Malware Analysis Report

2024-11-15 06:25

Sample ID 240706-whcahaxflq
Target ClientAppSettings.json
SHA256 d58416aa991d70de03d3d80c8ea1290107222cfa1d4d1714047f878b559d3c11
Tags
lumma spyware stealer
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

d58416aa991d70de03d3d80c8ea1290107222cfa1d4d1714047f878b559d3c11

Threat Level: Known bad

The file ClientAppSettings.json was found to be: Known bad.

Malicious Activity Summary

lumma spyware stealer

Lumma Stealer

Executes dropped EXE

Accesses cryptocurrency files/wallets, possible credential harvesting

Suspicious use of SetThreadContext

Enumerates physical storage devices

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SetWindowsHookEx

Suspicious use of FindShellTrayWindow

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Modifies registry class

Enumerates system info in registry

Checks SCSI registry key(s)

Suspicious use of AdjustPrivilegeToken

Modifies data under HKEY_USERS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-07-06 17:54

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-06 17:54

Reported

2024-07-06 17:57

Platform

win10v2004-20240704-en

Max time kernel

159s

Max time network

159s

Command Line

cmd /c C:\Users\Admin\AppData\Local\Temp\ClientAppSettings.json

Signatures

Lumma Stealer

stealer lumma

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Users\Admin\AppData\Local\Temp\tmptfxga5ww\update.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\tmp7eadhxqs\update.exe N/A

Accesses cryptocurrency files/wallets, possible credential harvesting

spyware

Enumerates physical storage devices

Checks SCSI registry key(s)

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A C:\Windows\system32\taskmgr.exe N/A
Key value queried \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000\FriendlyName C:\Windows\system32\taskmgr.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_DADY&Prod_HARDDISK\4&215468a5&0&000000 C:\Windows\system32\taskmgr.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133647621252786578" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\MACHINE\SOFTWARE\Classes\CLSID\{1f3427c8-5c10-4210-aa03-2ee45287d668}\Instance\ C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-1403246978-718555486-3105247137-1000_Classes\Local Settings C:\Windows\system32\cmd.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Users\Admin\AppData\Local\Temp\Temp1_setup.zip\setup\setup.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A
N/A N/A C:\Windows\system32\taskmgr.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4400 wrote to memory of 1396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1396 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1316 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 4948 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4400 wrote to memory of 1900 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\system32\cmd.exe

cmd /c C:\Users\Admin\AppData\Local\Temp\ClientAppSettings.json

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=110.0.5481.104 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ffe5140ab58,0x7ffe5140ab68,0x7ffe5140ab78

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1772 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=2292 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2860 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2876 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\110.0.5481.104\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=3668 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4692 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --mojo-platform-channel-handle=4832 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --mojo-platform-channel-handle=5000 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3364 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2636 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4260 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3376 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\AppData\Local\Temp\Temp1_setup.zip\setup\setup.exe

"C:\Users\Admin\AppData\Local\Temp\Temp1_setup.zip\setup\setup.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\tmptfxga5ww\update.exe

C:\Users\Admin\AppData\Local\Temp\tmptfxga5ww\update.exe

C:\Users\Admin\AppData\Local\Temp\tmptfxga5ww\update.exe

C:\Windows\system32\taskmgr.exe

"C:\Windows\system32\taskmgr.exe" /4

C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe

C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8

C:\Users\Admin\Downloads\setup\setup\setup.exe

"C:\Users\Admin\Downloads\setup\setup\setup.exe"

C:\Users\Admin\Downloads\setup\setup\setup.exe

"C:\Users\Admin\Downloads\setup\setup\setup.exe"

C:\Windows\system32\cmd.exe

C:\Windows\system32\cmd.exe /c C:\Users\Admin\AppData\Local\Temp\tmp7eadhxqs\update.exe

C:\Users\Admin\AppData\Local\Temp\tmp7eadhxqs\update.exe

C:\Users\Admin\AppData\Local\Temp\tmp7eadhxqs\update.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2924 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:2

C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe

C:\Windows\BitLockerDiscoveryVolumeContents\BitLockerToGo.exe

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2348 --field-trial-handle=1940,i,1032826322274619414,15088433151060237656,131072 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 138.32.126.40.in-addr.arpa udp
US 8.8.8.8:53 81.144.22.2.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
US 8.8.8.8:53 99.201.58.216.in-addr.arpa udp
US 8.8.8.8:53 202.187.250.142.in-addr.arpa udp
US 8.8.8.8:53 4.180.250.142.in-addr.arpa udp
US 8.8.8.8:53 clients2.google.com udp
GB 172.217.16.238:443 clients2.google.com udp
N/A 224.0.0.251:5353 udp
GB 172.217.16.238:443 clients2.google.com tcp
US 8.8.8.8:53 238.16.217.172.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 171.39.242.20.in-addr.arpa udp
US 8.8.8.8:53 0.205.248.87.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.111.133:443 avatars.githubusercontent.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 154.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
US 8.8.8.8:53 collector.github.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.113.21:443 collector.github.com tcp
US 140.82.113.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 74.204.58.216.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 21.113.82.140.in-addr.arpa udp
US 8.8.8.8:53 private-user-images.githubusercontent.com udp
US 185.199.108.133:443 private-user-images.githubusercontent.com tcp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
US 8.8.8.8:53 133.108.199.185.in-addr.arpa udp
US 8.8.8.8:53 objects.githubusercontent.com udp
DE 194.28.224.2:21 tcp
DE 194.28.224.2:52548 tcp
US 8.8.8.8:53 2.224.28.194.in-addr.arpa udp
US 8.8.8.8:53 30.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 bannngwko.shop udp
US 172.67.146.61:443 bannngwko.shop tcp
US 8.8.8.8:53 61.146.67.172.in-addr.arpa udp
US 172.67.146.61:443 bannngwko.shop tcp
US 172.67.146.61:443 bannngwko.shop tcp
US 172.67.146.61:443 bannngwko.shop tcp
US 172.67.146.61:443 bannngwko.shop tcp
US 172.67.146.61:443 bannngwko.shop tcp
DE 194.28.224.2:21 tcp
DE 194.28.224.2:52554 tcp
US 172.67.146.61:443 bannngwko.shop tcp
US 172.67.146.61:443 bannngwko.shop tcp
US 172.67.146.61:443 bannngwko.shop tcp
US 172.67.146.61:443 bannngwko.shop tcp
US 172.67.146.61:443 bannngwko.shop tcp
US 172.67.146.61:443 bannngwko.shop tcp

Files

\??\pipe\crashpad_4400_IQXSUCQDKBRJHXJV

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b211cf8459293fd400fc61320f6e31ae
SHA1 b3910950e7222bdd550544b3bc4b4095c6dc3904
SHA256 6bb393188e50458c3b7c14ce861f7d6a37d553a4fd2c67a7d4d37fdec7c7e176
SHA512 9eb11bc4a3413353c09c1e9a7e9eff9b45df289b515894d9e1ca710b5cf11ec9afe19e9272f6da2e476b21c5f0df5889943c4a7142a57247989d87355d47b402

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\26448488-a6c6-4932-be44-8046b9f6b82c.tmp

MD5 b684eb69db85440a95e91e4ef3868fef
SHA1 f0edf82a9206fb188a52e3c3f43b0bdadcfaf9ee
SHA256 bd3a7df28606bd899040db0f2b0c6fb4a853947c53eb8c17657194618bcb283a
SHA512 3b064bb53815c1b41726115b249a2eb6f90ed3371552cd0dd0fc91bcfaa38c5639f0b730dbc80007e0c1f67cdf835484c5c8201da2b4bb8aea9f86803fe45c4b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 30c12e49c97d8dc877bd94f2bb93089a
SHA1 2141c4f29beeb016541581e42a78f262c16794b4
SHA256 bbfdccb71cdf0165558ec0c3f2326efc9579c559f0abe1349305f42dadf1ea98
SHA512 5574d3a821ecfd9eabf6336fbdba9fdad25207251ee853728be6b6761b0f213e1cdd51c3a78ebfc5c7ac00664c640ea57be7c2e7e576c4ec9b7c9b2602efd300

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 c99bb59bcd1c7c798a74af330388bd5d
SHA1 c534429d7f45e12cc1393c29cb5a59a767904398
SHA256 2164db2d3799623c914d08c7dc8fd0564855f24c86cd0e92ea65efe0a60438ad
SHA512 be89d933b37414ff74b09f0425317fb8e7f27561c987cc9276a054962f14f3e2ddefecd518a8bcd9804d4f838be43c9ae66cf435fd54f47bb1d5dcc8458a6f39

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e243fa9aead0ae4b9837cf05ebf8af7f
SHA1 3f2c2bc0bc6d75c0f01c00c1f580f915604e0b86
SHA256 3b1fa0e0c0741b4844127dc03f5df36164c57df6bac026e034484b00ef8743e2
SHA512 8f11adaa6f48004fd619f87381d472a8f86a12002464dc9b452b16b326d68a5217a25435746eedb80429354955bbc0d9eb79a7b504562c1e661c8c308bbacbdc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 469230944097a0d7f355578be5345d12
SHA1 5bfede06e83aba45d68504e5b494faaa7dc99ebe
SHA256 76e38855f66dd2aac31d627092da0d243cb8b2535f06e2c8e32daa0d47e9c2f2
SHA512 16f8c4d211255bdeec7104def295e48135844c36526ddbccf2c128e0f6b50294380120281a0d767395f79f025827c6c9a33e9d91df8f45fbd87315fa3c8f0b37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 b031670b41d0f7441a311c98841928ad
SHA1 abed019c066a5a01b5709f4a192402f86bb9b9d3
SHA256 92443a92bd23f1922d9dcafd0d17e0ad87ed104294f7bc56c435a63572aef9ef
SHA512 b9293a1ccbac6489bf55ffdae946145b9f0cf7b0aec50d6578cbd45fdecf7eba273be98a135bff6860f88cbd4182917f292e6ac9b3f08f3f384dd6a3df20e474

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe58657b.TMP

MD5 ffd450fee1f47184a466ce47cc708a1e
SHA1 672ff9e669145c82784b1a2cdb0aa49a36602b68
SHA256 5de51d2dc79880bc7d7a0276d789d1776614cdf02df0826b444abb723d300e5d
SHA512 67a7fdea7d83afa4fd2aeddc143885b58afbfde91ae6e5f6548adafe18547baf560a5fce63cfa1a570ef9e42eaf74ef224481f7738cee4d79de01c116aade9a4

C:\Users\Admin\Downloads\setup.zip.crdownload

MD5 a1af1192eed791d7c1657202eaae7297
SHA1 e5e52b46b67d32609cb7ef961399336697f29d45
SHA256 b334f7430886e3ba64d87482182e23a6f028a0c744b12a9950fdeeacd67ee825
SHA512 1501a50f08d94b26ccd428958cf2b96705f733c749744993d04e7be1937c7f8b803a8de00fddd2c205f9cdd7f06ab6023790ff5e2ebd05f7fd83df324f4483ec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ced157b9831b1eb8ac69c55a5f432626
SHA1 63f1b0efd43a75d1e0786ad6a5f096369750a0ed
SHA256 40f39d81d7ef0beee371138d112c10f683710eb16009b89f539ce7218fbb5592
SHA512 642dd1debfa28da27896da54a7d0bac718e8920b8c2fd1f7785e9487d45bfec22a5fe040d5649bfe1a1c0277ddd6a0c1de08ba11b62914e477e924275f1e7cba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4eea611b0fd52838af8196ac0138648b
SHA1 8e5c587d96181f1b39c8e0f570449d6d36ab0ab0
SHA256 3b9780ee34bf758f3cdad609f261f9a9678983a3760d636171fea086b7048f5a
SHA512 2b20844fde0086a3553ba3102c859bdd6778bb2a5cc1d268ad16b75eeb19321098968b16a1481630f9f526f982212ed5c5cf47276977bd41bb86311536fe3193

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

MD5 90eefef6a12ccf2491e85a83d9c24a65
SHA1 3a4386912c4ff04fd9c5122b8c70da6569f1541a
SHA256 fbc41683fa79d86f74d926683dc2f36bdca6877e191fe8628b7c26d952a1a01f
SHA512 42a0971d1ed7cc401202d0220fb549eae2d67b2e25d4ec61c6ad2068295463ba418a4e5eac19125b953bd29e08173afdb1d945986bf2eaa4816cc998bdf0da10

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 d044a64734c2d0ce5520161a11e19500
SHA1 caf72a692fe90be208754693738c812e4d2c97fa
SHA256 4c271e31670342a92dd5a23fd388a9f2dbeace6856ccffab5da2ee79b8d9ea6e
SHA512 99f7791f27763891d1a25b34494226cec0187b744c907efc75f5af8c86e530d767eb0bcf7eb66da5d9b5c48bdafa6ebfb80bd9fa37d01ff63a7f121deecd9a0d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2c82b078d0b781612039e8bcc165f1f9
SHA1 8fe65093a4ad4d44281cf7d586c7aa6c44f60e94
SHA256 3f1b75d6d4d370e0a81983bf9cf5001dea7870c5e0edbcb2474eae66add590c5
SHA512 1b343be4a7b837d87e50c535e10aec15c2ec313db110644d9de2b043309effe3777acfb7bd3a02168e836e02fa5c9c41538365318a5b1f5512459b14277b27c3

C:\Users\Admin\AppData\Local\Temp\tmptfxga5ww\update.exe

MD5 0b7e6ef92b0cfa06d61ba19b250c3c7f
SHA1 1bfe28646c8b4e20e94926ea1987d64228095bfe
SHA256 15f779bef759b5566c409ab78d4fe244dc224c669cf3f67b0b93f89520261ae7
SHA512 2711d92c167ebbb060b2025062018ec67e4f39ed7783722b84ed145e32b7c1673341f993405070dea55ead256d38d6d97512d6087cb5685358f33fab4c906d2f

memory/4640-369-0x00007FFE519F0000-0x00007FFE51A1A000-memory.dmp

memory/4640-368-0x00007FF6C9840000-0x00007FF6CB6F0000-memory.dmp

memory/4488-370-0x00000220031C0000-0x00000220031C1000-memory.dmp

memory/4488-371-0x00000220031C0000-0x00000220031C1000-memory.dmp

memory/4488-372-0x00000220031C0000-0x00000220031C1000-memory.dmp

memory/4488-376-0x00000220031C0000-0x00000220031C1000-memory.dmp

memory/4488-382-0x00000220031C0000-0x00000220031C1000-memory.dmp

memory/4488-381-0x00000220031C0000-0x00000220031C1000-memory.dmp

memory/4488-380-0x00000220031C0000-0x00000220031C1000-memory.dmp

memory/4488-379-0x00000220031C0000-0x00000220031C1000-memory.dmp

memory/4488-378-0x00000220031C0000-0x00000220031C1000-memory.dmp

memory/4488-377-0x00000220031C0000-0x00000220031C1000-memory.dmp

memory/2604-387-0x0000000000C80000-0x0000000000CD7000-memory.dmp

memory/2604-390-0x0000000000C80000-0x0000000000CD7000-memory.dmp

memory/4848-388-0x00007FF63F640000-0x00007FF64035E000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

MD5 009b9a2ee7afbf6dd0b9617fc8f8ecba
SHA1 c97ed0652e731fc412e3b7bdfca2994b7cc206a7
SHA256 de607a2c68f52e15a104ead9ecbaa3e6862fdb11eac080e408ba4d69f1f7a915
SHA512 6161dd952ae140a8fb8aa5e33f06bc65fdc15ce3fbfe4c576dc2668c86bce4a1d5c1112caee014e5efa3698547faad3bc80ec253eedb43148e36e1a02ce89910

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

MD5 5708322279edbb147f83c76dab9e62c1
SHA1 b74374fd3489b681f60227d16409d4220afb3b04
SHA256 f154eef970f06c9873891568624d7a0495c50badb11dcf15e675124783d4d944
SHA512 fb218c902bb09979c2a532577bf5e837f2268b07e141c9ee62a70acc85777b973836dec474b4dec1cde2bf1e030601fe178486f0c524e6825d32c62c96719b4a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

MD5 46718f09588f37b78323e88f6dd473b0
SHA1 d7332feadfb335f112252fd4a4076ef339d14114
SHA256 fdaeb34e1c316d09f7e947deb27bd505f3aabca3526cdd9fb43e8158227eea43
SHA512 8e0858be915b1867bff04146338ac8182d8512c42be788352e5ce358f61e90509dc1d1596bd0ef94b4f8860af7809fe9e8f4d6db479ca4022674a1f517fca28f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

MD5 a830a6efc08ff6d11efe7801d9a443d7
SHA1 5c7e008c684b2a4d5f20bc6bcad1d4e17c6edc2d
SHA256 eece7d816c3c20434f3bb7d9efa2192ea1df529005226908fed90e705b8f425d
SHA512 95ae9fb19c67d324cb9232b919910691486cc11e343e7b38a15851ff9ce93e6aa75bc2984d50404061c8577a1aec105444fc21c5a95786eb760ef736dabd1db2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Reporting and NEL

MD5 867e123bcb3572aaad5c10240fc3be83
SHA1 9901a9e65e70bfa15e878438291cc374798d53e1
SHA256 a9cbed4d4c9de9300fca61b81b7e94dc6c5359080ec034bff96f7ca2b6f07925
SHA512 cf2783c1b721bc9d85879cfbe81f5831efe55ec8b937b033da6c9e96cf4a9840b734430c9037df78b11a117b4843038d1f78714af6e1a525e3cdb33008a63588

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000f

MD5 b64844536d46bdcb587ce47dfad8acd9
SHA1 484b23719e15111009ba4d83a1c97b0befa516a5
SHA256 09cd7e351b2241846801de43f710c5186af4ea2598faceab40120190989b4a33
SHA512 d8e06b7f81337ad0b8fba9141e172118a5b3cb7a298c5381b4f59c81ae87312aa869aa8fc1fd0b7e03bf68a8a1f3d937c2f4e359b75f94ca3db2e44da5cc7b5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000e

MD5 938dc31d2f35dc1246db9b2da3feb1e1
SHA1 4be7b831da6438258d5e66cac62f0fc8b16950ec
SHA256 2d3784c15029e41998ee878b333c1dfd23556964ffb6334c7f24e810a913bf90
SHA512 df07eec1b86ae76cb5ff2ba8b01a8152f2e6d4448be6ff7f11a68e6215712b9190a41e4c03c9dfad2a9266c88ef684b54e8de3a318d7d8c390ea2f52fc7ac102

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000d

MD5 ebb14f8ddf064a1c3407de603cfc3bda
SHA1 ec6ffea909c632de39c0907fe9b22896e77cf7e1
SHA256 e87c3131854fb59d9063ca472f491127584f987375cdb44f40b9bd5192370cc9
SHA512 a61b41289f8398abf3f9d6a3be3e4105bd490aec57917d4dc455947f9842667bb480b4df329f190d613e7e5cd8451a8eda6ada6a19c5e4c8af8ce1cc2f93a1ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 57f762b59d4a540b8c807855c8839de4
SHA1 ed86ae32eef69c8c08cefb75424e328c9f6d2f88
SHA256 208e03059a44119a94b1a5b69ea6daa3f0591bc64e7c8f81ff4dba3f151e9d10
SHA512 2bf1f27d62f39b68666edc5a5749b247e6c7edfdfec0bdeb404aedc52ec54dca7ca08a15431f4498b58c6e19f67b39a99c58f3c73f9fd3813c2f01fc67d508f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 8680ad8cc782b74ee7a15f0a042c76f1
SHA1 ec430c456dedd9a2360703a826491fcd69f6dd8b
SHA256 af745264049ea73c66c1dc7783e59fcfe94c0506337867380ae638e694cfe5e7
SHA512 7869afe9f737bc31a9c33b03014f4d5239cc48a798deabc0fdc835fd6736a99b17d181e57866ac960bbdb0d1e3e8610cf97bb01762435d8808ca56f1e74dc2be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

MD5 01088b35a7144b96e1c65db9ecf5aeab
SHA1 3d5b4a4fafdc3867adca4a4a640d6296bba06f82
SHA256 66616d0b8be2030b1f40d1da2a80bdf930172335226111b7965a4480bb584f1f
SHA512 bf639e6539792c3ebab0ddb646b795a1cb14e4359fe97726db69ba2e082debdb920c15d5eb96a552613ead61ee4320de0331c02aaba3f14dd83956cc7affba89

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

MD5 8fcb818bc23425964d10ac53464bf075
SHA1 396f40d25a7d38eed9730d97177cd0362f5af5d7
SHA256 8b56333cda4211c50ada778d598348b8a846d557ed9117d8b265e004db31e9f7
SHA512 6ec7588257bd1261f9b2876c3aa57fba2b6bdc33a2a68830c8d8d539f449c552cf6923a5e8afb5e665d12cad253a10d68ad665d9eb74ff8250c6daf2f61e6da8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

MD5 f817e737bd803df8a4f12c1937ab0d51
SHA1 24e172cdf9d4b77b0cb4c271aed4a7c9eba98fc9
SHA256 17b0202476b336c41e4108aa245ac863c3e19ef8c5e430fe112a0900f0a18802
SHA512 d417d62e0fdcdfa883d4ffb317546e7ac5258aac538cbfad4eb111b134839750a65c55b5230507ff6912ffd272c0eb6317bcdd95c38cfb81c63b8e85b1359346

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 0f3de113dc536643a187f641efae47f4
SHA1 729e48891d13fb7581697f5fee8175f60519615e
SHA256 9bef33945e76bc0012cdbd9941eab34f9472aca8e0ddbbaea52658423dc579f8
SHA512 8332bf7bd97ec1ebfc8e7fcf75132ca3f6dfd820863f2559ab22ac867aa882921f2b208ab76a6deb2e6fa2907bb0244851023af6c9960a77d3ad4101b314797f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

MD5 d7ff26e78ea2a2e4caf35ba779aeb43d
SHA1 2f023ba26ef838fc038851728cec296e7b00b936
SHA256 eafb740ac39eadc1d188c34eed6c0e56c75eed1ef8b273806b21f110420e483d
SHA512 a6073702a4b558e5ef867a7967538b0c6600f763a52ec9bb76f920819ae759de9e7296177c41bee4c3309f4add8403a276fdaa32ae84aab897ca6608bf824b5f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

MD5 8b36b954e5a8947dedbc720664fbccb7
SHA1 0310a60a8bbd7ac385b6e94aec8dee9aa05a6d24
SHA256 069b3e224154172e3c385b5ebbdde887253d596776b74b9fb2a326b875fb718e
SHA512 c2827251585fbb5e24bc38ef58822e8892d952c6e2a90743453502254550384cfcc9789858d66706c86f51c483fc28c23c796ba6285747689940460402b30f29

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

MD5 669b1563b95fce26d9ddc3c7e9bdc538
SHA1 275e4ae2606a0da908003b77ea06b24ea8b66214
SHA256 d46765072d87d9892a0f6f8f9849eafe0abecee9d662e99f8b45d8c5b22ac667
SHA512 09e066f5a1974927b2cb607a8b953f2732928c7347f65cdfcdb573170840562de6eae091a61108827b3ae0799c16bfbd41d858ee1a8bc57d9bb1fac814438302

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

MD5 f31a1ab9f483d9db21349522e39dd16e
SHA1 01a275d7fc1c4f578fa506c8e0bf9b7787dd4806
SHA256 463800c9ec072ae72a4f6fdc1f2f779c792cb7ceb6f57c7d1231eabefad2bd9d
SHA512 cab9bf13c36b854bef939e1d09c8d896caf1d7c20f6948f70f27eaf2869e49c8b9be728b4c95926ba869a987516a79d3193d416b0582b7570a58269c8caa7603

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

MD5 628ba8d31375849e0943894669cd033c
SHA1 4fa6d50a37fa2dadec892474d3e713ef9de2d8a1
SHA256 80e3440c312f921afe33a7d4a3d11d1d2dc7162f8f50b748b796f424441d10d6
SHA512 d4406493dc8767c479460f3039b038866549feebf392280384da08adbcad2e871720d046220cb67ebe3ab75c14e06a31df2fa7c0f2c17f91eda26ba0a709d27f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 5d4f18316d56a0bd3d32c33c75adc3f7
SHA1 cbaa299fca2e2f98741ff1acad6b681c3c089f3b
SHA256 19e429854c0cfdae2cd47bb8a333dcd860017e4e67d7e0c7ea53f8248b454d6d
SHA512 3661fbfcb2d0304daf1bfbdd8616ac255bc3f14a5d311a2a698127b5caf665dedb14b3706f09ecff434e50c5bc998e7df43e1992021bb3cf54572e3583d57706

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

MD5 538ad9e59a673264b8e5391fe07b647c
SHA1 dd4f372bb69ade55a1ceab979c822a3723a24b8e
SHA256 a3e64510fe5ec32cd49569ae126238b736dddf9e4845ee6741d112a90bba2469
SHA512 2179ae0e850a041a996028017ce31abac91ffc46cc8c1a1b7eabea22d353d0abf386fde8805a97915ee3caf23eec4bc26353a83242377e02a15de9240a226ef1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

MD5 bd2112a621cd61be49506ae4d266f66b
SHA1 1be5b13047c3f7e6405599361f366c909b096de7
SHA256 9b3c035a3f58e019bf2fccaa5d8754b9ddaae4b9e4954e166b7248ae51e07137
SHA512 ca9c61edc16e262dfa6c3ae531fc0ca5f77e1a531822c4381b2a979101b7de0a370803fab2e4202a927144f2157d062d4fa67bc88991e528f5e0da8c8e46628b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

MD5 ad57b7d925c8d029e80f69fb326c1640
SHA1 9dae645aefd7df83dffb8fd6000c1d249727687a
SHA256 72c0634d4767b16a498a54f245e104c773c52e8dc54ee144ba89252aba8d78a7
SHA512 a8a71803ab674a87a5a873cbbf8941b0434dbd846b5ef6299672950299393b5d968653f235bf09fc813e5639492533cedf2ea59a85db13d4a66cb808d19536fb

memory/4640-433-0x00007FFE519F0000-0x00007FFE51A1A000-memory.dmp

memory/4640-432-0x00007FF6C9840000-0x00007FF6CB6F0000-memory.dmp

memory/3564-452-0x00007FFE432D0000-0x00007FFE432FA000-memory.dmp

memory/3564-451-0x00007FF799BC0000-0x00007FF79BA70000-memory.dmp

memory/3620-455-0x0000000000C00000-0x0000000000C57000-memory.dmp

memory/3620-457-0x0000000000C00000-0x0000000000C57000-memory.dmp

memory/1996-456-0x00007FF6186E0000-0x00007FF6193FE000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Cookies

MD5 4fef7f899d2af2824b689bf0391940e8
SHA1 0e115b0bf17f777d3f6f0298e150ac4e11966aa7
SHA256 9a85530960b7daf37360777b51d3e35e6b3500b3cf8c7293ea3ee8065ee8f693
SHA512 b6a55cd2c42f62de856f9bc6130950b66ab7580fe9710fe94f2058066622b88ac389575852edec37f30d873bbf66a073308f89f592a6a716a95356c548836570

memory/4788-471-0x00007FFE432D0000-0x00007FFE432FA000-memory.dmp

memory/4788-470-0x00007FF799BC0000-0x00007FF79BA70000-memory.dmp

memory/3564-473-0x00007FFE432D0000-0x00007FFE432FA000-memory.dmp

memory/3564-472-0x00007FF799BC0000-0x00007FF79BA70000-memory.dmp

memory/4788-475-0x00007FFE432D0000-0x00007FFE432FA000-memory.dmp

memory/4788-474-0x00007FF799BC0000-0x00007FF79BA70000-memory.dmp