d6ff962677423b50d489b8
SHA1 15fd69a7879396bcf58d413ddbdfb3fa85753f91
SHA256 3b3fad18b95e60d34529e06d660c6d141fbe3d3f2a0aa7d65bbafd14b5b223d6
SHA512 681ba095ce1a2cf8cd43384d837c2a27afef556fb97f7580d599cd1b8c5c6d1737fdb80481ddcdb95a1657e175bbc8d475935d2e55144fdbbb82d04d7c4160d5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\aa38b51046403e2e_0

MD5 20586ab490ab4e902b7fdc95fbea00a4
SHA1 4f9be15d8a1cccce8893b248c98d0fcff12e35d7
SHA256 dedc4fe0b2661ee813182d999cbb902e1c9b25e978bddeb9ac91d83928062ab3
SHA512 60eae3ac1ea4b2cc7c1bad35b3f6dd8636a476172ba94e51da171b16154207626d6285ae945391d6753f3587b193246e2501cd2ad46ce54e3017ac1236871220

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e74b935bdd03c721_0

MD5 1bf6720d407ee24a6c32f1709fd6639f
SHA1 b66b74f74a1419a2eaa87a0fe8627496a66d1684
SHA256 1fdbcab40de42ecb8a173b1908d19201c778f5b0cbf31b8b622ac3239f38357d
SHA512 621726749bb6b47f7696c74a7930811233c72767d23075f9bcf428c377223ca61ea474cea81d4ff8961854ee02dfe1e91fb358d749b4b44b9fad0e80ff22ab62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\39d1f542fa5da02c_0

MD5 ac1987407e87c230de007979e09e0007
SHA1 d41bbaa0efcf78c8cd21068ecc8584b905fd5c84
SHA256 23ebb5d829880acaf055e1d7f7c19018a41fa2079de1569aae1cb3e7946298ab
SHA512 48456e543bb990076784042f008125cf13a0762ab559d15e8ecc9a3c40f0eeecf60ad4440acd7f33113e77f942d5c1ee5cbc8b6060b1b7d8bd88a45c2210cf6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7da99e5a9edeb5d0_0

MD5 3eb604c5458888a42667d25ca8528a55
SHA1 59d00bf80a4220e3f75a86d3dd378403729fd371
SHA256 68b58f763f724a2108ef30fcc5d1c15af773157525453c305432c2d2b71d1371
SHA512 7af3b3e64a69ee464d64bfc8800957f22c2ea72a4ed842be8f5612f21136b3782f17f36b2c9f355cac35b81b5a1cbc31ba795df021cf4581baf73a9744a05c07

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\77fefc1d8cc42c03_0

MD5 0ad99555f1bf8b8e0d299d165dc4776a
SHA1 9a33c2cfbdb368772c1f5fb092bf4162da6858f4
SHA256 64fd07947c522da55d635d326e1c7eba5b337d864fb70ea845d33e977778c17b
SHA512 7a10c655bb58ca977af45a93b3e7c297613433b5711d585999c6f193f3179478ecf96246b956c1806c5a6074912329ff138c0c54e6f189f6840e08e1ca357e8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\eb1e5e07b90fc03e_0

MD5 639012f41162a48703bcd3b88c84900e
SHA1 13b30d0ae796071da78ab19c53b829169f7a9a45
SHA256 f8ed03ab97dd361cba02dd380bfcebafa27e7924e09186f511ccd26e10b9ba45
SHA512 18c87b09656b4ea9cdfd240b7bb372968d4713ddc1cb42520c7695ff84876ec0632b2e54482dda438246bfbcb46af970da2ca9aac61696fdc46148464c3b2758

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0deca65ae77a13aa_0

MD5 c63e5a69489e177115bc3b931f4de36e
SHA1 ce052f6f968269169c8e3b399a3a361ac059ef3c
SHA256 dd2cc71818a92408f4a0a9c1bd6de3f17d1f2986efe5b8b33a322e8e84296e92
SHA512 82bc5abf30a64d73e41ad9f39009165ae4fa9334d3c5514837c12f3ca5a2c1e659997ea7e79944734ee00c702effb38654b801fbd6a3f7ed83eff356460fd61b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\040f398d796273ff_0

MD5 1677c81296f7ec4d19f877ceefc47c08
SHA1 39e26bcbab42a1e5d266ca96041b0cd33288955e
SHA256 cd1c1f7809956654bbe359983700db120f0a96aee6fdedcf208530620d8e6c7e
SHA512 1c160e910c430b937f401171cd98d39accf1a4c8a53ac356a3d0e9e495b23b96c259315ce7948c62dedc877e0245c0a513399f3388a4443a3ad87768140d2523

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f5f8a510fda97114_0

MD5 00562fa5ebe2681c1dff8d4b1c2b7719
SHA1 7a963ca59fe3cbff707ad54293ca6dd1ef19619e
SHA256 d5b1e779586ec12c7ba67f8d8fb969dd22393da5fddce90954bb8e6d65afffd9
SHA512 a62cee736920cccedb82153057703f1a9f31d076335f211e9c5d19d59e2b92ae572bad89284e38068f8ac9a153eaef4615007a5d59ec99b26efa78c2f5b84e6e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0d661fd2d9be0657_0

MD5 164c72d5c6d182378ca728c36110d10b
SHA1 f7465649da0a827473939d967911e874d4813efd
SHA256 7d5aa7a2347219c6aa63d9a5e4af5a1eb51a1766656ed4d38d63f7c7b23d779d
SHA512 5ac793707ba0e18067335bda62f4df2141508c4f6d34068aaa6f6da19e05299dd4bc127edbcfc16cd6eb9b747ff95597e192ffc492303a7df1a3f42f918ad9a2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f63b2dcf918f4446_0

MD5 2b97d9f807badc530ec983041ee3626a
SHA1 14c3694f628dbb1034c3af230c6c706a34359b79
SHA256 50eb2e2259b6a15dbe77ddcc54e779ffa3c9da47b8acbba67776cf82947e9c01
SHA512 8d85ff57954cd073e75728ff81d2b77ce66c55b22e91dfd6fec31abe4ef829c1861b9de3a5cb89dbd66bcda416ba12866d8b4200585b139f84b053cad163201d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\44e0f6bd34e4e59a_0

MD5 b3db7a541d8225b98b97da84dda55ea1
SHA1 c275ca18ae2205576a87888fb9f76fe4bbce298c
SHA256 b22775a8560b53feb40a6b34c8fbc538999db46202fadcecf235d3394f1d9619
SHA512 f62bb50c865bc1010e31bc19f8adc3b8a492f9a7168a6199d0ce264107595e2855fa677db4f05347b83968725b29089401b56b4a2da64605a1b1965c184f8397

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6326191db5a9285c_0

MD5 4f79ce2789cfb483f3f60cede35988bf
SHA1 5b646b4658c9c83d5d9bca194e04701345a6c123
SHA256 6d6c04db2b785e6df44e4bf059c47210f5a3af988912ee1ad25db51c6f12a8b7
SHA512 7511bfbceffea0de048cf674fc47b01a7fe68e77b80afee6762b669dbd0ddf6cdd9c6c566c4d419612be8cfd24270ba46e51843b424c15f159c5109585ab93a1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b152b3f51c1ab150_0

MD5 b765741e092744a2653ce875bb57a279
SHA1 f8d93371f5d179095aa03385bcec0bd31aaee975
SHA256 116bf382c174cc10f636f2187a601c3e3cd1da9ed0d6611adbe71a0d2268fcfc
SHA512 4f5174f2cadb3e968ea16816a9ead65c9187587477c3ba1653f2b63299bcaecd9a50a32c1310f7929f1b1d23792d39b5b3ac23eb52a3fb56f7e982a660b9c324

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\45d946099acc6255_0

MD5 6abf5b9d80ac26a8e2849d0aa2802704
SHA1 09eb22d5144bf278c1ebf0ef71fcbd33f47eb4c4
SHA256 74d3700699e7dc053652e176b29a214ebad5fe71310231cd771f5f126b08cc1c
SHA512 351916c812ad7ad927edb6cb144219c74856c0f2d9fc90c53dc07e0bebf84b3b600d70e357e55dd8bef96e7ffb7a5091864aba4f6d9b9e9c43124c121c8fe2c2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f153e8e310d3ac80_0

MD5 ff86cdf51973afb4adae2cdc27ceef70
SHA1 25128b5ad638f9709d9acf789a6c3ba099815dff
SHA256 732bfe53c7dca0690987686a083e639cb240ab841926ba2174473cfc240004c4
SHA512 a115bffbbd60f819d2a3596febc4339a8527c75119bbd4f62af0cbbd72a6b239dfd3849a726751ea1b0b2527e7039a30861915c5cbf39ec62adf56e97b2fc656

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\66bcc6f042af58b8_0

MD5 bb4db26e1e8877fc085e57bb12cd0f42
SHA1 81c5ab8f92ae9279afc411c455cce598bd0f4793
SHA256 16494c59e87037b5ca1dcc015d4b18a52f95ec699fc618d004a7dc00c32348e4
SHA512 2b33e520920d145de7edee7725794ad14a896d3327f524d4d2366f9681a00dfbaf83f861113a362e154d1a9579f5e82c2bce794c5a078e7e175ea3c07753c9a4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\54196d5272057691_0

MD5 4a21cad1ab602c583ab47713bbbb602f
SHA1 0f71ab7f437b7840e477cbd6d1c1ad728e97e542
SHA256 db91011d0d9bceb875e595745dbe68db164731fcf1f857ea3d6ec7eb2ce59c3f
SHA512 2469f677069100abe7d1293fb757fbc9d870f0e7cd4eb8171eac62929e9ac57f835138c1ceb631091050022ac76d3d117d0b3e37d109aef7bdd2d673e2cc783e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\39c1b0ebdf6ed42d_0

MD5 6fb4e2bcce38423edf64ac953155bac1
SHA1 5bcdd559f6c094433d6a67fd673b26f8c5282c13
SHA256 f029661c6418b9d71528c5468191ee3a9dbcc92bcbd6821b4589a1e972df9e2f
SHA512 23a47b4222dcb859669dfbee38896463b31ca98aff095abe2bfda07d17230d9b873bfbda90755fe19e557f57f7029ee30f92563f0d3d38de95ceeba337a4a64c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fe7b359c88c9fdf9_0

MD5 c33642d84cec507366ada35c2423ea04
SHA1 5368aae962d0eefe90ea3019260432ef897e7a71
SHA256 6b3d6b60e81c2f921a5c76866ef3141842cb51a4447d29f7226ac70916ba4e14
SHA512 0610592a9e6a1e866cc47a0e842aaf867e9b125f61dd88a89b8f47ce5e14734b6baa22766322f2f1752ed9bb3a45341f4958b4c7ac0552ffec1d9db2c3d7b810

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\84ba8390b58b0275_0

MD5 b9ab290855b7d083dd7d42d0566ff4fc
SHA1 55b6e411201891f6fc308c5817059ffcee1870c6
SHA256 1fa2e1a12fe0f0d52ab9a0902b1ed56ca380def1187d46583ca45a4015c692c3
SHA512 e6e50d25b37bfba83770376ac15a65164ebdb7f635a330dceabce932b9077963157122e61a2014212480aa26d6acd6886aa768d3edb5fc7de5c0f26bd9c1aeea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b2fb6ea7a9af17fa_0

MD5 0da84df15c7f0ebbf501a26cb8daafcd
SHA1 8a586bf49a97931066a6b362fc8ca928ff66fb7f
SHA256 e5045cc9144399da0db1a9442d4e992ce045a8abdfc36e3e7a729bad1eb13dda
SHA512 3df1b525d34465d0ffc17206cd86a849bf7e192fe08faec7873d28537573c569115fb07a2f9c0cdeb506d2e75d38c152c296cc6a0298aa8cd35218f2cd0c850b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\d585e74b562acf1e_0

MD5 6243c22a867c0a628a995c6cd4fdac18
SHA1 4fa6085beec3d7d0331520234ffcda3e45d54cd4
SHA256 8e058faa1c689770989cf925f4805b5b7507bb00c858d06b6060d2234a028743
SHA512 46f060c11fdef6d7cffbd913db83615d2703ce922c1511c152de84ff47439429665c632a66bde345e2c108f2b9f42a3462eeb3146cff880e585d975edbaa4dfb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\44d4393ef88f35d8_0

MD5 6e0bd672aa258e8a747a93946b532e7c
SHA1 2d18580ae0d98ebd78e6777b058c6d12cacfd57f
SHA256 f9874eeb65e467fc329fdccfd1365754720f9d39a05e007d7dd18c418f20d9e1
SHA512 cd138e482d8087a21c4d2075a90df4201012b915076473d580f8e51d4cda3459737b12726d957c221a82aa1837bb3dc589a08b647dfdaf4e9344c083b99e8d3a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f371ccd6420a488f_0

MD5 89934cf4943ac3b330750fec6279d2ba
SHA1 38120d47d2eba985c88c177c5e19a7b91ccbe4f0
SHA256 b6399759c634a787e997ed3e11c8827fc4587dfadaafaa2ecee7cb573838af81
SHA512 99a895386ce5515aac64ca885c4d1e4a80db04c421e7f6fa41b1d4e3163bb2e2baceca10125f1dbd7b4668a78c4abf580e2606ff372711bd1e3c8d1e7299e8a8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\552a12cb094eeaf4_0

MD5 201c9525eb8cfc38217620396939297d
SHA1 7001aa6d105e71fa93a0e2032d2dbd81664484d3
SHA256 1a1464b8b48ecc209883d09ca7d4fc9e144fd85ef08bc84ec4a68e22e6e164ed
SHA512 0e00665174c3e4d4acbbb31396192ff16dafad823f543a0bfa3c272785b097ffb5aad1c026aa86e614aff39f23b40ac5d64c4958dbcab7ad40dd2dff82804879

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\cb42caf0956fd2ab_0

MD5 b63929127c5330eeb4a5c4a2bee35f6e
SHA1 c767ae7f3878b6661a6202bc11aecff5366fd5b8
SHA256 8b51f8c53ffed49580f4f2697781587cee178febc475f4d360e8d13ccca0c7b1
SHA512 73584bfd8a8a5da50030185980dca2a25f1b42c69cebb7069ec5a24988be8f93abccba8648d4292f8e104ec807eace0c13d18a4150fcdac915c67bad8d576014

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\725a518a4ef2c387_0

MD5 fc93178387c0d1bdc2555ec873af20bb
SHA1 5f1cf77e501bb93ebf5f95760c79c3914da22e9a
SHA256 2b0fda25bf7d019b8b720751cd0129d99e04d28d11068a60843a481f9417ff7e
SHA512 3653a480f5ec7205b538061b278a0f9434e3ef83972c56367006dfea49f4faf45057eeb3a81c3ffec2f86b8981ce46beb5020404251288fbaeaecff6a078cb3c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\577696296277d863_0

MD5 6fb648ef45124f3c3fa3d64911e5f80e
SHA1 089934e2ab9112894672788761a4457a31a6c259
SHA256 ed76a2798c93c9908387b0fb5d108029cec59f183a21e85a0beafedee955993c
SHA512 52e094bc01d607de36a480bc0fdf95cc4c6f54d8054f50360711ed3206c424790174dbcc38524482e70ba06719f1e963194ec493e64f0bc8b2a376465fbfa08f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a5602e955a2a3314_0

MD5 186072598829a0831efff10040e400de
SHA1 572688776219f916908ccd215e5e244b4d2685f4
SHA256 5a1f2d0e2b92e4649849f75ec2c108b474ba7dfc43dbce2146d4e0cff716eff0
SHA512 edb37d5245400cf49543eb8b87342d0c5d4612800810b2730f6eefb7975299e49857ad409bf54cd39da91e669aeb6b188ab06aa17aac4eae50d7b3367a8c057f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ae325f18e1338b1d_0

MD5 ba18413e0dd985c00b098aedc9910cac
SHA1 eeb284e74e76e04158c49265b5a9bf2b021198f8
SHA256 7ac2d01e7e668edcacf8b8107e67dd8b847d2ea712b1aa5c7787c789f207b627
SHA512 b4b68c9c0c9f5152dcf1a00435a3ccad851db8d138ac8a2875659058f45317350a7a70c4038bf03cd55c8b8cdb62887eedc7b5e0f072a9c15491093cbb86973b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8ab59c5b19a9e961_0

MD5 128e431c9aafa877bdb7b34100031d10
SHA1 73bb459d8d8107b0a2ae4c64fe6e1bb496fb88b4
SHA256 2c69b8f49cacda3112840ed9f9bf6ae933d068fa36acb2c4ed47cbf6e9abb2bd
SHA512 57642b08fa89070041efa64e94f1244a38b07f54ae4cb93bec6347efcf3f7271bb6b354f23bed28bd435e08cb32a6e47cc6e56f4e1ce9cf400977a0b4b6a68c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ca876e45a14b9cd6_0

MD5 bc992969a9a7d020138f729c406d5db3
SHA1 ccca034ca627a53a96cf7a0d6f455ae9735097e7
SHA256 59546ed1eecc4ad23c5a9b0b772a83f67a3d8065978cdd1047755f37ec186202
SHA512 2c16156f0769360c9bd71989b29a3f255856fd9db9d982c3a1ccbce00e9c8e3aa389ab4dcc80485633573e8c2f0dfc4e56316d3a0f9638c4cbeedff650369014

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c9950266b93af2e9_0

MD5 4af1f05cc9d01c7e31f6370de1d97165
SHA1 14713610323aafb005334c7dfa57127414b2c9c6
SHA256 f8e4690803d131229deb973a46e228748a1603c4b06f05d223f47a4f8fbb8bab
SHA512 4c2ed953499707d73176090c803c37bb1a11704622df38b71b5b9a737e2ea68ac5cd01c18c1b0e90e6bc0a39386c4cdfec68b8fb949e2de5c155d78b683c9f0a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0c6f2141040c5e08_0

MD5 6c59bfc165dca608c3a0efd33cbc1864
SHA1 b622e621bd59b12ddf27b3be616851436d8fc26e
SHA256 2c37accf03950d9deb6350ec5c8853af7445ebcf792fa2ac769c98b5d3f1d980
SHA512 80aa82ae863ca7f9d0ccd11612c603f4421a11da175beca5d1658c7f524f7e7d07c59c69649b1acbb5e9160915fba1f445b1854222627134100177735c432d33

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fcd808f5bcf778cf_0

MD5 ea0772ec88a8d0f33db4281cc1382e50
SHA1 4a162759d95f49747fb7ca43d101d49ab4b48253
SHA256 8dab91dbe6f130e2be399e14342280dded61f382ff01229b65051c137489de66
SHA512 ec37a23c823ed970b646df52c63d96b13148c00307ca9c9646507bc4d44fbe8af367eb8fe8f71ec52db3034c247e25388770732efc004c44c3619df19d787e56

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\69612990de626a12_0

MD5 1b9be59da8edaf5022a958841a2ed4d3
SHA1 286a3abe743fca385e5aecab4848f0590ec8dca0
SHA256 498e228be6f3d5fddfb9ca868d202083f466f74c3c497a1a1a8cc860617ae75a
SHA512 148c554271257220ce204651b6974c7c6d522876930d929a8588fa11e833c7d6882094c5b7e840a4fb36d0fb96d1d06fc4927df73351de2e023fdfe3f34f5d8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\09f4462215482980_0

MD5 c44ce1873c756e4251aa58ac41af11ee
SHA1 074d2417fe237912260653352ecbb94929b52a53
SHA256 e0cfcbdf25ed845081bfd3947fefcec66204970f8727c453805f1a638977d832
SHA512 cf8253df451fd94b5dddbb7d76f5a51f8fbd5e1fdfa62874ee43109ee185afe027ec44c5b67988ca8f6e0e08cb9d92450443a437abee1bc85e07517367fb0dca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b820c896dfcf01b8_0

MD5 fbfecc4c613c5b849bc2f4ea6679d035
SHA1 11439d9b7ca9cc9a54079b5c153489c9654e2305
SHA256 ff0271e4e96be05435bed3b5e1f37742b5ee0b492ead2d52569a2ae80d9d26fe
SHA512 285ce9a1a36c7ed7734736e9bbf50aa20efbcbaf52eb47399851108a77be40b3dcfa0d07369a1d0d173dec839c17debbc27006282cba7a2da39a29f2f462a2b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9397e977feca9d2a_0

MD5 2ba081927379ee5a405f293c82b41c46
SHA1 3dc349730010af16254700fdadc95f41591f440d
SHA256 13d2748385c6c5e4fa7a752590433118fe7b5ef4ae9ab8999b514b1705a8d7e0
SHA512 837bd7437e7acc4349ad27f2bb152ddf7ebb6cb100ee778e6d56c0213ad4a4a7b5e94665821043855d7808169ae7de3594090902509e85a6ab1924e9d857acde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\79aa9a266a2b99cb_0

MD5 64906480c156e26f585ecff037f15ff0
SHA1 20e123cc504868b10bac174f889805b8a69cc846
SHA256 41c29f09b9bf9844a03d4e782442ce4c83e0a6a22ef19bf7bed97a0f4727b624
SHA512 6d79097529ac2bf516b9b81130311fbfb273eb343452144b58c18fed4c83300aec1b9eaa022bf8c8b52b3e9519bf7e26a3b6aefa824682f00b36b3f5525a8412

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7dd068e351c082bb_0

MD5 29dd0b1cc87ab9bd2ec3e8e761a412bf
SHA1 333f7c147077ef290fd4a6686e8509f879fad31c
SHA256 8bb142738ff2cab6dfb3291c2aeb687c898dd4c6e55b21515e1377df6aaaef0f
SHA512 591b0b01e0b02170d449fc089efc60ec3320ed183e1330b24335b175edd863b6bc6ea2dcb92f1152df9591d9e4362a9270af998e73452dca3bb7f6a0b570a57a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\fd51569705ad7d2a_0

MD5 4e03b3ac1bdf985fde99fc4a9f6aa488
SHA1 18c9f86e2cd105fe649ceed52fafe170cc461131
SHA256 82da31907ab1243f7f380065efa357b55bcf0b8ce8419fb6f7c37c0f1deb569d
SHA512 80f0aff190d9cd9d607e2b2c599184d8ae576032f29d343331561ab89b60eefb355be0e213b01a59deae28d2e30a3f40596db6a09328a2906f3f7db0ec68b4ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\e92db290b9141a50_0

MD5 b50b72bb93a8d05e3e6ad6cc56bda2d1
SHA1 95879a0b716c189ef257a723b49c00019a151afe
SHA256 3d110b91f1a634812b8d6e23cf67dafb4ab06f4b8b5c5f9902dc59a57486b6a6
SHA512 8c30238c1fcffd5a2aecb819114ea9136215737a171e4e6f28912ccdc81e2e901df120f149bbc8e17934c4e16e47c0b6553fcf772d38c6256f009fd55b0fb67e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8b2b44162a9a2531_0

MD5 8c29cecee56e0eae2eb7035b749b5dd0
SHA1 8d6e3e01c1c40bc07fe7bc6fd4a172d2a526483b
SHA256 4eea324a9af376995e58ff3e1e8143f7e955503a294b4123f567e1956af8fe64
SHA512 36138aeea61a5c65cafec118ae5e6dbb3ba0289a6c4ad2167cc3b0610305393a1ca15130a480550c921e7ee8afeddf6537f43ca8ce432d4e62c6d0d18bae8f8b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7378e746b6182ecb_0

MD5 5e34ce6fb0efec7ed59aafd117b12e47
SHA1 dc23cc236e6fdc4591147f12b87f0b3e73df1976
SHA256 9221eeeb10cd50d6ff8b1aa436fe965ab64830585f0bd2310911497446f42ca9
SHA512 5443952be2b27d4f5eb0261b5d31720fac396c733dca4bdcf30fe96c11bb339a2a7f2c16ebfeca3cabf5b7e618a58e9f5c979ad15a26b9ceb6daa7ef3b3f7711

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bf7bb2b05d9b24a2_0

MD5 9b38cd9c219684f8bfc18af1a1b1726b
SHA1 d9f4a1c86ac43c717e44010ec392db9815dff261
SHA256 aa0bd9e045be43cd82b05cdadc3669eff66f995b233d2bd63aea60feeeff7b0f
SHA512 33a5e73a4067d61838034fb16948c7eb5061ee6422d74ba581fc6ef9049fc6d5818294b79015d136055c50da7c2ba2901591a95f98dfb3dfd8d880b4199b7b93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\75dabc4df8d2bf8f_0

MD5 e64bac36c353611f6c6dc04a932f2a0b
SHA1 cab1d0f0ee93502ee32df7f8abae65a2061255ec
SHA256 935377c94e38c07f8ec6f3df66592225ed55baec5ec71934f7945a51a43a3f59
SHA512 c4dd3773ad95a02c14eb4c3322ed6538b5d728ce3c8a490d352d8c34d6ed1c18127e196b21f0bd400d689171911eb67b50e280d749d5cfd0125c2414a94e46de

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5b1f52a13283e169_0

MD5 8af560b01451ec304bf8a48b4999ca7f
SHA1 c3c3c52773e3a84e18143ff8a7f0e057d4a38121
SHA256 1118d227906f9fe26ea31df56c2686b1856b083d41fc2d9e99e63a6452df6d61
SHA512 e0f8d7980be0b7de2f296e7e1d027c3f9a14124f4f48aa72b0e4cafad5e126eaf43a37e3c62dfcd9bd5d0009702fdbc2790292bd4d9115d0ed356c281595a7bb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1b560773e5389822_0

MD5 c94199f78c42a72a92bb7cea792954b1
SHA1 ea46820f9cce92892d68a47b0f0ed7c62ccde932
SHA256 b672dd9ac276719aa9360fa279dcb18de5e1134bf54abc7195cd684edffed781
SHA512 83c4a4e66fa41cbeff142d48ea3bca137391643cf353aac9ddcec972845997ad0dca3512b0953eea53d2a69c6e752ad0173901874758a21a265b9f6856544535

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\5c1f9a08a01e648f_0

MD5 1bcc8a528cb084203b9eaa0c192e4a4a
SHA1 c8d0469cf9b015eb1b249ff1ccb25dc5854a164c
SHA256 cbada0878882d60f32ca97a1abda7a094a3c52f74ec3ff64c861781468e2b953
SHA512 6df97a1974eb9a3e022d95e07c04dbc40eae13bc07200dac764402c727c7ae8137fadf4b59a7e727e29cf8102db927dabb854a46a39e2e1d4342900e79930f33

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bb3827b17752101c_0

MD5 51ac249448ac45bba21bb7c70bd05e1d
SHA1 3b9cca1066c15ec5c912f577a7a993327bd21526
SHA256 4fe47bb7fb34e71253f794cc5511bc40c349fed110a4281ed652ab234a0c90ff
SHA512 8ac5c950fc09c85e2cb6a6b4d78529ae61a07d17dcabc671fc85c88a02237dd1ba2b6cd57d3c90aea2b90dc9410cd143942fb45221708b994b237f38523febe4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\77d9524e0efb1e54_0

MD5 c7b28ff8f58bd2dbeb0cec3eb987c6cd
SHA1 147041ab5089033e477e75e131a20a567c2266ef
SHA256 48651e9b1dcecffdfe401d981df31cb0e41e07aa6cec8f6cae6451f403b86d20
SHA512 f42c87b04d53cf04a756334d67e0056cf411519fcd60f11c5c2b26f3c35717a201c884777997e7dc05fec5f8014697e7119fb6b672d5bf6b6f454cdab9af5921

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9d1720df62d8bfab_0

MD5 2838d90ec5c580719b65f3e80c9ae762
SHA1 166d171511fdf36573579d4bd724c837b9a95a3f
SHA256 d4eb5adc9d5badfd3a725cf7d06bd6a94c89bc16e6ab964ec45bb0f3986682fc
SHA512 0ce2a823f795e44d843ada209b603fa4781887cd70491558eae3e3245db684b4f58740747b6d570092bc67906a89cdc97205373b6ee805b6d210d64251fd4425

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\406fc9acdd19d151_0

MD5 92193809d0bfb8dfd0aaf41aff6df59e
SHA1 444ebc9dd5aae28198999cc523f906eed3360cb1
SHA256 bbd74c9d9c2a3293b270b28d9a8a18d80de4720c6ab84db525acdc9774133503
SHA512 4a19dc620f946a698db50d3b0f2c5a07cb9d06bf0156629e19b5a8d3198bd9ea976c490f9317a5e1b02d2407867781ee064e04fa778570b7d4ade2f37df0c104

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8550a3965d0923c9_0

MD5 4bf81e27763842643321fd7cf2f6d044
SHA1 33e37719563cf69a3803cc644f90ba741c17a802
SHA256 1d69a61da1707a177fbfff4695635c0a8672ed198a8a283a971235ee62ee8c4f
SHA512 0cdc9b7c6d0997d69cf3c175887d383ac35f860f69907f8a9961ce372c90ddd3a7a704989ee1252c025f3ab6aff170e4c73d62e6aaee2bc393d4decb8744d164

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c81e4900073e0500_0

MD5 fc3f92008ed2d5c95dd610db0ffab0e2
SHA1 0e9ec5458098345ae5f81b78a924242e8ca7b8bd
SHA256 ce9bad7760e6e73abc9a96642b57c680065d01be4476cd4841b757f34b9f2a8c
SHA512 5da274fc289783240361ab4b67f183b1e952a5b4f806a481a07bd0d0949d62972546cf0e6bae6bc810fc25f8fbb938d696394a46751057ac2d006a3b1572fcc6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\a8b4e1fee53d3f3b_0

MD5 2333631298d62e490ec74d6383af24b8
SHA1 1036228e52f860b42b595539fd530de162f264e1
SHA256 1291de7735d2ff5f02a9ae88a91b031659cb5537aaf2aa0a5ef1d4442de776b6
SHA512 08d3f6c43b6f4f150aa0dd92ee83fee3e2ab9f4a246bbd6e533aaa9d1768f848c13fb816275c53344b7aa97838aa1e0c5aa15c83df491e74154b5bfef7e8c71d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b67a377f1e30136a_0

MD5 d4390c32b8ff14ae992b757032ddf625
SHA1 04059a26dff9801de65c30fd24ec0ac47e101154
SHA256 81debadc56d0317bdfbfc9d0b39994b83ee601638c3cba8015fda1068868cf81
SHA512 627446a000c374f98bcdb1b97836e52ff12e43b68877bfb0324fdf0ae5c68c86569daa21c9b3af0f25bca7d01263b6af35421ed8a14d5e1dd2b6d79224e8fd9d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1b49a081af857f0f_0

MD5 2e49771e113519e0a3c70602088f65c3
SHA1 17e005b1f0e200649ef46adc7d3e4fe31553b6ed
SHA256 552b03eba96dbba2b1646193038e1e5ccf0c34d5be2bedff5a66f7ccdbeb9295
SHA512 0fa2839801421013067e20194db226db40d27b9f08f4df356e5c6cade3359983bb66abb1af1842d0177a3c1aeed2cc188a8f886a5bbf9eae6f5fac6be6e27d30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\39ce2bc2f8903afe_0

MD5 0b34e4f46ca442f6d17e16a0b3565f6c
SHA1 096f6eb9dc0fca468c22618404d2253f257323f7
SHA256 297e644c57f0af8662200153861c8c22cb2f5a4352ca069414520cd010a3ec4d
SHA512 66828e5cd14ba9403affef5f82639440edce8010b8e01d07020811fdec97dd54f2903348988e4b72aa56e82d720a4577f5a9d605ea8fe89fa19f4cb770b80372

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\001071cf033ff6f1_0

MD5 a3804a74c89d590dd03483b375f307da
SHA1 9b50d233fc5317cfd2eab788a660acb5aa038b8d
SHA256 dedf3a2161b36a8cf9489ca9c2c1e57aa2c18f0232c3fa948411dd3993974845
SHA512 39ee71c530dee79a08544bb88125524ade9095a89bdcaa1d2e92d58a95f7a0ca1bff79fb417d5b2009bed1aec89953f36c0f4b10db70bc9c6702eaf924414695

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c7af3e70c5d40db0_0

MD5 2286d26477877550a47e944fff52bf16
SHA1 970a9d159e1e8611b965ca7735ff25b4c55ab837
SHA256 9b200c32f21ddf9bc54ecca398cf54d9073371fefdc7a533acb20a8b8bbf7d33
SHA512 251edeef3b79406c11e688ae70cb38611ea25af77c4c6d569cfb54e70f60d4054ee00178ff822e14b71da461099dcff8e7ff94b7a9218d381cac77b89c380cb4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\53aeb6a0b1903961_0

MD5 dfc84f41195baf38c0c090b98e0e9534
SHA1 cf1ec1ef003a2efe03e5cca6e06b6ad88cdf04c4
SHA256 71464e09b71077c206eb2d5ec9103be7f9789b03e48807a150b392c29d2fdbc3
SHA512 91ec1a8364e85593ce5263480a8a81fb00051f28f4392e1af8a509e739bffff3f5a9bb6be7a88d6f26a5116b08ae1da4253980ea1db4ae874eb1e43ae229566b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0f30ed611f41847f_0

MD5 108275f45c7ace8684bd66a48068cae8
SHA1 fcb171e925f2fd7df3b1e864fa72627251ed37b2
SHA256 5ae534960d5f020f7a7d45a898c9d0000931ded604656f1bae8de4ad1215f78a
SHA512 6ca36d871a9b736aff4fba64d7c18d4aa65ac6cbb05ed6428e3bb9be0c1bbf975d5f5c3f6d3cff0bdc13ed6c0ff8646831a40fb27630901ce4433475387dc52d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dcb03d14294dcf0c_0

MD5 cdf58e73f28c36b09f505ad115bc76ec
SHA1 449922d29ff2d970aa53c4da0372eff053856640
SHA256 29e01fc4d783cf13c681ae63fc4c1b46af04089258c85d493ba5bfbf1b60d279
SHA512 d1bf251ee310431caa1115aa3162d75a3ac780f8e8db01ede8aed8ef2d2f0ea42e2e72d72948305dc233afc232c7b727077e3529a9022f127fef76ce272d3d0c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c1a9bbce361d6373_0

MD5 93dd9bac004c15a7368ac41408a77881
SHA1 466d1f1b418e167ff032a922a48fa9bedcaed4e8
SHA256 a46855e5025d145c543bd3c6ca779cb1fd1347ebb016b10294c6f6268479e330
SHA512 57008ec333b49a8a7bce7234222c8a601a8bc01cf4bf1c8f91529e8738b55b4acb7309dabeecd964c4c1a150392183ed79ea4997fe99a65fd9cc0db7f237bf6c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\ecbeeccabaef3922_0

MD5 7d77e5be9b4c25041f95dff97089fc8e
SHA1 dceecfc862a9520b0a99736c6d8b90171d043584
SHA256 3fbbf1afe58e3aaf8fb72e4d0ce92c722ed756ff0d1d4717642c6cbea778a857
SHA512 9e11413defec98dccd9a728f3a9aea856dd661d28ef0f17e847eace971a8602f1dbe5ba8a6e1bcd00d074dd51f3886295c63bc959c9d91ae04427c30e4ed07d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\1ae2fbbd5601556e_0

MD5 d17234395f64614c1ea3b70472af8436
SHA1 f0515f5dffebfdc7e9425357c3225d13e33778af
SHA256 e7d5a564d494fb3659c988a83424232ac8b81ce9344afd69284a9184819a9c85
SHA512 cc775eda764a088a0a24d5c9d651ca599ba432451d6f698dcd0f431db1f90efdd8fb208751259d27b356519f678fa0ad302b1a3a8cee84b1a4128acd63525692

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7c3ddc02d3a02223_0

MD5 589e7bc1a70b4d1cb07f26872f3338cb
SHA1 dff6057f83aca182c38d2764df4730ad6a5953fb
SHA256 88a248cc23c84d29631b82b6bf7049eca7fed64e8c1e6e1892f647aa00bb4268
SHA512 c0dda707b5c3b36961c4add7643472af2ece112f2a45994fbd001fdfedc59775f98bfb34ae46d27012b0a5f1d766520e111c2a89f772ffe72b0d262f574a4adc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4d16950524d46b9f_0

MD5 46be8331790496f8c2b66dd2e125210a
SHA1 7c962ba79e07abce56893b6790ba049230b049bf
SHA256 d46563b8231032cb173e0325b7deced2d0d2ebbe1228e02b5797664ae9828fa6
SHA512 b0d939a84bbc79487f92ab257b9e5f21ad7d6e0b5f24ad3b3c05775ba65ba406a22793f50f0a747aeb26a2dd09d3db2738bf0b4173503fda2dfcc1000ef54da9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\0cada9a030443487_0

MD5 201b97383743ca19f2d4a26ad1966ad8
SHA1 c2413bd5d182047c3e2361f40846c140cbeb0aaa
SHA256 a8d15afb27d3781d483cba3779131da801e96bdff09ecfd1fa13eab766368a2d
SHA512 bad1faad2597c6795413d38d6cf48367c28a937b9fc917564803ab6670ac9afbcc011c035fc4187bf4eeb5f6ee852f45899d0e3270b07d26b6edab4eadeb855f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2d126e3f70574156_0

MD5 0f887583ff77dd042d78f62dd1cb203a
SHA1 380eec961645b8252a7815dd671be6759d4a3946
SHA256 0c039c4f134d12f8da068e9eace9f6e0e6d4120563b5272ed7742e6d3004ef4b
SHA512 78567ad26c1808d2467b2957a497f8fbf4cb48828062e435ad902f5541329a26be0f7f8365f971068a8be953302f8046eb203873932d47fea84b01590979e38b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c7e1d789b7edd4a4_0

MD5 cb019e5af8c2c3afa9a846d0d767d99b
SHA1 41d81d80ece16817f52dbbafba321b88e48d9b2f
SHA256 587f17f1add7da8fb7c3efcf5bd14bc1f54139058aba312ab2c4c12bd710911c
SHA512 8664c76917178715e76709daa74a3868c6321e5574c59a7a355c0c3bf84e0a32fc8c839492a3a7bf27603a50ea0fcdbbee6ccdcf4b7e0370a363a540d8d7a06c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\68ca572c61516013_0

MD5 b16b6e66f87b831ffb00d64210a37efc
SHA1 f0077f23d6176efeea451125fdd65e9dcb49a1ec
SHA256 4566ff310455297e69f3d9c968d2c453c129e5b0d42bc0b1fe4f6ba215f46c63
SHA512 fbd3635d4f403a5e380e5e37b1ba27f4b45f4a7497ef0fa6fac9a246bc4bd333606c5e05f66d2025808c7d4909fee2f7b2a38e42d6685cda9a1d34d3315ff9d9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9b2a48fd706771c5_0

MD5 40b05f8786a02d502d74a280a3663f28
SHA1 6a3ad526f67384885cb2db30be9e7f92665b61f0
SHA256 c4c3f0109a3517f1c6b85164cc024e36538df189c8382fb6d78373992ce03edd
SHA512 252f870cdd728d88f3ce525a1aaba29f02fe7c0226c8bc79e419a9849d569f55ea2b1afd6885e5c05c1bd0241d3bc73b24c89892fb4d2373c408e0b64781164c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\6a8dfc8138fe5cf2_0

MD5 d2506b1561072819dc4ae4cb50e2249e
SHA1 51c44ffdec22d5f3d56a6ac813483d57fa80f1e8
SHA256 89d33b0982bc3b261fd6d05d5e9f27b983c111e30290a392145cf4b43f81682f
SHA512 9ef856209d16884054cd78c1b1418a6998f0bf87e7ebfdfc9827d9d20dac28e99668381e3e34c6e2c72c9265dd2a58ecd6fa4013ca7354d45a7d98ee8e46bcdb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 22e089c5678415a5eeda61ce6698d0cd
SHA1 83a723348c28be5e66ff0675f71e123d8413a4f8
SHA256 a71dbb1fcf8e279f652a5a8f0a10df63a74fa7c0acce17a1307a11bb1b368169
SHA512 09cd53cbe45d0bd55db570b4ff7584ff93077c01cc07592fcf60bbbdc0e2e99f5b328fe1f107cccf80334295ef94ffc5f65add39400e0b3ad51e054db36387ce

memory/1068-3793-0x00000000006C0000-0x00000000009BE000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5dfa53c3823d4e4a39b43877107ae3ba
SHA1 40daf047ee1cdcb8677a3b3d54f99b622720811b
SHA256 af75a0c4ae25eaa709a1a8ce4d2d17074c33bed9608c6322597246545417a483
SHA512 8a3fdbc2f12b9b4b1177bdfdbe099237adb7bdb5e961decf7cb42dfd3ae5134ee3494beac43a21f2123b026d4aa3a2f70c6753af38eb7b16e62839012b1579cb

memory/1068-3823-0x00000000006C0000-0x00000000009BE000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0cc438a71f665b7db48c5cd9810b91b8
SHA1 2abb0582f96919bbdd150456056b9e93736f4cb6
SHA256 01d8b3760330911afd767df06d71ef9faafe04baccf2f3f1a5a27c9af27c623d
SHA512 7331f5b7803b80d8ddef0f047a7c5831e807ebbf7ed5f714d5f9d04a53fbfe69c930f8c7489dca93a065b492ec7de3dcfa23edeec0fe56c35c2b646fedadb1b0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 7a4a9c1e88a07a5a3c5a63af0b872ec4
SHA1 d49e119a936b10605495fd17457da906a9943174
SHA256 d3746eaf8e9faa90bcaf4dc5b792d8e583f9ea0b4d6d30e59964183fb990d98c
SHA512 acdee801b4d6fac4b965af4a29f8da29feff3e8ae0de5f4f5ac23b4ce80472d3a611a77dcd086f52ca1e278108cfd0bf305cf34c34dd1e72e9934e0f94c1508c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 eea8b6d2d637c27b0fdc69b855b8bdcc
SHA1 5a069985e1c3688954ce6fa501a290d8b625fad4
SHA256 bee48e386149c51ea970f8d411a68c0855c9d863761c07833aeb888e11892973
SHA512 ba46e6e3270d7f5868be0d2d6ff4b158bf142c0ec1d60dcfd08406b9aaf09a20639bcc6cdc772613671af11c451cf1f72976f663b7a1b642262b13fe29a043c8

memory/1068-3870-0x00000000006C0000-0x00000000009BE000-memory.dmp

C:\Users\Admin\Downloads\Petya.A.exe

MD5 af2379cc4d607a45ac44d62135fb7015
SHA1 39b6d40906c7f7f080e6befa93324dddadcbd9fa
SHA256 26b4699a7b9eeb16e76305d843d4ab05e94d43f3201436927e13b3ebafa90739
SHA512 69899c47d0b15f92980f79517384e83373242e045ca696c6e8f930ff6454219bf609e0d84c2f91d25dfd5ef3c28c9e099c4a3a918206e957be806a1c2e0d3e99