Malware Analysis Report

2024-09-11 01:19

Sample ID 240720-zmpm6swhlg
Target ransomware_notes-main.zip
SHA256 3404fd569d0704f96ae32f8deb46a557b84c17a549e7878d68b0958c09d5f7f0
Tags
ransomware atomsilo medusalocker quantum avaddon
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK Matrix

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

3404fd569d0704f96ae32f8deb46a557b84c17a549e7878d68b0958c09d5f7f0

Threat Level: Known bad

The file ransomware_notes-main.zip was found to be: Known bad.

Malicious Activity Summary

ransomware atomsilo medusalocker quantum avaddon

Avaddon

Medusalocker family

Quantum family

Atomsilo family

Drops file in System32 directory

Drops file in Windows directory

Program crash

Suspicious use of FindShellTrayWindow

Checks processor information in registry

Modifies registry class

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious behavior: EnumeratesProcesses

NTFS ADS

Suspicious use of SendNotifyMessage

Modifies data under HKEY_USERS

Enumerates system info in registry

Modifies Internet Explorer settings

Suspicious use of SetWindowsHookEx

Suspicious use of WriteProcessMemory

MITRE ATT&CK Matrix V13

Initial Access
TA0001
Execution
TA0002
Persistence
TA0003
Privilege Escalation
TA0004
Defense Evasion
TA0005
Modify Registry
T1112
Credential Access
TA0006
Discovery
TA0007
Query Registry
T1012
System Information Discovery
T1082
Lateral Movement
TA0008
Collection
TA0009
Exfiltration
TA0010
Command and Control
TA0011
Impact
TA0040
Resource Development
TA0042
Reconnaissance
TA0043

Analysis: static1

Detonation Overview

Reported

2024-07-20 20:50

Signatures

Atomsilo family

atomsilo

Medusalocker family

medusalocker

Quantum family

quantum

Analysis: behavioral1

Detonation Overview

Submitted

2024-07-20 20:50

Reported

2024-07-20 21:18

Platform

win11-20240709-en

Max time kernel

1514s

Max time network

1507s

Command Line

C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\ransomware_notes-main.zip

Signatures

Avaddon

ransomware avaddon

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Program crash

Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\mshta.exe
N/A N/A C:\Windows\SysWOW64\WerFault.exe C:\Windows\SysWOW64\mshta.exe

Checks processor information in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0 C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\CentralProcessor\0\~MHz C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3666881604-935092360-1617577973-1000\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_BROWSER_EMULATION C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133659824538699620" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-3666881604-935092360-1617577973-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3666881604-935092360-1617577973-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3666881604-935092360-1617577973-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-3666881604-935092360-1617577973-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\ransomware_notes-main.zip:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: EnumeratesProcesses

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A
N/A N/A C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe N/A
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 3332 wrote to memory of 2736 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2736 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 4292 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2200 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2200 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 3332 wrote to memory of 2060 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Windows\Explorer.exe

C:\Windows\Explorer.exe /idlist,,C:\Users\Admin\AppData\Local\Temp\ransomware_notes-main.zip

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.106 --initial-client-data=0x10c,0x110,0x114,0xe8,0x118,0x7ffc66cfcc40,0x7ffc66cfcc4c,0x7ffc66cfcc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1792,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=1788 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2120,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2132 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2196,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=2212 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3096,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3128 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3132,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3392 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.106\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4380,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4428 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4736,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4744 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4804,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4828 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4268,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4800 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3336,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3128 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=3472,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3432 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=4500,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4528 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4936,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4844 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4656,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3260 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4556,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3392 /prefetch:8

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\abysslocker\WhatHappened.txt

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\8base\8base_note.txt

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\3am\RECOVER-FILES.txt

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\alphv\alphv1.txt

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\alphv\alphv2.txt

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\alphv\alphv3.txt

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\alphv\JX34qQm7.txt

C:\Windows\SysWOW64\mshta.exe

"C:\Windows\SysWOW64\mshta.exe" "C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\atomsilo\atomsilo.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}

C:\Windows\SysWOW64\werfault.exe

werfault.exe /h /shared Global\b12704c7fde94bd7a604d9eaf022fdc3 /t 1584 /p 2996

C:\Windows\SysWOW64\mshta.exe

"C:\Windows\SysWOW64\mshta.exe" "C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\atomsilo\atomsilo.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}

C:\Windows\SysWOW64\werfault.exe

werfault.exe /h /shared Global\b1fd4b15f17e4c94921872a5cde70381 /t 4684 /p 932

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\lockbit\[id].README.txt

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\lockbit\lockbit2.txt

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\lockbit\lockbit3.txt

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\blackhunt\#BlackHunt_ReadMe.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc78053cb8,0x7ffc78053cc8,0x7ffc78053cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1876,13307361598798114181,14483251301372421345,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1896 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1876,13307361598798114181,14483251301372421345,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2288 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1876,13307361598798114181,14483251301372421345,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2544 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,13307361598798114181,14483251301372421345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,13307361598798114181,14483251301372421345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3140 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1876,13307361598798114181,14483251301372421345,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4688 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1876,13307361598798114181,14483251301372421345,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5268 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,13307361598798114181,14483251301372421345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4680 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,13307361598798114181,14483251301372421345,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4924 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,13307361598798114181,14483251301372421345,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5400 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1876,13307361598798114181,14483251301372421345,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5360 /prefetch:1

C:\Windows\SysWOW64\mshta.exe

"C:\Windows\SysWOW64\mshta.exe" "C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\crytox\crytox.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}

C:\Windows\SysWOW64\mshta.exe

"C:\Windows\SysWOW64\mshta.exe" "C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\crytox\crytox.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}

C:\Windows\SysWOW64\werfault.exe

werfault.exe /h /shared Global\d6d10c55df984df4a0034c889f407684 /t 4696 /p 4276

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\dagonlocker\dagonlocker.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x108,0x10c,0x110,0xe4,0x114,0x7ffc78053cb8,0x7ffc78053cc8,0x7ffc78053cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1844,16113661100102843941,13259221780942039761,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1860 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1844,16113661100102843941,13259221780942039761,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2296 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1844,16113661100102843941,13259221780942039761,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2520 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,16113661100102843941,13259221780942039761,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3144 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1844,16113661100102843941,13259221780942039761,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3176 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1844,16113661100102843941,13259221780942039761,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5036 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1844,16113661100102843941,13259221780942039761,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5320 /prefetch:8

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\darkpower\readme.pdf"

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=16514043

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=0A568C19BEA875A76A689966EE5A1E73 --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=0A568C19BEA875A76A689966EE5A1E73 --renderer-client-id=2 --mojo-platform-channel-handle=1792 --allow-no-sandbox-job /prefetch:1

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=0D361FEC7C5C42D281B4E2E65F149A5B --mojo-platform-channel-handle=1800 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=226409E19AB57952F9C5FE75C2804258 --mojo-platform-channel-handle=2360 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=0E84FB04BB046434A7E49B2E6EC4BC58 --mojo-platform-channel-handle=2136 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=renderer --disable-browser-side-navigation --disable-gpu-compositing --service-pipe-token=45333619E6B945A1090F2D421C1B679E --lang=en-US --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --enable-pinch --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --enable-gpu-async-worker-context --content-image-texture-target=0,0,3553;0,1,3553;0,2,3553;0,3,3553;0,4,3553;0,5,3553;0,6,3553;0,7,3553;0,8,3553;0,9,3553;0,10,3553;0,11,3553;0,12,3553;0,13,3553;0,14,3553;0,15,3553;0,16,3553;0,17,3553;0,18,3553;1,0,3553;1,1,3553;1,2,3553;1,3,3553;1,4,3553;1,5,3553;1,6,3553;1,7,3553;1,8,3553;1,9,3553;1,10,3553;1,11,3553;1,12,3553;1,13,3553;1,14,3553;1,15,3553;1,16,3553;1,17,3553;1,18,3553;2,0,3553;2,1,3553;2,2,3553;2,3,3553;2,4,3553;2,5,3553;2,6,3553;2,7,3553;2,8,3553;2,9,3553;2,10,3553;2,11,3553;2,12,3553;2,13,3553;2,14,3553;2,15,3553;2,16,3553;2,17,3553;2,18,3553;3,0,3553;3,1,3553;3,2,3553;3,3,3553;3,4,3553;3,5,3553;3,6,3553;3,7,3553;3,8,3553;3,9,3553;3,10,3553;3,11,3553;3,12,3553;3,13,3553;3,14,3553;3,15,3553;3,16,3553;3,17,3553;3,18,3553;4,0,3553;4,1,3553;4,2,3553;4,3,3553;4,4,3553;4,5,3553;4,6,3553;4,7,3553;4,8,3553;4,9,3553;4,10,3553;4,11,3553;4,12,3553;4,13,3553;4,14,3553;4,15,3553;4,16,3553;4,17,3553;4,18,3553;5,0,3553;5,1,3553;5,2,3553;5,3,3553;5,4,3553;5,5,3553;5,6,3553;5,7,3553;5,8,3553;5,9,3553;5,10,3553;5,11,3553;5,12,3553;5,13,3553;5,14,3553;5,15,3553;5,16,3553;5,17,3553;5,18,3553;6,0,3553;6,1,3553;6,2,3553;6,3,3553;6,4,3553;6,5,3553;6,6,3553;6,7,3553;6,8,3553;6,9,3553;6,10,3553;6,11,3553;6,12,3553;6,13,3553;6,14,3553;6,15,3553;6,16,3553;6,17,3553;6,18,3553 --disable-accelerated-video-decode --service-request-channel-token=45333619E6B945A1090F2D421C1B679E --renderer-client-id=6 --mojo-platform-channel-handle=2480 --allow-no-sandbox-job /prefetch:1

C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe

"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --type=gpu-process --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --gpu-preferences=GAAAAAAAAAAAB4AAAQAAAAAAAAAAAGAA --use-gl=swiftshader-webgl --gpu-vendor-id=0x1234 --gpu-device-id=0x1111 --gpu-driver-vendor="Google Inc." --gpu-driver-version=3.3.0.2 --gpu-driver-date=2017/04/07 --disable-pack-loading --lang=en-US --log-file="C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\debug.log" --log-severity=disable --product-version="ReaderServices/19.10.20064 Chrome/64.0.3282.119" --service-request-channel-token=AAB7466FA85AB88A8B681632A39BBF55 --mojo-platform-channel-handle=2776 --allow-no-sandbox-job --ignored=" --type=renderer " /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\donut\d0nut.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc78053cb8,0x7ffc78053cc8,0x7ffc78053cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,7566721267194771710,17344606321745949127,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1948 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,7566721267194771710,17344606321745949127,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2320 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,7566721267194771710,17344606321745949127,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2540 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7566721267194771710,17344606321745949127,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7566721267194771710,17344606321745949127,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3324 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,7566721267194771710,17344606321745949127,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4844 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,7566721267194771710,17344606321745949127,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5008 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7566721267194771710,17344606321745949127,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7566721267194771710,17344606321745949127,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5292 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7566721267194771710,17344606321745949127,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3208 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7566721267194771710,17344606321745949127,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3388 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7566721267194771710,17344606321745949127,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3668 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,7566721267194771710,17344606321745949127,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4896 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\esxiargs\How to Restore Your Files.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc78053cb8,0x7ffc78053cc8,0x7ffc78053cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1900,6766544574747211028,11428948970772982876,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1916 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1900,6766544574747211028,11428948970772982876,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1900,6766544574747211028,11428948970772982876,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2544 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,6766544574747211028,11428948970772982876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1900,6766544574747211028,11428948970772982876,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3224 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1900,6766544574747211028,11428948970772982876,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4932 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1900,6766544574747211028,11428948970772982876,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3900 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\ftcode\ftcode.htm

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc78053cb8,0x7ffc78053cc8,0x7ffc78053cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2016,8503918190706394745,9399742394998562874,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2028 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2016,8503918190706394745,9399742394998562874,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2100 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2016,8503918190706394745,9399742394998562874,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2624 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,8503918190706394745,9399742394998562874,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3236 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,8503918190706394745,9399742394998562874,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3272 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2016,8503918190706394745,9399742394998562874,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5104 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,8503918190706394745,9399742394998562874,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5108 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,8503918190706394745,9399742394998562874,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5128 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2016,8503918190706394745,9399742394998562874,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3464 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,8503918190706394745,9399742394998562874,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4964 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2016,8503918190706394745,9399742394998562874,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5048 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\h0lygh0st\h0lygh0st.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc78053cb8,0x7ffc78053cc8,0x7ffc78053cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1908,10669748468959418797,17602233734160687787,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1916 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1908,10669748468959418797,17602233734160687787,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2144 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1908,10669748468959418797,17602233734160687787,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2520 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,10669748468959418797,17602233734160687787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3180 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1908,10669748468959418797,17602233734160687787,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3188 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1908,10669748468959418797,17602233734160687787,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4832 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1908,10669748468959418797,17602233734160687787,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5256 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\inc\INC-README.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc78053cb8,0x7ffc78053cc8,0x7ffc78053cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,12300328067185762105,18387257122544073362,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1932 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,12300328067185762105,18387257122544073362,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,12300328067185762105,18387257122544073362,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2516 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12300328067185762105,18387257122544073362,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3168 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,12300328067185762105,18387257122544073362,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3192 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1912,12300328067185762105,18387257122544073362,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5184 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\jaff\ReadMe.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc78053cb8,0x7ffc78053cc8,0x7ffc78053cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1912,9660783184046813363,6410721793824859918,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1944 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1912,9660783184046813363,6410721793824859918,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2072 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1912,9660783184046813363,6410721793824859918,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2596 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9660783184046813363,6410721793824859918,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3212 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1912,9660783184046813363,6410721793824859918,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3228 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1912,9660783184046813363,6410721793824859918,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4012 /prefetch:8

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\karma\KARMA-ENCRYPTED.txt

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\lorenz\HELP_SECURITY_EVENT.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc78053cb8,0x7ffc78053cc8,0x7ffc78053cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,16077783915417283726,11704212092342545824,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=2040 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2024,16077783915417283726,11704212092342545824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2104 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2024,16077783915417283726,11704212092342545824,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,16077783915417283726,11704212092342545824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3284 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=2024,16077783915417283726,11704212092342545824,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3320 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=2024,16077783915417283726,11704212092342545824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4176 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=2024,16077783915417283726,11704212092342545824,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5364 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\medusalocker\HOW_TO_RECOVER_DATA.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc78053cb8,0x7ffc78053cc8,0x7ffc78053cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1964,12569060469756867062,3135864348079385223,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1980 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1964,12569060469756867062,3135864348079385223,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2064 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1964,12569060469756867062,3135864348079385223,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2840 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,12569060469756867062,3135864348079385223,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3280 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1964,12569060469756867062,3135864348079385223,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3296 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1964,12569060469756867062,3135864348079385223,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5072 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1964,12569060469756867062,3135864348079385223,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5172 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\quantumlocker\quantumlocker.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc78053cb8,0x7ffc78053cc8,0x7ffc78053cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1848,5034281956319789104,13598704396417776480,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1864 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1848,5034281956319789104,13598704396417776480,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2036 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1848,5034281956319789104,13598704396417776480,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2556 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,5034281956319789104,13598704396417776480,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3256 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1848,5034281956319789104,13598704396417776480,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3288 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1848,5034281956319789104,13598704396417776480,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4988 /prefetch:8

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\ragnarlocker\ragnarlocker1.txt

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\ragnarlocker\!_^_README_NOTES_RAGNAR_^_!.txt

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\relic\UNLOCK_FILES.[hex_chars].HTML

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc78053cb8,0x7ffc78053cc8,0x7ffc78053cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1936,18316201626339690942,11999103692586258572,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1892 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1936,18316201626339690942,11999103692586258572,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2164 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1936,18316201626339690942,11999103692586258572,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2692 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,18316201626339690942,11999103692586258572,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3316 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,18316201626339690942,11999103692586258572,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3336 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,18316201626339690942,11999103692586258572,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4928 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,18316201626339690942,11999103692586258572,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=4956 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,18316201626339690942,11999103692586258572,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3448 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1936,18316201626339690942,11999103692586258572,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3424 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1936,18316201626339690942,11999103692586258572,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=4956 /prefetch:8

C:\Windows\SysWOW64\mshta.exe

"C:\Windows\SysWOW64\mshta.exe" "C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\risen\Risen_Guide.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 444 -p 5400 -ip 5400

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5400 -s 1280

C:\Windows\SysWOW64\mshta.exe

"C:\Windows\SysWOW64\mshta.exe" "C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\risen\Risen_Guide2.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -pss -s 480 -p 5592 -ip 5592

C:\Windows\SysWOW64\WerFault.exe

C:\Windows\SysWOW64\WerFault.exe -u -p 5592 -s 1208

C:\Windows\system32\NOTEPAD.EXE

"C:\Windows\system32\NOTEPAD.EXE" C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\risen\Risen_Note.txt

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --single-argument C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\suncrypt\suncrypt.html

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=90.0.4430.212 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=90.0.818.66 --initial-client-data=0x100,0x104,0x108,0xdc,0x10c,0x7ffc78053cb8,0x7ffc78053cc8,0x7ffc78053cd8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=1832,13962244157227639879,4471403043505240389,131072 --gpu-preferences=SAAAAAAAAADgAAAwAAAAAAAAAAAAAAAAAABgAAAAAAAoAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAB4AAAAAAAAAHgAAAAAAAAAKAAAAAQAAAAgAAAAAAAAACgAAAAAAAAAMAAAAAAAAAA4AAAAAAAAABAAAAAAAAAAAAAAAAUAAAAQAAAAAAAAAAAAAAAGAAAAEAAAAAAAAAABAAAABQAAABAAAAAAAAAAAQAAAAYAAAAIAAAAAAAAAAgAAAAAAAAA --mojo-platform-channel-handle=1856 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=1832,13962244157227639879,4471403043505240389,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2052 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=1832,13962244157227639879,4471403043505240389,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2564 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,13962244157227639879,4471403043505240389,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3196 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,13962244157227639879,4471403043505240389,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3264 /prefetch:1

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\90.0.818.66\identity_helper.exe" --type=utility --utility-sub-type=winrt_app_id.mojom.WinrtAppIdService --field-trial-handle=1832,13962244157227639879,4471403043505240389,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=5076 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --field-trial-handle=1832,13962244157227639879,4471403043505240389,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=3912 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,13962244157227639879,4471403043505240389,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3912 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,13962244157227639879,4471403043505240389,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,13962244157227639879,4471403043505240389,131072 --lang=en-US --disable-client-side-phishing-detection --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=3368 /prefetch:1

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=renderer --field-trial-handle=1832,13962244157227639879,4471403043505240389,131072 --lang=en-US --disable-client-side-phishing-detection --instant-process --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --no-v8-untrusted-code-mitigations --mojo-platform-channel-handle=5520 /prefetch:1

C:\Windows\SysWOW64\mshta.exe

"C:\Windows\SysWOW64\mshta.exe" "C:\Users\Admin\Downloads\ransomware_notes-main\ransomware_notes-main\trigona\how_to_decrypt.hta" {1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}{1E460BD7-F1C3-4B2E-88BF-4E770A288AF5}

C:\Windows\SysWOW64\werfault.exe

werfault.exe /h /shared Global\d8a357bf1afa4232bf787dc906c8ff2e /t 1772 /p 932

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=4288,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=400 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=3760,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5428 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=4420,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5320 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=5124,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4764 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4512,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3748 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=5372,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3380 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=23 --field-trial-handle=5420,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3080 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --field-trial-handle=4348,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5732 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=5808,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=3324 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --field-trial-handle=3380,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5344 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --field-trial-handle=3448,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=4524 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --field-trial-handle=6136,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=5784 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --field-trial-handle=6028,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=1440 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --field-trial-handle=5968,i,9566829646987077097,12503166814802742843,262144 --variations-seed-version=20240709-050124.519000 --mojo-platform-channel-handle=1448 /prefetch:1

Network

Country Destination Domain Proto
US 8.8.8.8:53 3.178.250.142.in-addr.arpa udp
US 8.8.8.8:53 www.google.com udp
GB 142.250.180.4:443 www.google.com udp
GB 142.250.180.4:443 www.google.com tcp
GB 142.250.200.14:443 clients2.google.com udp
GB 142.250.200.14:443 clients2.google.com tcp
N/A 224.0.0.251:5353 udp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.108.133:443 user-images.githubusercontent.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
US 185.199.109.154:443 github.githubassets.com tcp
GB 216.58.204.74:443 content-autofill.googleapis.com tcp
US 140.82.112.21:443 collector.github.com tcp
US 140.82.112.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 216.58.204.74:443 content-autofill.googleapis.com udp
GB 20.26.156.216:443 codeload.github.com tcp
US 140.82.114.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 140.82.114.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 69.164.217.35:443 bootstrapstudio.io tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 api.github.com udp
US 8.8.8.8:53 collector.github.com udp
US 140.82.112.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 collector.github.com udp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.111.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 133.111.199.185.in-addr.arpa udp
GB 142.250.187.234:443 content-autofill.googleapis.com udp
US 104.244.42.129:443 twitter.com tcp
US 104.244.42.129:443 twitter.com tcp
US 104.244.42.193:443 x.com tcp
US 104.244.42.194:443 api.twitter.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
PL 93.184.221.165:443 t.co tcp
GB 151.101.188.159:443 pbs.twimg.com tcp
US 104.244.42.130:443 api.x.com tcp
US 8.8.8.8:53 193.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 165.221.184.93.in-addr.arpa udp
US 8.8.8.8:53 159.188.101.151.in-addr.arpa udp
US 8.8.8.8:53 194.42.244.104.in-addr.arpa udp
US 8.8.8.8:53 130.42.244.104.in-addr.arpa udp
US 152.199.21.141:443 abs.twimg.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
US 152.199.21.141:443 abs.twimg.com tcp
GB 199.232.56.158:443 video.twimg.com tcp
US 104.244.43.131:443 abs-0.twimg.com tcp
US 104.244.42.130:443 api.x.com tcp
US 104.244.42.130:443 api.x.com tcp
US 151.101.130.49:443 bazaar.abuse.ch tcp
GB 142.250.180.4:443 www.google.com tcp
NL 108.177.127.84:443 accounts.google.com tcp
GB 142.250.180.4:443 www.google.com tcp
NL 108.177.127.84:443 accounts.google.com udp
GB 142.250.187.234:443 content-autofill.googleapis.com tcp
GB 142.250.180.4:443 www.google.com udp
NL 108.177.127.84:443 accounts.google.com tcp
GB 23.52.176.139:443 appleid.cdn-apple.com tcp
GB 142.250.200.46:443 play.google.com tcp
GB 142.250.200.46:443 play.google.com udp
PL 93.184.220.70:443 pbs.twimg.com tcp
PL 93.184.220.70:443 pbs.twimg.com tcp
GB 199.232.56.157:443 static.ads-twitter.com tcp
PL 93.184.221.165:443 t.co tcp
PL 93.184.221.165:443 t.co tcp
US 104.244.42.3:443 analytics.x.com tcp
US 104.244.42.3:443 analytics.x.com tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
PL 93.184.221.165:443 t.co tcp
PL 93.184.221.165:443 t.co tcp
US 104.18.7.192:443 samples.vx-underground.org tcp
US 104.18.7.192:443 samples.vx-underground.org tcp
GB 142.250.180.4:443 www.google.com udp
US 8.8.8.8:53 54.120.234.20.in-addr.arpa udp
US 8.8.8.8:53 88.156.103.20.in-addr.arpa udp
US 104.18.19.77:443 tria.ge tcp
US 140.82.114.21:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp

Files

\??\pipe\crashpad_3332_HCXNEFSEYICWFUUN

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 186668df3b4f45c51983819fddf87d51
SHA1 f137985ead2bcc2db1eeba3c5ac5ff0a365b9e5e
SHA256 9b505fc2e0c0adb731b08ec026a0494b48534f629344ffe66f65fd8884b6c069
SHA512 6d7f3c185c278888afd3d96b6167f53ae4931a1d2a52adce8c4c1264fef4244ced5ca448576c67cbf36104b5bb104a93df23f07ee16d579e1d7c3a00d3c55eaf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 88b2d623647f8e3a2a550d5c0e593201
SHA1 279742d640953032093694cd5cebe324315b8544
SHA256 17f6ae5136de0941d8dfa97cfc6e988175a8b9d4a68b9375b7a86b538287bce9
SHA512 7fc772ae8728f59061b3de35f988378fc58f1c34601dde0afed4b9cba6bd40f93d106117c97a969bd2165f6ea3e17541f711fb2aca41592f9562a0a8018ba5d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4c8f467fd9b133e33bb13a0da3bb4ede
SHA1 a7337351a7cc4ddc5d942a525802edc66896b617
SHA256 dfb67ce755ff6deba6f4c43c266f9af8236d63249f3730efd69a592e370c9e8f
SHA512 fd08cd5f442c1bed7d89f7b269f54f44dc01d7f7cbf5159355a893614a60257f42ccc49f19121ddd095d914b588978ac2c0a21c58c70fab1a565fc654e98e6cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 15d63b4f70b5feb11e40c41528060173
SHA1 9bc595feed62abf40630a49382c009b8d7da7659
SHA256 4acf32f5febf643417ec184a8fb01093634dd346ee2869f87a4aa70d3645f631
SHA512 72eb4df6267b4c6764f6786d774fe7d2ef3d476b60ace45cc57a3e30932684b9a2fd84aba829e45b92dfe52c6645be385f43ecf90d4e9ca5e12ff0a97e8ce7df

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

MD5 2cdffed1227ecb08daaacf2f9c1ff3eb
SHA1 6fa463fe80c5747592101cd0894eecfd20b27e55
SHA256 b4b2cd526b9f4273aa058fe21fb1e62d45d402dc0d124fd9428f6d86baaa5ca5
SHA512 3266059b6890532792ea2d189d58ee3d88dc6f811c50ce8a304bbae2a95b69ff3c9cf2e1e330498c961d7775c012e1dfbebdc2039deb3fd430120a2f8ec54434

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

MD5 151fb811968eaf8efb840908b89dc9d4
SHA1 7ec811009fd9b0e6d92d12d78b002275f2f1bee1
SHA256 043fd8558e4a5a60aaccd2f0377f77a544e3e375242e9d7200dc6e51f94103ed
SHA512 83aface0ab01da52fd077f747c9d5916e3c06b0ea5c551d7d316707ec3e8f3f986ce1c82e6f2136e48c6511a83cb0ac67ff6dc8f0e440ac72fc6854086a87674

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 593bbf398944aa23898e322b82bc4f9f
SHA1 c3fd605354057d08ca6f2568b12d7774a8685388
SHA256 aff7bef0599be0f5f438a4a27b062f6224f4bb4f11d470dcbc32952d94162895
SHA512 84d958ad1be53a0af2e5cfde93ce45dfc1b8f73856e128b4d7c0fc962a105e585915035b46311ee06967b23ddac0f3f6818a8d393f67b04ab6b0d0dd37ebed40

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 441b568cf61cf8314dc2e805db9033c3
SHA1 28711dda76aca14d839ebceeba884be331c143eb
SHA256 d50e25d3ffff273de9a30fc358d954ad6cf4a4bf7dadddd1129cd129c3affe9e
SHA512 aa2db2909607a80bdedee7bf3b1e1e405654e4233439e234d033f3a0e821fad1515ae656d3f624cf351d85508b218f771725687efe4455ec380a0142b2010565

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0c29297abf4817a2cca5d2148ea7a5f4
SHA1 c17be3401f35f549845912c9beac0effa03cc834
SHA256 511ecebe5645e7b9d04b78bf56b35b28973e3bfd8562b1052b4b9d69969776b6
SHA512 f57b9d0afad010c81adb7a4d8b215d9728fba254e1fa1695316b3d86bf830154a615eb5f46ca2ecde6d196455bd120db320402315bd0dad8c4d2abcead2250b2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce210caa09792e7a5033f365929092f7
SHA1 3d8f3bff9b46c8ddd34587c06e38442783b4a096
SHA256 1425b6c4e4991d9c891fb1d76a25f3bf2788541309843346324849c708c48e79
SHA512 064d22b287701e993c082221e4e7e49860dd23fe981dac130d63c3d802673c2816016f7328b9a0fb78f553d87fcb6b075dcdc4fdb31e4e69c7beadfd872094d7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 0ab7caccc81817c5666c036b1e4801c9
SHA1 109621a48926d57d04fa850216523cf65c67a28c
SHA256 2646be29e4ce42183ab0e00a2282099c29127f413775a90dd1942e742e9487c1
SHA512 f5652684dbefa9bc8f3cc65c43873b95d63192f064b3d93454a8bc737ce1bbed773b9269529b4729f852fb7b5bd548b403b2caab05e56b84a17aae69bcaea8f9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b9a1e4ad64e53a25306afa81697960cc
SHA1 e7554bc92db8154a041d9e0ae29a9de95f017664
SHA256 cdfa2d186a4afffca5efa2b9ec43c487e87d95fb198517cc4662f58760546731
SHA512 d23eaff46f2f49654875ad77315fabd50fe982c89beb390c314bcee0d89358af7bdfd0512527d3dc6375bc7a58e8ae953167c1876d04a893542bf87bae9f63e8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 08c012a2c177a9f266ccdacca3cb0197
SHA1 0af90f2336d45cea2e07a626b2f28e1c6914549e
SHA256 2107cbdb08cb5397be7378ff1d958a06d1bbd3f3582da03ba80063d77f6f42bc
SHA512 ed703b07171241f17eb7d06f035f6a9da8c244640dbc80dadd4ca9d7e6302b131aff8ca0a5fa6b149df04ebd54a55d85e956377ea94c26fe229e7c082a3f3fa9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 da89d0d8861f7c77e4aa69acc681c594
SHA1 b58d9d657437c4e90c3d72035b6c0f37d3a0aa2e
SHA256 14fee0c1ab0d84e487a6c18c3e2a898fdb49a06d37b6bb6c60c0695abd29e942
SHA512 345612413862d569d1b1ea4762e67094a4a39c8102dae02a39e322215561b006de56fd08e2bffa645a5617d91dc37512cec4363396d65b7f24e7094bc49ed7fe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3c3858f494e09b93_0

MD5 04c062434e80a1a3856a6a46a3d8c920
SHA1 e0fdb2a99cda0e8d884e12e6a6d44c6f0218056f
SHA256 bc7c526bb6181bf2cea31e4b29d1ce666a95939d3be2375824f98078771c49ee
SHA512 eade76c20ffdbb264c791da7eaf00e9720fc94423eddaa803ded75c539504f0e3879523f7440d3d41b8542450df83cf1a81ef2279b88d66609c8254f3efc7769

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\247acdde58c7b15f_0

MD5 059a16242bd8182effce91ac1722ea7d
SHA1 2814ce6bba357b41bf12f65407ddb6ef6b09e1d7
SHA256 ca06ca1cb18e44d5fa5e4fcf3945bab49aa1be9f248316c1b69060bf22878541
SHA512 13fef5ae61b35c97778ff2f035f02941633aa697d6b62322c65d3495fd0ad78ef2fec634c7988e863f41a1893a5038da33dbca941dc11defca52db6d2ec9f843

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6eec41c981f1aed0118b9538d359c6a3
SHA1 a3be1b30b4acb0f5620e03415fc7f9ba8abe383e
SHA256 6b50c943864a91a78866c918aff7cb8818aa3c7012fb1a4c49e1ef215b1af0b2
SHA512 9b7325206a9c0ee78434f510d1127b4cd192cfaf961298fe6a400ab97cb0570e2198529d81234f0d98bd41abea39c825820983afd060c07cf6fb23d3744955e6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 30bb70c928ed3c6377867cdf9923d942
SHA1 3caa867082d631373cca0e3bb506b7869ea9ec01
SHA256 7eb95b4993ae15875f0c39c603ca2ab020479b89d0f84fee2048de7093807d43
SHA512 4a427c0314d0fdb37dfa847fa06638f535267770672bfde16b6d6fc086a0d1a6659cfc59d45f6d2f52455d1bed5dad8f4ef932894bc3daac0b60ca2b555b531f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b74821dd8349ae4288e4f447d2f57e45
SHA1 06798090e06f5caa49119d282ed3a77d5dd70efb
SHA256 104441cc0a2ee1de8bac57f881c3abdd51655a8cd2c939fce42657cc41a9ea88
SHA512 303477542b69abc88b8645e8088e7319985c8f20396534cfe56d8411fd807dbfaeb6dd68825821f98baeefa611d09623df4d57c24a466300494e35c884249c85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a2bc4251fba213af4abf676fcc18a679
SHA1 e8d9798369e5c0cec448b6f70d517d397ba4f567
SHA256 821d7a6408c5ee03999270d66d7e8d2095f2d23f8f8101e54f9e8e7799db7e14
SHA512 1cfe13dec5572083692fe27b8d0dde31d2c0022d68d7021c8a9fac94609046243dd9550d818ff4a03bda6d6d529ce21a1ac026e1e2af4c55f3d5bc107a1d3367

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2a43298db7f42f5b47d0cfa8a4f29048
SHA1 aa7ee72f9c1426c7dcddbcf99d7435c37a86ffe7
SHA256 d36cfa121e15a93542391371ed919def90b580eaaaeca73d5db7448727e004cb
SHA512 919f0e20b4752d8b98ff8e2241315cee0de1f44923d8112d72aeb3ae4f355bb9646f92c72c46b0483f37544567e0d81424d6d407dae9d485e0d914237af9b74a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3c897bf96faa45b48864e2f1728159e6
SHA1 16fc988949d7707177ead52ec63739bd13be7343
SHA256 47eff51ab50507a47d849c8d9ae92c6bb0de97d6747c9d625b8d32762fe22de3
SHA512 5b2b7e92232c62fdcf47f4f4b363397803c76dcd2ccc403deadc39ed2f403af603a7a0feb56cf0b607956bd20ee74e2f215fc11d0e3df827c2161c7e4771c62b

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 705ee446e79703901af0f2dd1b772df5
SHA1 52186919c7c8b8e5e2e516cf066a51e5a41fbb40
SHA256 a8a92b84e0cab9dbbae9a5f26dea00c9791a069b651cd7489452abf3fe499529
SHA512 709c0ec61f606764b1b6df645a372fd8377cca62afe2aa6fcc7414d4fcf3e066d5ee6df7c94957e62facd1d0df84f612c47adbf124f259a8958bc43d1a8df45b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 85a9ed0b4d8124d285cce11eb73a1780
SHA1 aadd49f1931922cab7d5484a3da4089170f01072
SHA256 a779a0c3494908e25c42adb3d7a8456f9a96b6ce0c5e6823537fcc223f392317
SHA512 0c66e85bc789aa6152873652eb265370600e25028fead7a8336c4bd48f3c26b67639628369b5a8f8d6f0ebe572630b9e3353e4021944852b63a9e2cfbdace47c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7fdaf109002e8137a35af915d3a789f9
SHA1 e693b6d81c0de63eb63f11d033e29660af3a665f
SHA256 c1aefae4a4220a76e29e81854566c01161d6fbae18366242e65a99c73b4f4136
SHA512 14d82844f02794bf0bd3987d9d1d352865a630f8c6d47136bf75bea80b1e294f3507e727a285674c7558805f7252e7e91210bdc9b935c5497bfa934919dea656

C:\Users\Admin\Downloads\ransomware_notes-main.zip.crdownload

MD5 96aa10f49edd9a7ccb2a95fe1d70ec43
SHA1 4d049d508c9797e2b8fd2dd21d54f865fa5da7eb
SHA256 3404fd569d0704f96ae32f8deb46a557b84c17a549e7878d68b0958c09d5f7f0
SHA512 db0faa39d6281ecd35549cf449e486303c4ac9828784c876391761cb8c149d1f3060756afac987c4bf7030d22fff15c07440323fd6e6b6116c1dda7d01a8ad04

C:\Users\Admin\Downloads\ransomware_notes-main.zip:Zone.Identifier

MD5 9cda23a615ae4396ec54c08854c71c02
SHA1 9262a28bc9a9a9e75dcb092cc8266c5a05bae26c
SHA256 d32444f700793f177220b09311d1c668ce0f7bd99961407d044cb217b9f9aa80
SHA512 7211d682a360eec65f373d0cf82bb1854769c07ab2f86de38f1f17cf024a25981a8c15c1817c74fce11bbc415263a2785333d8d25048a8b437c9da52c3843af6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fd35ccaf0e23de8070954bd615f7095c
SHA1 373b4f9fc55efcb1779f9a44c492a4861756df60
SHA256 deff2beaa00688d05cc2b97911732d2f5691fd9b3b093168bc6e5b029c339793
SHA512 a1d7cc11090b52b0db81b6d40a142111e067256bf4ce912570c29667414f34c230a17429f66363f1cf50a446c9f7daa4703eb560aba4722461428c5a106a4ee3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3fbdcb1fbdf3d2f6a75a86e9ccb38d81
SHA1 2aa9a89bd98ce4c8d3c9e1cc58ee9c370cc56fa5
SHA256 d0afaa93db4de734431bf87807c42f971747fbd26c5e8a05d546ad68f8e5a136
SHA512 a858870dfea5f96c6a2eaaa59b35d6296ac9502115b5c419b902d03d103c8e4d52721dc35f3fa96451d0f4e5cc73a2bb7ad9f796556a6849b596c073abe05e8e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 5e4803bd788d72c2a6e6690de4d600d3
SHA1 e5c700e207a53c033bcf1b848b836b803cab7858
SHA256 b35eb629c3257c3986360acbc0d19b6151df3f5fe65aafc04e5da1474c6ddf9a
SHA512 05146efd16374ddb3dd1701baf4b840523673143e718564c0bbddb50a97f471e6e0b24e407f4a8c5c19f3237397e8697a2519ae59335364927a1925c7336898a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 315257384aed3765bf445f79bf873856
SHA1 cd498028a89a40b3e8548cf60375a2d7f576c3a8
SHA256 3297413c2499614ac02e744cce8e8308217c1e0364df037b0cd7f92715aa21a7
SHA512 f738980efbf30b872b17e318f592595011da4baab28429edd100ff52d7edfbd48a998853b05c849ebe70b4ffefdc26576fa02f110060fe98d34ea088d76db62d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 7f36204df622e7092e409d60615b4108
SHA1 9410507e3febdf1c64e28957290b9668e1ee7c70
SHA256 460582c292ec05c6d749e2fbe66d4dba7f79747719cc14b263319619350596ef
SHA512 a0451a33ae139f2b7c4a8d452cc5aacba9174e43c7af6289424a094f5114d8b435e7326da405e5bebf4c0779f121a83888ad089124251df51e272b1453e181ba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0626b6fd4e6118c8d74e60890b65ba76
SHA1 f152dc319a9a9ce82d4a73df3d19ecc2ed957bf5
SHA256 37d080289fd15f44ae45e0b3f76560425a05d21bffac213bd42aa038e76de1ed
SHA512 a9662bed25a1dd1e64bd7f511fbc9a331eca7cb4703a9120b817ca95940ffc57b4835fd7cb8206e6fadb3c2895e8e1085cf658cacd1ffa21e3fa43aafe0e5c4e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ab0fb3afb5b19edb1cc45ae666e6ee4e
SHA1 8763d85a6dbb492730f88cb607396cfea1f0a0ad
SHA256 4e92000122b5457f78ee5402514d8fa86f41bcd01e5c2cc6fc28173e1648f080
SHA512 76eba3922b1d4def10d5af633fc5cf039186b6ead639cd94a3eaafca8090f7ce7afb15c44a8823fc50159963ed94f312861876d3c1503009444107ff29bd8bc1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 20217238cc4d6e0c6f4fc00136c9abe1
SHA1 239e0a7c9fe5b08a7311e4bd27d5b9e66e998986
SHA256 48300059a3e7f290a070dea71a5d991763d95a71a0bd0b84dbe1b66716cbde3d
SHA512 767f0b91e6317ecc629bf844244e31207c936d549c66c7abc5e1f3a5b196048cd2cedd8ff934c93b5f5012171df57b89e35d39bfa5d605390fbfd2e08c9123ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cb8a740c62a14d4f9fe254335c87971d
SHA1 c74fa20a0bc5cccc3f281298d98499dc679a7872
SHA256 16731305f0d096308201dbb58e5727edb14a8adeb059fde809bf9da2446dead1
SHA512 f2a3cfece79a0e41de3bb1917e7deebed70a6b31c01c0c879f00c2b053028f2ae08b8cc86f835c71f54f141c12b36216ce31e2c3ce746b05f1e36719b66dd12d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 17287ba1dc2a7022b9c180961a58f638
SHA1 c4e85c08458270f0da255a722a9d7335bd18eabf
SHA256 6ae1dc93f9ec74f0257373c2cd003ce257cdd853023dfcb916313e4ba12fd529
SHA512 0e901195875d78336d1dd12d0b5fc6fa40d300d54cade2f270118d07cb92b0e49114ca1571b318a677b26ee366c025620112c1106d4caf07623e79c459b18429

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 63b2f0f0b75ae953f7d526aee6cbea30
SHA1 3111abac08ed96833e6b8991a5089ad987ae2814
SHA256 a20412a2cf3c684fe7705cc44daefc16eae0afa47c2d0a45e049ef7f012869cd
SHA512 42584e41d78f62f6c6bbc6436dcaf9b65a3d925e34288ccd9e50bfa4769420fd2a82bb076cb6f484c17cd0a20041723acac11f31b739be0aedbed701c1a01287

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ebb3de49f29b4a0e09244131cc4a7481
SHA1 e2649342d650fe6847f376d720574a17e9080d2e
SHA256 29d1197e3bbdaa373032242a1efc0cb86ef23aeb669000997eebd537a5ddd6a8
SHA512 1f709f3eb85c5a5a7db5a2bb72ca5467563a0c9e6adbaaf5840b98f17d4d12eeceb8f9e3b5cfc413de2b4a32b72185a4e8ea540fcb76f51dad68c749dae0972e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ea55a7f17d28c526be1dd9d9d6b2e4bd
SHA1 e228657bc90faf17f0f367a296f52ab9a7cdd6e2
SHA256 686b0905b00aae7a4191a9d5b772626afa68456583a85df4b9066ce35f354d33
SHA512 503ce00a21f3d8ad8bf502708d8c5dd95eb110a9c992cf36be3e683e62616c3d84cbabae917aa56a2d4b53f7d620355c24702970096e6c32bb45c56d063f2ff4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 36c4e50e12e892bc6d6ebf76c83430ca
SHA1 1bbf61015d3a0831f6f3ee79660540968aebf4f7
SHA256 d517c523f230fe6e0fe96bd2ccfd4b99773a905e529cf9bde9b72573832d24c5
SHA512 62225beb6af7c493c18466cf556ecd3117332b1ef0e2dc4b21b89c7238212781ec3332440b3f7b0840cf3922cd1cfd3d9f15ad822b4a8d1c19b9dbd3b3bc94a3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 600863ad1dfca1ead780b9fe81d6cee8
SHA1 3804f9ee5098cf66158c0f0577cbf3dd4f5ba33d
SHA256 201684cd58aebfebe75f85cbc61b379840febc6502782d0e42af8f372a288af6
SHA512 ad61a5fdf72282e6b3530275e1ab7f728e8b94bfdd06de34567b2637419de92f28cb165b00d3b3af0bf779b8e43faecd1ad0957a9c773f55dc9b047b7588b136

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ca0adeee085626b92bbb4d60d7b539b9
SHA1 8ee3692556a80bc1586c850611936828452b9dea
SHA256 5be4b295d16fb6eb173261fad97cddc926f83451b09c3b5a5d140c138df30ac5
SHA512 79c87d3d489bb985fce4530d1c7f87da21329f7a69f687ff58ea25dd9aadf975b80ece1328698f48815247dc33246a9b3af58eb105f109e09fed6eb603928008

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 adc1fdb2c4bf2f72f66ae64d8017e99e
SHA1 b224b696e36c83a00d86c1e73526d83cac206c53
SHA256 9d7868152220e0536b7e446646cd56efd6ea72359861f7df177e87ec6687d78e
SHA512 8e657b762aca670b214b06e0e4752837959bfca46d63da0ec005514ee94fb91047f45e3e0c64e24c383fea65e2da41a2caab3d6dab43a587ab6b3cf3fe0b7623

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9f90e11b0675b4d046e0e5f1420169c9
SHA1 8fbbdced024579ef15d7eaa5f02d15444222f78a
SHA256 e4ee80a1ffb3dc829eea03925fdb70eb64c3ae2662860fc7ba210accbcccb7e9
SHA512 3edd8f9700df97d90e7ba7c974737505171898931c1e8357976a343275d85db30a7ad0afaf36c04c326295bfc3293062baa665d6ee808e4ed12618f1b4cd9d98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 35265bf6dab4bb3aac03580409855f99
SHA1 81a9a9a993caaed555c6bd0126802beac2d51e44
SHA256 cece4569d65d92d5001fa2dbe97656ddfc2426a2271a61214d02d7b08799534b
SHA512 c3f02d7cf053379ff90ffb170fbd1adee57732e8dafbf0cd9186cb90b3ea4011f8c2ee1e9be196f84c8885a84c65d73551f0a9da85d416e01843debaea80825c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 802ff858d9fb2acece9021deacf064a0
SHA1 447a6ede19500abd4682a38b1c53a823a6998db7
SHA256 5066e6dbd976205d3c76c1040034fb04b6664bd2becfa1750bbb2153fcbc941c
SHA512 395292cab92cdb5958d86d6f8943d4641bd11a73a433c782fd118b54f5d56820f9e2db9cbfe47490796266666d8e8b0d6b78ea5088c142ce9d72dac7c2cd21e3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b8983fd76b6fee8d64c2d54a478c4516
SHA1 2857c93746e0882083362375a47668eb317af5ae
SHA256 c08bc6a97e4f068ad2eb2f3633ed2964bbe31e4f350615ba85f0d94e4b1457b7
SHA512 f4b0c7af5159b043ca1fe2a88d114d6476e9b228bebe7ea441b72471dea29a4684b399bc324aa43cb09676b324841afd32367a18ef2c1e92be4f8231f3d61bc1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b986f18193847e5c51d32aaa7991cf8f
SHA1 4257215a6417cbf25e455b0ec7d12139762c0de9
SHA256 3584494d2800affde50d119048f98a9f3c21b5865deecbbcaf68b4e5840935c1
SHA512 dec90f060625889ffa2d378584c0b8eda6151116fccba930d64f1ba9c77c63eabf685c44d381347a2d0bdd4e1c2667b2fff2da79114d52ec03a1f7f6a3be6f7c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 69c74fc6f41dbe23544ab7f7251b65d8
SHA1 5f4ec41bd80b170294e01e78455c42536d88ec75
SHA256 3c7767bdcfa031c8bbe3765977ff9aacddb91bd9ae87adea5cf09153e50195de
SHA512 2856675ed399f8bb716ff9c208f78094e8096e261ba1c67aaf483822688a12b05efb6c61f02ffa30f53b1403a06ecd0ffe441fcb2619763e8158679cba3ad92a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9446c705ba14e5845962e23514bc07ee
SHA1 e020266d00aa7931a744907a30547c49e8918f61
SHA256 2021e7d8c0ae33494e029017cf3168b9f99248d35ecd4cbc874b129eb3f0330d
SHA512 f35d197fd8d37bfe9c979695320e6c86559fad253a6869831ec737569e3bdcb372f41f3cccb3d49871773443367188e3bcbfad65191c7ca8dfbe6505605cd54f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f275b6f51ba5a31e19c769afc5e1c7f7
SHA1 1531b636527e6b8771318ade3c30df8185ac214a
SHA256 8c0ab3a73f3cf1746f3a6c8c60368b984dc6a719feb1a91b83e660f79590d716
SHA512 0473d1fa4a100ba7313d118d29ea532df5447762650d61cbffec6759027533c3c1d6967a7c482712304b8687386dad5de8ec6a45b910f1cea77112b34ec72eca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 13f017138a93d6d7585accef86a82794
SHA1 2d6877cbde92611f6a028f7e7e3d77d50b0f9a04
SHA256 83175ac81ea3a192739cdc2de696071a5dd7e3dfec5c85e6c16e911e8f39c48d
SHA512 06cd3cdf13637aa5e222149fd1d1c6e6d7ea9d9478152d03dcf801cfb25fa562b2ba1669c6c919144a7ff17c6375f9152804f5e1e6ca0ba2b27e16816c177494

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4d3ee89f7f6b3fb973760cb9089ab936
SHA1 b5c6da1efc11387b888da224c3eb949f2959cadd
SHA256 9b255088841fc1e297425777fa373be1fe779927c4b241c5e1ed2bf42cbe1ec5
SHA512 e8a9db4a6f8b169d912c83ca7c9bffee7644bd94f68a164d665f700c1bd2246f6046aeede403920aacbd76d78f46301c6f1c5b3a24a5352cdc497c16284bc436

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 1fe10b6cb6b345a095320391bda78b22
SHA1 46c36ab1994b86094f34a0fbae3a3921d6690862
SHA256 85a627e9b109e179c49cf52420ad533db38e75bc131714a25c1ae92dd1d05239
SHA512 9f9d689662da014dfae3565806903de291c93b74d11b47a94e7e3846537e029e1b61ad2fad538b10344641003da4d7409c3dd834fed3a014c56328ae76983a2a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 caaeb604a99d78c4a41140a3082ca660
SHA1 6d9cd8a52c0f2cd9b48b00f612ec33cd7ca0aa97
SHA256 75e15f595387aec18f164aa0d6573c1564aaa49074547a2d48a9908d22a3b5d6
SHA512 1091aa1e8bf74ed74ad8eb8fa25c4e24b6cfd0496482e526ef915c5a7d431f05360b87d07c11b93eb9296fe386d71e99d214afce163c2d01505349c52f2d5d66

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 11e1365baffad23217afb5068d83d576
SHA1 85edac32479a89cf021d03a40f0d53c520715e24
SHA256 f4f72787718053858b94f3868bb9c58faa6d7a244f4f6a5e2aa8e826b6575b13
SHA512 acf1b1aa115966e65846a158650e741e28f3b8b8e04ddecd8cdca786b5728be1351479c569801bbabe389645908e02717e2198a672a7913881f85d02694502c5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9e98a949a9cb48600028f3ead7722981
SHA1 b765de00dd5e5c845e04eb93a1512fee1fb5e4ba
SHA256 ed738b7338cfb61ded46a647dd29079f79afefb677eb2e62528f4d1cde08cea4
SHA512 1acd95012d0a814075211310048b9a5fd45bc3ae192ff84c2800ae6a2f5be8c1567c71873a75bd04d7b2690ba75cbb548deb3967a8aeddb72ced3ce53ae63819

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 46295cac801e5d4857d09837238a6394
SHA1 44e0fa1b517dbf802b18faf0785eeea6ac51594b
SHA256 0f1bad70c7bd1e0a69562853ec529355462fcd0423263a3d39d6d0d70b780443
SHA512 8969402593f927350e2ceb4b5bc2a277f3754697c1961e3d6237da322257fbab42909e1a742e22223447f3a4805f8d8ef525432a7c3515a549e984d3eff72b23

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 206702161f94c5cd39fadd03f4014d98
SHA1 bd8bfc144fb5326d21bd1531523d9fb50e1b600a
SHA256 1005a525006f148c86efcbfb36c6eac091b311532448010f70f7de9a68007167
SHA512 0af09f26941b11991c750d1a2b525c39a8970900e98cba96fd1b55dbf93fee79e18b8aab258f48b4f7bda40d059629bc7770d84371235cdb1352a4f17f80e145

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 02320a9b927ed8b1852acb005d224262
SHA1 b6c8e722e0d4a71cf8faab2673166cf6b8ffbe54
SHA256 a49ce66379ba170c3f198b50158c19989d760a744f890b3d232b8c88db57b1ed
SHA512 8b828d4ac6d8dee3a876b97ef3435e17f74cae64c7b8625ffafea6501babb74bde0cee67fc3d71e9ee41429a2df16e0a5e3d56ff2350fc9cff14ede580dbc6ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 84d4bfe46aec492b955672990548c5c7
SHA1 2cf727f8830bb0e924794096ee650094341b3bcd
SHA256 90833411ed8973f88497167fb943e46781ab31e1ff998a997161614c283cb54e
SHA512 3c218255880f3483593246d81467a139f1ec56c6f5674754555e1770e291cc8f32e5e3fd369fc38a4b000f0560466394de42335f5a682727a96923907dcc356c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 96faba593e7856f9ad170da28f76d98c
SHA1 e08a9d9efc4873a400b2c08bbfc77c1b5a68a81e
SHA256 33b6cd6ca0f6b2ebfbfd0f1e04f0db12b6ac1234e60d8229280c66203f74f910
SHA512 18b8dd4f2b55942e814ae637c4f8b0502178d581d616692925148e957bfbe94d982876441ee3387e3e47f6b23feb70b66731757a4b007eceb8117a07221dc984

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7b37382eaef4db7032c061a582570bf1
SHA1 182cb2bda2395f48b2acc47586ef38961b3ff393
SHA256 4e2a2f0a2c80eb7a6560ba24f086f4bbf6abead24e07f1e1d86b91ceb359605d
SHA512 c307cce843114cbbd732e5c9cc3c670d597bbd68f04d2e13afd9a84a852c08a34c36c3f3a8d6a931954e6c234b08adffc48b6fe06701df428d498b9592319716

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9cf4173afd96e3b6553a2f752c5ffe53
SHA1 89dd2edcf74c9958942768ef8fa06cf75f176fb4
SHA256 bec2554689440d7d1e6de1d17b8c770af771201fe89e67083c38b18ac279de3d
SHA512 24976c2a23e123af81d5c86c62ff7d06966bff93bee142dc7b236a81d392865a2eb75796040c4925b042fad354fa8d29b531142f685a1d126ee76fcf2af6a441

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4e547f0ce4ab9df32be24d65b0394030
SHA1 01f79cc90abd1cce6c5c9efe391258a58eacfb9b
SHA256 7b105083c1361bbe6e0883ab49c5f8c7e175c4b30618963d6c6d62f8e7d6fd2c
SHA512 2a523908ef1508d9a55d2769b2cc8530691eff770c646088b07e358d336df98d33d0ff783294fbc8d5662a8774e15775e8516801e0976ed2ddad9fa91312e02c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8587fc14523a80d80f2c67192e19b089
SHA1 dcf96fbd69477936cd802b3f824f4afb3215ace9
SHA256 8769a52403637f94b618c1f80a140d7732f9253042458e45cb1c9ffed16c40a5
SHA512 42f0674f0e1f4c3d352570aaece6866a17fea8838225fc41bd66db40442f3ae7b54a14e5d3f5a0eca36cfc3b3e112cdc6fdc8cfbf9bf09619001235a4310cacd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 8597220c79a8633c73eef5ba7509dab7
SHA1 d39a23be477d56556c3ebfffe139f0a9ababbfce
SHA256 786ab8cefaa846e6c8c6a1698fb25ead95c712927f3d136790b439e450d1396c
SHA512 ff5595ca6dd1a9c405813db7e27d9b48508ba9ecbd42ae6010b0f1372bea78ce1815c9ab7adda143532fd40cbb93b524752c666bef6be833e16cc166b6da1c5f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0cb0e6b432556f133a8e9d3c3c087425
SHA1 8223ef82ea4ce477d5745209fd14099b6d0688bd
SHA256 e5701d15b6227186b45fe24968b6a0e2c8ce6c956e32b7a98b9bd979e04f4621
SHA512 4dd60b7dc985b8ada1ab4084e01fb078955b130299463804e58f5ec6fad6d2c7104235e2c5be56772a426bd9e59f887d3f896508341c553085e9b220dc4a5df7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 22165d25553acc0364fb45562732efe7
SHA1 6808a65736d726a644df852392567a848b78b60e
SHA256 a77545774709b805ed279fb3e042804f08b121db4d819356a6eb1a6644d2fc58
SHA512 7433e1c39cae07c093281353897d53604fcd4a8c813d95fa38f9acb29b1445eed7c14e12cf5af10c8a54b5b91c1d490b61d17a7efac319a3692cbab335a75218

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f797542dbbd9945a9e4030176f668788
SHA1 7621bd3840bdb0a1ca9112b8e6930c94080e5e82
SHA256 ba67ee5332250efb7ef99df487a6e4f56b97175fd02502904ca95d93dedb17f6
SHA512 071342a97591b640624bcf9d3b21bedfcc828a2b9cdaca43ab7697c0d916e99dc7c0dbfeb8b9d363c6847d60b50bcacb451d105119547b7036f5043f5383d814

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8191010678748e175e052b87e44afa60
SHA1 2365ff6780e02e48e609e99f4c8f5202a7a27943
SHA256 31059d1ada93051fdcfb34175e417c81be18ad8172b605804e20093f8c5bfaf0
SHA512 c192a09919d3b4347ecf648d353f34b4ce46fdc76233b57f9d90450e9ea6c1c4c8b27ab7fc1b23adc7d91d492c25a6751db06d6558887bb36fea3b5ac22e2eba

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fdfe858eb00eec315eb7e21e82599fd1
SHA1 6a795fc8886e2e79dc8c6e11fb5f6b64618b8580
SHA256 3864d8f0dd21c7fb1c506cc36dd178986c72d960bbcd7879376149544523b15c
SHA512 9b10812ea4853bfc9511229ee2d9615be99ce0dcd6051dac21038dcc11db7b5dbf26ac71bea1a24a121addb9570bc85a94ca87ff9bf2df63030ca76f8722d0fc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 24175602b655170911dfa9b5b6b53faa
SHA1 2b664f61fb62e03fc1bf00093a44343b7851d109
SHA256 dc1216854f382cba082b397c9688be17777ad8bcac799752526246408b59ecbd
SHA512 1b9d5f8dd6b92bd230946bb87a57ef4918bca6ce756af134ebff4abc49773dcbca5721ce63207994f5ff0afdd598fac1fc50711ab7c703cfa806b8ccb47f12f9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13365982908964876

MD5 a4803efb898d4cf7f130dbaf95074dae
SHA1 2fa5cd8c553ff5ca87725c743371fffdaa9345e2
SHA256 3927bdd5826c4c3930a4367a7fbba084631a4894ea29b3d508ee237f893e8d9d
SHA512 ad267c672e69aa5a764587ff1dd26088fcf0fef83a380b4580e5ad5ba85bf4c7fef80eeb3d64683bc70a6dbdb3fc0f60bb7ae4c03a0fbfbd6241c96c26026607

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\b829e106-6d4c-41ae-a503-a19df9d647c8.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

MD5 67d8c490b0f0bb0da4549cffd810c795
SHA1 1a05abc3c072ebb1361d93ccab286461d5c027ea
SHA256 6b9a5d6221c065f4dc32d4a2cc238dd76ea8fc9aaa49097beebfcd1c4bbd7898
SHA512 7048d5392d2d791df820c4e53ed78e36993f98d864c3983c872d6814e6998253f729c8b5802590bfa6a10a5781a284a581264bf554e33a1d2b7387a1e59ee1bf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

MD5 b29bcf9cd0e55f93000b4bb265a9810b
SHA1 e662b8c98bd5eced29495dbe2a8f1930e3f714b8
SHA256 f53ab2877a33ef4dbde62f23f0cbfb572924a80a3921f47fc080d680107064b4
SHA512 e15f515e4177d38d6bb83a939a0a8f901ce64dffe45e635063161497d527fbddaf2b1261195fde90b72b4c3e64ac0a0500003faceffcc749471733c9e83eb011

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

MD5 4806f34d935ff9e925d7400cd1ca22c9
SHA1 c0ec344d822abcea6e419d2a8d794e65b4492900
SHA256 8684b982684405843386fff3a7d44a9742361209d3a0773d59f3f5b1d301be24
SHA512 acf05a2a210f6e4bb6b5dc02916eab70a36867269bd5463a40891497856bbf53ec7f5c7a52739a3d31f8c7050b929f43aef986e47111189672901ab45a35b00b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 230619418d20e8cc77646ed54de1826e
SHA1 981512e865c2a310affdf34e45e728b48530dc6d
SHA256 48bcff5c9cef8877f335b5468d8f8669c9a925cd050df7037769b8f14f0cd293
SHA512 cc617f1a7b03f4b4f9e2e4c71fa5ec4aca5554a416990574a60f70c358c838f219ae59582d7332d3a8a6975be392ea499f5ac95f6ad4d2147579f50469d7a408

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\LOG

MD5 03fff65cb4e079cf3726f47c9fce2c2c
SHA1 be489fae2a20338311392a24fd8ebb3cedd903cc
SHA256 834c35810cade95dcdae08c3f7e39d978b67f18054ea825635a7731439a54122
SHA512 dc8aed0b102bf908a5df381b4166365ebd9e733fc23a0e91aaf0a7a31b0e8b6611e8a1d5dff44565daba40ddf458c44cd314b003515bcc3b9418c50080e49cb4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Session Storage\000003.log

MD5 fa1af62bdaf3c63591454d2631d5dd6d
SHA1 14fc1fc51a9b7ccab8f04c45d84442ed02eb9466
SHA256 00dd3c8077c2cca17ea9b94804490326ae6f43e6070d06b1516dfd5c4736d94d
SHA512 2c3184f563b9a9bff088114f0547f204ee1e0b864115366c86506215f42d7dbf161bc2534ccaee783e62cc01105edffc5f5dabf229da5ebd839c96af1d45de77

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

MD5 d8ad7636528c46c963d4def132165205
SHA1 4cf15c98afb12242d0ba8d871ed2875c348e23de
SHA256 744ffae36ed292353c921fdae3b6ca8b397edde71bddc9d95d034283c735019d
SHA512 90739cfb5ec04a44cc6c6875d8a30f4db16abca66c19e05692c732e960c0dcebdd9c7f1a1787286d2f2e18423638a31c9ec3e6a815361a0d3a34b23df05aa59f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\000003.log

MD5 0407b455f23e3655661ba46a574cfca4
SHA1 855cb7cc8eac30458b4207614d046cb09ee3a591
SHA256 ab5c71347d95f319781df230012713c7819ac0d69373e8c9a7302cae3f9a04b7
SHA512 3020f7c87dc5201589fa43e03b1591ed8beb64523b37eb3736557f3ab7d654980fb42284115a69d91de44204cefab751b60466c0ef677608467de43d41bfb939

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\000003.log

MD5 cbc17bb48b28c8d0752a359e46e926d6
SHA1 c9b5abde39d0eb13d64225faf38e43c6dcf7f542
SHA256 5cb50a22d12ce65995c55f6a490ae995ac850cbf8caac58540f01ce8db40c19b
SHA512 f1cb51a1ca1ab0d19633ef07879e5f58dc1394168c3003bcdbedbc5968a9bd45e53cfc48a35951dbc9b15e62c40f64e5cde8add60784e70d17d5d5acc059e89b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\LOG

MD5 44ce0ad70eb225a3e8936743f57006e7
SHA1 d409814d86215573a434960134079968514c866c
SHA256 6c96f8d8fac734366799350060e48a10172c6dfbdb15c1ad4e87d450a897df54
SHA512 dc995342472e510dc0002851b0ab913a3ca4bf20a2761811b38c623629cefd9bba272581bd45d2b2663803ba8e9fd8df982c965ca32d3b616df5edfe03009373

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

MD5 f2f54d9534ff9e3522cf23f2672a7b58
SHA1 e6de2cc2b4ecd92b9b9440ec0873458d49d83bf6
SHA256 880ec2f0516875570b843a78658c31f31477fcd2c7750091c44db1c684e1c40f
SHA512 3246ee6cea5e8fa730b54152c9ead873e98427c0fdbc5ca5048015f36cd9888628f8de5c1dc0461dd3ccf0ecf00ddc89235b196a60337b3e71909d937b549404

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History Provider Cache

MD5 2293281606c6a610f580d465ec2a63e4
SHA1 df87b62bad98e814b9452004d4594e315b911c4d
SHA256 d02090e524dd5a781121e7c6c85556345bc5191201db472df1457e4d73bf2601
SHA512 651226db37be0f3cd74ed58e020ccb98529daa4cc0550e73f34e6cae883be58a9b30d2d4e4a3dfc1598a380517147dbe8d979d1fd3c08f60b9153ced31098bef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Visited Links

MD5 74ffbef8c0206dc6028b1a9c595597ec
SHA1 c7e7d2bc8209fc26741e1c3a24333c4de0366fac
SHA256 b19c4f36c1edd8eb6c2b7e40038d8fb31620bdc244480d92a6883fdac62769bf
SHA512 47475bba519d358d02bab46f60460a4a6efc9bf164a737281f47667ab0a0f65f94efa601350076434cc6c1e64078d66fceb7f78279b6ffc11f67839b539d2b04

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History

MD5 c7c8c1e4d23c0bb462a356517e308553
SHA1 7ae76e11e61c97a98add0c7d13ead6cc66f06fa8
SHA256 fdad62d00677be39113578f06e3cd1d2cc83bbca737fd535bdb9b02ec8e22be8
SHA512 e62c3040a8e186a5314a0020bbec3ade2feb1a6b271018ea12375b64c2cb0f670ad5daab6a463b7fe19339e8a257fa38e1010273128af3afd05a916b3a7b402b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\shared_proto_db\metadata\LOG

MD5 d83022fee79c825a4807ef61474f83e0
SHA1 834898c25ded374409cbcfc65c432a599bc03d26
SHA256 fffb66af60548a0a6a4ae9a79b0c638a68233ff4ce60c4af96d2bdc792c870d2
SHA512 67dd18569a40f39aa6427401d54100b88c03de594e44a4c47abb5eda3a28c8769cdf252b0cf72da07b7464405042997ce3a5b9f48d9f3dd93e2024d8c5db648b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\GPUCache\data_1

MD5 78dc4e435852b6da3cbdde8b055cee8e
SHA1 c8db023392e4b5590776ff5eb5a4f2bd95992bef
SHA256 a9718cd2691984c9b2ca6717261fc8b0e0eac33c7e225dff87105cff5a356256
SHA512 1bd900e55813fcdfeaaf4bafc981e4ca698678366f759ff97fb5fef8291881a26bae57137fcf430fd7d99077ebad2ab4531485cee427156a441188a5aa69003d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 c389147c03004b04e3ace1a6c9c061db
SHA1 da2ec9fb4f5f8d0f0036e223499a0898fc60199f
SHA256 091ca7fd5aedd2de6b4ed1e81e845ff9c9eba932452e9865f689bbbd3cfd6935
SHA512 80047515e8a1115bb7338b4bf2280cd360910f474a01f4fbc8dacada18276c57a2f1f6f869b39ca86f43eb0b5251bf060789af8d81c42d33fb00569e83c20787

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\History-journal

MD5 5db5c544ff18a3a7037e5528464b7368
SHA1 fb70df872b5fa44448b1d7c1ed43f1f4f3f801ea
SHA256 43d09c8372f91c291428beb31ca9b6df55d529dae1534f6540767176e1e7db6e
SHA512 6ec4cb5edea434caf110d275fe7c0cebdd0c0dadbf0679ee26c7a38a4a74eb13f543db3bb18709eb3d83ce2a60ffcc72ddd0eb3f93ea7f1f109edc1031342cb3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_3

MD5 66589611c9dfb731a322ae007fe50f2c
SHA1 7a77fe4cddf5e599aa1836b7f4e9491acf77aae9
SHA256 60e51a4c4d234bd2f090a24ab9bb34b851c144259789291bac6228fd371d7225
SHA512 21627a531aa3f283a87fe5befb3239130002fcba9dbeb4aa978e2e20a4e73502c5fccfdb93d93f660263007b8955d3a503910a21254eebe89ea3c4e800c2806e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

MD5 9d98b9321d1d6edb261eb63668b613dc
SHA1 dd0bc460f4fa8027d390e1b6aa884e005e6f4078
SHA256 8a938c00ab09dac7dfdece124a09c0af81dff2ed55c8c4cf8a937e9ee7f5cc8d
SHA512 f873a6136671f8f55ae594988a498884ccce2450b0f0ddf4fe99315d070960cc052a0c3cb8dc1f381b5c606c4adeebaa7c28e365ff39ccc87c514f91fd19015e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

MD5 05ebd93b1089ea2d1dc6d4c9fc8efbfd
SHA1 731bf4e9eacc1fdb0f88e2dc158fe713bc329302
SHA256 f07d64e0ab61aa7ad0e7376a945fcf52e7e3c3709136fab8990a24b8aaa1a001
SHA512 5ccb7eb69d789dc3328e7f1d4219d75e300136ef981eaa314a7a7b69608a679ee1804af12dddab17e86cbb09da8e93242175748b82362bc26cbe8aa048c715f4

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

MD5 07423770268a0358ca89f3f7fc715955
SHA1 b142f3d764b8afa3c76d74255fdd6434c1734118
SHA256 b71a5c5726c4317ff00e1b12a4f12d833d0fce67f57d0a1140d3afc916aa4f2b
SHA512 0e4511cbe9ce0a3f60102455d3aed68db105dff38664036027204a7aebc7c63c10177fec04b1709f2ca9811a27d699fec152495a94828b5edf36e22d0735953e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

MD5 78ae6d651cbb3b7f4629a9d7c680f53d
SHA1 5e500653f3a606d1bc458a158720521dd7f535fd
SHA256 cce767726c4b9f7bed21dcc4b006adcce578f5a743aa54eb3bccbb3225f1bc44
SHA512 7022b2acc46f4f3eed789fbf07b03709d3a70dd0d06f160b0e6e4c888841474d92338eb000e7a13013501e3a8d398e04156c04fc48d45391863eb5a7c860a505

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Extension State\LOG

MD5 bc5f3cbd4cdb410010e3c76f09826c4f
SHA1 4e24b99993e07cf05edaeaa2e494626055112136
SHA256 45854b8c7523c173df7ca781c984bb2d30b78163f18095475c43c51c89a98519
SHA512 923954ef8c5e3e88c3ec6bfe28dc0458f1860eb641cad9ef6147474ae8c9133bc640da92df53e57265d4c01e72a96d93cb0c1898af5060804c28644dcf10835e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Session_13365982908879876

MD5 3d087ec2edef9d8c1e8f01e86d550260
SHA1 3b1f527d646404d20ef64e2852fdc57e7d3022bd
SHA256 fc2c47b38165de167ddfcc8f11b283fc13cfcf097decb88c415755bcbdf31d03
SHA512 ada8e0372b7197d7e6d3512f94ebd14dc32021ee10c039d69dfc3e0d0e8145991250840ce0f28c70814f3996c8904e63ae865d2bf754a62ec4e8920717b1044b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 aa70407510e4a4c1e09492e6d303f817
SHA1 81433b1a11b48542acfcb47d51cf2fe12c3efc63
SHA256 5f3deb398fa29ca9ed549d866e2008c7fa68c1bb7fcb77416ca4181876c6495c
SHA512 377c7a8ebf2d2a6bb3911a940b7da041261a399dd0e38d8974b62fb45edac62663e860e5444302449058171effa3b9221271a7b45c1a3c9d6faa6763afcb4fef

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\edge_shutdown_ms.txt

MD5 b2f8d345a14b6c044e55d13c97d9a66e
SHA1 0b5ecfbdde883100c80327fdcbb530c721ec45f7
SHA256 ccb49cd2237dda16950261beca5f98bd31a10d4e7909131045890ef2f522f8f1
SHA512 c95a1b7eb05bc3c7828fadc4b7ff4a52964389413dfaf70105ef9ea32f1b7e00685eaa60dff87f740233141463dfc1ca9ab3a422e86e4147f3940a43fe1a1d2b

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\PreferredApps

MD5 2b432fef211c69c745aca86de4f8e4ab
SHA1 4b92da8d4c0188cf2409500adcd2200444a82fcc
SHA256 42b55d126d1e640b1ed7a6bdcb9a46c81df461fa7e131f4f8c7108c2c61c14de
SHA512 948502de4dc89a7e9d2e1660451fcd0f44fd3816072924a44f145d821d0363233cc92a377dba3a0a9f849e3c17b1893070025c369c8120083a622d025fe1eacf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\heavy_ad_intervention_opt_out.db

MD5 9a8e0fb6cf4941534771c38bb54a76be
SHA1 92d45ac2cc921f6733e68b454dc171426ec43c1c
SHA256 9ee9211a57c3f6fa211fe0323fa8cd521e7cbffcd8ff0896645a45795dc472be
SHA512 12ed22537dcc79d53f6c7d39e92a38f8fea076d793198928f5b7a5dd1234d50a3c0b4815632f3fadf8bc4ef0499773d22bd83f961d2d0ffd8afacf471bd3a5ae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6752a1d65b201c13b62ea44016eb221f
SHA1 58ecf154d01a62233ed7fb494ace3c3d4ffce08b
SHA256 0861415cada612ea5834d56e2cf1055d3e63979b69eb71d32ae9ae394d8306cd
SHA512 9cfd838d3fb570b44fc3461623ab2296123404c6c8f576b0de0aabd9a6020840d4c9125eb679ed384170dbcaac2fa30dc7fa9ee5b77d6df7c344a0aa030e0389

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 e449f1ec48d8a026febf95d210d996f7
SHA1 b227461ee49e4f654340e3158befca7d9f96b848
SHA256 c08ab41f524126e7a174749b44166bb270700c6606b9d9fcff5d23b8d61e9e92
SHA512 8d085106d82d6f418297b26d62f0d86ee123c174b8526703ddf8c1849890f4847303ac4c3742f4a49db20c51247b14c3060ea0b8f58bc3ae7b3cd51988c5d13b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6830220bc091beabd15d370f463e8162
SHA1 54adeb6ade21e2ea51bfe3ae81575b3d2fb53348
SHA256 718364926648afc07c3dee5e80e67176cd956e5785306734890ecf419efa2ad7
SHA512 6ab3271c8d40395d1c3ea2943f246bd32f49b2222e39a4815f484b24043f302ff618a1d21a2edf43ddfa84b433cde7e2819ff4b6ae8c2279e6143779040bf4f3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fc9c559b67acbd7452e253917778c653
SHA1 39bce227bd27babc226d0626874da0eeb41bb6e2
SHA256 2d32800aa170f25a326a82f71e6a7eba588391b77df23b6f7e67dcf5d0182d3c
SHA512 4e576c021a371ddb85ed09b7abc5f27ae112f7e08327196fbc1267648d6e3ccb4ffaf277c7afcf2b4e0ef8839df9e2db11fd6d73323ccf91b51ad0b26400dc0e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 304b96b34f433d19837bd34af228b218
SHA1 cccfbb5ccf0c9d6428f113dcbf7b1ff662187a8e
SHA256 281c86cefa14bcc924abcd9d98a39b9ddf0d4aa44d785b90508b28f7ad5a60ce
SHA512 3f4c1ec8f427e475fb713fbf3fb37d49b9c50c33eb9959008d2d1c27449f5dc9efedb30b7604ea1ec1ae272ea81a159c0d5132e8b700c738609b88011dba02b8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 28874114ea07485000460f35d9c6ab53
SHA1 6658fea0c0fc5b4adbfb9b9c2f1deae9e7ca59ab
SHA256 0c7dd3015cdee4b247e1924cc10d9c282203789380ae8938613ed75469f2c4cb
SHA512 789c6e3be3ca4a210ae801395ad540f261a549201114f042c624e5e50f066e54d83be6ea73bf08a4c54e70fc44af0505ba859d33c8845f28c9e600ff90fd451a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 c3dcbdaa937a5ad2316f9a25f9fc891f
SHA1 2eaadc3ce70e3d83453c89be54ef3a532f3224b6
SHA256 3a6beba6953ab588761e14832a55b3d4075b3bfb818a7d6f22a78e3e56730432
SHA512 4591340d043ce175cb06902a487e92191a5d15c8a80dddf0991e1eecde2f5265239f75f3e12f9a0f50d0233c16d68e83be1613392c96a060863e3c52e82f94a9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6a024a93ab6ef97e549474ae4dfddf8a
SHA1 0fa5c86d8d0442d41153ecf253d1693a45fe4dab
SHA256 7d9547a8bf93169007cd09ea46e71907d07ecae10c34ed459d827d5f25e13cdb
SHA512 4e97d10937fc92f9884272a5481de4503aa1679f7e9dc1221ef8176494852d5412d3b5773a5272626caf28460b8994dc4465452077868a79167a76da37a59da1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5c528628dee6735110adda7d620763e8
SHA1 558233d707c05c930ae371b9d274e9d8018d7a46
SHA256 ed2672d230b35b94f2d46bbc749a1e72c39f5b2c64a8ffb6e47464bbbb034120
SHA512 ed614bf508bb30efcad6dce440f214efd9c22ec2624b237a4c99d5c2e9a7ed476fc69c9972e1f72cd4779badad61b5fa99278e5a5f9160489445adb64714d5ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2ab3cc8e4b7026f8c57698416f83f1e1
SHA1 bffc070200b4091234e66949f172619add296f4c
SHA256 e89ed14eb1f95fd4f83784bd24c5e6c61372236022e8234838671b0116da03e1
SHA512 6966647786d38b13f9943bc98bea1caa98513fa65967dd530461217f1d6b7a95e56e269f3816009e6766b9086f70ad693754ace5da08062fa4bed1cbc2e7fe4b

C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

MD5 b30d3becc8731792523d599d949e63f5
SHA1 19350257e42d7aee17fb3bf139a9d3adb330fad4
SHA256 b1b77e96279ead2b460de3de70e2ea4f5ad1b853598a4e27a5caf3f1a32cc4f3
SHA512 523f54895fb07f62b9a5f72c8b62e83d4d9506bda57b183818615f6eb7286e3b9c5a50409bc5c5164867c3ccdeae88aa395ecca6bc7e36d991552f857510792e

C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

MD5 752a1f26b18748311b691c7d8fc20633
SHA1 c1f8e83eebc1cc1e9b88c773338eb09ff82ab862
SHA256 111dac2948e4cecb10b0d2e10d8afaa663d78d643826b592d6414a1fd77cc131
SHA512 a2f5f262faf2c3e9756da94b2c47787ce3a9391b5bd53581578aa9a764449e114836704d6dec4aadc097fed4c818831baa11affa1eb25be2bfad9349bb090fe5

C:\Users\Admin\AppData\LocalLow\Adobe\Acrobat\DC\ReaderMessages

MD5 2a44b4ac525bb51776ca6f888596f491
SHA1 2f0eedc9f575d91f5628cf7370aca47434dd7e6c
SHA256 1768e06da969153f78b82ea4cc556e26bbf7ea75afead6ef0da85ab1b0ae424d
SHA512 b374f39e8e569a8afd84b34e964a89fb5ae105a299f90fd0ba3ff7c19161a56aa6eacceb7c7b192e98e181df831113d456a1d9349b4428c243d46e3960b2e143

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 db06e2cf321034ee7826362583e17dd1
SHA1 f8fd498c8bb4f3266c7c5b66d0907e89991c7d00
SHA256 e5a2956a1452f224b611349fedc7fc2c38df1ffc108d8c0af6e2fc5b2d50f5cf
SHA512 57b35f6c50a764245eb173aa54a99a73be881ec339edb1e149b07a760d6f1b78776f40c6f9684294b0463fb0664c94c1e2cfee5337325fe283203cc08aa260b3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 83355442cf05e28a54917b703855e1fa
SHA1 6196a815592b7220ab11c3398e23a0d7122048ef
SHA256 0d9e97d19e95a34ebeafdc95ef55e7a03dea3925adf96d9bf842e1389361d0ad
SHA512 6bc877d390e93995c77bc000bfd9f30d86c402f49f3622246396bd88f3106082b3bba095aaad82747db38391ded0a3993811776d7cabd985846ee7aba0aea7b4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cf680d006a2f77ee126dfdb4f57d5db6
SHA1 cf950760305890fe723bad9a76e5c480ba12f153
SHA256 ae96ac86540d4e5a7d407d03980c1bb3b6888999c1eabd620e2d32a8a6d25335
SHA512 054c9125951e1fc60decea614f702aab756219b7ff50e84d66685b232535eb50fd4f822be773cba6bb280124a1272edc2d0f5ded0561adcd0a78cfd5ba45dec4

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ef02ecc6bda79624d8a96fd55976b08
SHA1 f2bdfa2ad127fb5bda3fede4e2b9c4dcb361f3e6
SHA256 a920531555e5fde03ab4321107b1d8491aa0ae6f3e3a0ff3d87d2e2a2133f751
SHA512 53914daf27391a5a4ddac9fc4aa32a738f25a5a6e805dbf427fa10d234a29c3d213c2841fd4e7b6835ec393af287aaabf71521cd768086d0dff5fde77f460d45

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c82925df77e7d5b07d984a61ced44ec6
SHA1 ccc88527a66dd8af23e289a9a233aaee3e2102aa
SHA256 a57bcb731f468a8097fa229a36d1ffb82bc30bd6da0a3261a1b5ae84992a7141
SHA512 3a82fee2ac96378c2d037aa8afed40563a8045d6778216848cf1480e94a5aee0272237c66e8906b118fe9b25289d4e1fe98a02315a811cff499c76bb5055bbd5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4ff6a38fab0557e1d612d105d1be3802
SHA1 6242b1844f66b2467912dd890a4dcf69fc0c732f
SHA256 c54286d7f17107b3b29ba07feb6590823918a3de6865180bb359b4481237057d
SHA512 6362d23f87fd206cc1ac56d55d01666388d2d2e698e2c46d6b72a6bf41a56940205d1f09ee3904cee3ffbf3d1abe7d1fc3d02fadf6b125a50d0bf109d268d0fb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0bdc2b4d3716920c348cf13c6c9bff46
SHA1 ef4ab867a92e39986f953aabbcbd3b0a526022df
SHA256 a92d5fff192829114e042bec395228c52a90cd80b875f17425a270aa20c8a1e3
SHA512 1fdd0a8843cdb5a2e6f9d78e023dfc6d5a0b28c75868b787e6ea38eafa562060e0ec4571750cc55076cc59840e4f6444ed1b85bc95d9310649bb54a03f24eaea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 09f279ef8a75a3b69348d4fc749bb8f6
SHA1 f0255acc255069b7c650707a3d307fb6988e3481
SHA256 a9d742526614af5bb6a01e20f5205134905f719175a26a737d0967f1534b2049
SHA512 2f501a26d1a91cde40679841dcc87ebc821dd30a1bdecce20488a5ebaee6a00aba2a9aac1235a3a88ec632b35cfcc3e9e8166ee096d5f05605069bb16356fa75

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 9fb540de124365e8877a303c7c2228b0
SHA1 ac9e12c2e91e3f748c0222d19e5d78d4dc493d25
SHA256 32b94869dd338c2b31bbb0cda9e811ea07cb5cd17bacb5fce42f6612759aa12b
SHA512 b5240042cd0b3fb0005223627a2704e97746b38d4bcf9b3bfe24cedf8036c19bcfc557fbaa74edc1ad6820c4f0bde6274c2c5ab42ab585713cbb3c3b67d6318a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 2cc3bd5c01d0d1f8a953b8b0a9c583d3
SHA1 07940c0fa1c63da80deac70e34c460e7008cadc5
SHA256 283ab9e0597dd0b36adc659c80c20465c41c98c0af6e2df3e9a96e4ca5ad93f6
SHA512 d32fa73ccae5679c2f8373e59b11f0b73efbf6f7083537db823cf87ec49158a641d79bf6a792c2bae343fc758c5c915409485a60af281d4a660d51b6df1caaea

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 aefd77f47fb84fae5ea194496b44c67a
SHA1 dcfbb6a5b8d05662c4858664f81693bb7f803b82
SHA256 4166bf17b2da789b0d0cc5c74203041d98005f5d4ef88c27e8281e00148cd611
SHA512 b733d502138821948267a8b27401d7c0751e590e1298fda1428e663ccd02f55d0d2446ff4bc265bdcdc61f952d13c01524a5341bc86afc3c2cde1d8589b2e1c3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4df86584f4c116903278060463b1f86c
SHA1 d0a3a0b047e1284ba449b8a1b42be8d6d3013cc7
SHA256 7ec16ee03971076f04746e80700cf0080e6c3934e4c23a992ea05a909490df3e
SHA512 3b45e6b901415be726178a33213be709c97d810aba181d4b0c28494f9eb36265c272308594d62c4a5a3e9a457ecef4e93c85ff4390f1c681b057f33ba88b9ef3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8f9c1537a8341e66b78b289f2cd808bb
SHA1 b65d2256850594139f99cec07ec840cc637cd860
SHA256 49954cadac26c35d62b6e02eaff4f7718f5d1e738697329e84e038da0e48ab5a
SHA512 3ca570768b88ae705c67a6572fb5960638f13efed956c9ce3cf18e3caeadcf17bf1655a5c51b91c80703ebb84e24b33eeda318fafa89bc2332fa3253c8aaf6a6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4ef7e2c90ffb91658ab6876c35d22f07
SHA1 a6ec495d99417b33b9959ae51aa975c2b1599b76
SHA256 13dfd4850f3ecc50a397cfc9b8d5ceac8716ba34eb14937fc757faa7c310d85f
SHA512 1b447a3759c413bb08659de97c608977ee381bed5bd1d6bbb1f88e383edcd99833caa8889b288e46439f6839e8b32e8d17c9e0acb59e8555b1849cf1daa82056

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce2fdc8a689f370988f57e159a919e75
SHA1 42e7854b96c49485f1eda0510c9a3d7a7e323663
SHA256 a2ae7585eee1820870660a7d4ae4838d3c63cab386d7d5d9a58a89da94bee415
SHA512 11a8cd987c4e25f6fbe6bc87ae25d2b7f1fd2aa9843f4cd6834af6d3f8ca7148b05ac082c3c754cb0bcc6d1061ec28f53653b78c0ed36e37b909d04f3254e0e1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a0c69b703da530654e3dea1351531b15
SHA1 589a8448c7ad6f67bff5b1362a2c6d5334acaf6b
SHA256 03f9af7f008438b9c046306d493d44d97b6c02ab67eb732f3469403165102b34
SHA512 6c8e293521acf1294d001e2969c964ebe562ea5b7dde3a4a5dca0ab732a1f30096051f5bb4dd0a9f67a8f33954caf6278c4f14ec9bb257b384e534ca550e43a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0afa498fef8cadb6c305762c63ca5a38
SHA1 9cac2a8e51122d992f2aeeb063e4c561a792193e
SHA256 7338a71368c0059562f64ad7e3c6ca07c4e116cc4b63fcd972d4853308d74014
SHA512 21d3237357e22d248580cd99ac24e100e9bb57282e3e856634203d1930887b2f1db15b877455141f9ed2b8cf5405677c952ac6734ac2cbfd9920002d4cd5872d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 34bd7e52801c0cc4bc0885ee2bce139c
SHA1 fbe6a1dde3c63f368812e72f41f633778a4a09c6
SHA256 855c472f684245c955dfa14efe703f33987bd6ce927b0b2eb0fa7b3154ee43a4
SHA512 aa5d3e3b985cbc34d95f622e60576b5c7f2b230692c848c7ef2785427b348dd51bd85ebf175f7a11a44d18f2d3beba93d132c99dd930b7e67de46f258694ec02

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e9fa63648391d894937e6dfd624415af
SHA1 4796746ac90b33a8d5b13357cf783cb4e903c9bb
SHA256 b75d57741238c696a5132a32fb90c2bf968cc3494d46adddffec3f8efe525deb
SHA512 94734b8d720b5da60b29379958e0d62eadadaf647b15ad2678e7e009073e7f336537c0be098d586890c4d9ee982578e00c5217b70f0bf55ac97938fd217d7751

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9b0439144c44696f53fa61c45b65d9d0
SHA1 a6053f0a168ec4e70d057a2a490adeddf89596bb
SHA256 64afc5219363b5a068237447a4efb0e2052dbcdf84a674358dbb5948074666d7
SHA512 529ff035bf198af64f9f2e4c9bd26827329788e7da761ede2b590ebec8b0861b54718c70306fe1462cd971165ffbc02ec0997d39df05cd22fa3fcee7bb4f9944

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 b25251ee2e07bdc8d3a0067d4e8bda01
SHA1 ec0a0946afac6b9c932d64bc55081b1f2785fc63
SHA256 94fbee53bc30f687a6e89ad6a3ff9ed48835bae5e2d4dc0d1ffb0e741671c6a8
SHA512 eec29e7f5685fda361230f86254ca470e1271e5dde9f0ae6dc6e6e5e66bcb62d1699cfab1c2cc0c3ba20bf34286e66ad5854ddb63192ee396955f8ee607e92cb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 313aad840fca247000abb0dfa84d6593
SHA1 cb3c35598ef94384681c96163cd2377fae69ed2d
SHA256 abae8f34d3a47495e4b96075915650057519ca764f28fb8ec7dc5e6f8cd23932
SHA512 4932f835efb38207c7bad23578bca35127c53ee7d91ace66784b166914fbea1413a3ffdc9cd5eac19ded7a63b736b58a7f9c576a934963cef859d13d987ee4e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 589c49f8a8e18ec6998a7a30b4958ebc
SHA1 cd4e0e2a5cb1fd5099ff88daf4f48bdba566332e
SHA256 26d067dbb5e448b16f93a1bb22a2541beb7134b1b3e39903346d10b96022b6b8
SHA512 e73566a037838d1f7db7e9b728eba07db08e079de471baca7c8f863c7af7beb36221e9ff77e0a898ce86d4ef4c36f83fb3af9c35e342061b7a5442ca3b9024d2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 bf5bc35a3170ce2cc78acef23c44b5b6
SHA1 5a316efb40293518bc0313889a5fc36375250279
SHA256 46a61a54108363c88d2723fdd3c88617fff8bf643412a41075b8e20e25a1046e
SHA512 0c8395e6833c698964a6da8a9c0700bd8b09ba06e74c64ead69b160a3c95314b415919dd3c18e719fe1319d5deb6776e81c4feafbc1f0a7d1a76df8d6d88b3da

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 4911648c147c07ddb68ffdabcc8a6f42
SHA1 01e0bcf035d0b0fdddac4117eba4eb3a3567362f
SHA256 cccaa796427ac82540e7c7235f28f88af6a9d5635eedb32fc23d3988766f8239
SHA512 41f904d336f8190faa4ceb18adc16323f8ce9f7e77fc4a1e649fe3f9358ae71e4ea9a848aeac49941ef70a43ffea0cc9a3cce4c99e6e6de20ce309fd9b8a0020

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4a0b598907aaf98d164941bd9c520a30
SHA1 49bc82d39c3bd16f5b483c180dcfdb6caf7ba03d
SHA256 2e3fad175af34f882677a2580a223673cd107b48ae2934ceb12783e9421ad8a9
SHA512 370f708e6b609c260cba4fe648e946b845f5d28eca04ffbcb7495d638e63ae9c21f91e1e93fc7bcdfe51c110b0509c93262c746b4399fbdfc9b9348a07ae1de0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 6e3b7b345253b99df718d4bc118e3c8b
SHA1 15e7cabee66088dab5c0e0085967dbce36664be9
SHA256 e926f539c12ef85c277625ee485cce72656fe5288929dc15d0cd15c90b16d16b
SHA512 f8cf6447c8c984b99a59360d4ef96409f6c0e15a0971fe7eba1769e351adf15bdda4354c751f7109c560897db81dcbd92146adfd3811a495585b8a168d2d6505

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 90d3f98c2fa87e0a8aaee35605dd24c4
SHA1 71a6cd6c5b132bf4ec5cbccd3d7c6ba82d76ad7c
SHA256 d20485439abe4d25cbb3bb7ad563d244c473af07e94e27d5c18e657ea7f678ba
SHA512 c40ea9db24ae027232214184f59cba05d2208835c49c6fd24d38a494f1771ac67d7fad7ede0c20544e0c8cb59676a6b3faef70129d22865c1e96bc4399bd61f8

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 8197c7c58fa7ee50c05bba64b8d545f9
SHA1 4b5169362d2480a339ab465dec0aab361971a456
SHA256 03e0cff20a277897293e489365b863f0261c12f47a798b022b605b00a9f5c64d
SHA512 029a767debee50cb4567dff5c519491fafa7775129754cea8a2ee12d8afd196058d2d40e3d0f9e5b853be3b780e6d9c88ae583d61ae6bfa3e013f30dcdc9012b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 23cdb5609103f16e25c7ec95994799ce
SHA1 1ca9bf93381c83f94beb64e2ae2471b31c9c2166
SHA256 d17ca67eaa7414a99e270941621063451b354a55cea0f1ee82b134bd55325e2b
SHA512 a8c22ef0e809d87a3eecb223bc52fa9a6a7c69288417f3b7007e95765bbfa9512ec854c241a88e845d45e4e846a1624aa192ff5f99df51945b25ed332e8b4601

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 062e7c1da27762c5d1093bc73d0a51cb
SHA1 058f6ceaa4773e19755ef128be1ed432196fc2da
SHA256 72192a537460a9f791536e9c0511848e06251c0de1d1996adcb0c5d24cfacd61
SHA512 d1247d3d0703b59551bd2148e56e240cbd3588c4fbcef3574c01615dfeccbeaa5a1743dda789c46868e8999a115e7ec8354cff1be7d0fd410fa192a00dca9163

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 7f5b7d3b7727fe30249712a67ce7a10c
SHA1 b6974cf32d118bf36c32b8ab5c4626387b7a7632
SHA256 4acec159446eb7376e52913b8fe9e815c9a17dfad758a469132f02c5c4274541
SHA512 fc627de1f4277cde8be9fc98f58c9baddd81b340a4a7fdc9a171b68d9409945bcd15c7011c22f597f7bf271b66b86c9c7a5285303e89684a461cf4cdc20e71dc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 22caf36b3c77f15b59375358343da373
SHA1 8a98c325351c8e0c5793073b886a475719307f1f
SHA256 b7ebb58b4a77abebc8d7e1baebe79d635bec454d537992d33f5518fe3dc776d4
SHA512 875acdfb8d37fd6923b574d816cc3b3b01b52e1786b45b01ec7496281b07295bc01913d56ab2753bbb7d670eaddaf5561f6ad24e06b2bde239e011d02ac1f2ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 dd9f4c548cff52086eeef7da5f069e3f
SHA1 defe400a7b273a1b3f4e9ae6ae59969cda0a94bb
SHA256 cfee552f79c071e150f5b066d38e964135a76eaf9ce4d2c74f51951e6c1c87f6
SHA512 a654b3f3c17e3ae501fc8abb84f2b0cf9a204441a8aa42e21e624da7b8457d3e504e33672ed0abe2f0b9cff97b2d626ab7ad688adf8f23073090876229f56a82

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 60e3f691077715586b918375dd23c6b0
SHA1 476d3eab15649c40c6aebfb6ac2366db50283d1b
SHA256 e91d13722e31f9b06c5df3582cad1ea5b73547ce3dc08b12ed461f095aad48ee
SHA512 d1c146d27bbf19362d6571e2865bb472ce4fe43dc535305615d92d6a2366f98533747a8a70a578d1f00199f716a61ce39fac5cab9dd67e9c044bc49e7343130e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Browser

MD5 a397e5983d4a1619e36143b4d804b870
SHA1 aa135a8cc2469cfd1ef2d7955f027d95be5dfbd4
SHA256 9c70f766d3b84fc2bb298efa37cc9191f28bec336329cc11468cfadbc3b137f4
SHA512 4159ea654152d2810c95648694dd71957c84ea825fcca87b36f7e3282a72b30ef741805c610c5fa847ca186e34bde9c289aaa7b6931c5b257f1d11255cd2a816

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2883a4084522553d6a2082758c9058c3
SHA1 c92fad5d53187e0b0e224f4553a533724562df29
SHA256 3a5b817edf08c7fd6fbd98de624a662800ad3ac0019e829448eb4edcef67a4d7
SHA512 882a70aa0fd115c502db74bff7324e7c270675693bb075f4b778f5b0532567a5af476211ad6e7652d68bfd6e6e8875a81de7ecd65cbacf6a5c67b655b3ffa5c3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 da9996ed9f92d01182e7b948a05cd6a6
SHA1 93b78e9ba2dec687ac3e615d0b8d3d145c5e82c8
SHA256 2046e9a40c5eed097b0230846a4920409ccb813d0b0dbce098df597273d431b4
SHA512 42704e4e1913d649a94254c0e30d83ed8b1105b0a9ae6a8776d5e35add99e5986cc03e8d20da0ba08b7022f7d2f49ba45df7fc3b4a566b93b657dcaa7b010723

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ec5b2c8b282dfd248cd954d4c190f512
SHA1 d6e8b4003565c069c1040a1377d4ed6eeaa5c9b0
SHA256 60235b189942d65841c8fae809bef7716f1c50e5eb4839b4b4744554e93839d2
SHA512 8cb91f36c20e95aab3fb672b17fa58744b54e3771a13d14f0277c3cb16ec4c7d791971b323474b4e7cf350dd52046abc00d0c689e7f8121bc91aef243236c35c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_0

MD5 a8e9efd69cad85e2191060fb10f4da76
SHA1 e568219a4b59c349aa105b4106a826b3e83cdfd7
SHA256 0223e990f9c8e459b5459b34560c7b9593f6aed6adf3bf0ee0c0a2f728d07329
SHA512 48235c209dabf086627ad13db0a23f1be8a7975903106ab2bcdc31b0c13ff14f24e5102d49ede031113941af2613b0aea7609c59cddf49169bc230d5e421c221

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Cache\data_1

MD5 016e70407e91bfa38b71861e72c8d74e
SHA1 351bfaddf95f482489bc83dabc8bfe3d5987ca32
SHA256 5909f0f5ce0b708bbb5621786f53125d7daa8ef8d203ab405b49c4ae26ff261a
SHA512 a267b249ac4841b23d5b2bae50c6657eb21cf197b1922b6ae9175a25d18d070047d5ee0f0befe8fab6c3d0108a91f9270314670883db347e63f89a76e37c0b1a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 8d73e6ca978f703f1a64d4e5a6f93c45
SHA1 70259baed6d56c63c9ca3a658c0500b2246c0f23
SHA256 e20399a23de4cb04761cd777f8c9a797ed9848323e9efad01228ec59071ea171
SHA512 889047d86f7b92256ddbff46ea325acf3949df2ff7c9a9e827c0afb67696135db7732129505ecb7ac1bb4b212c137e5de3dba59e2d4ab6e8066a8e183871f677

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 1d316a33e032c0b9d36d87c8ba0cc1d4
SHA1 3eb9097c8d1ab6faf2a0b0427a08204aa1932459
SHA256 945c207500197cbe8b39b29243204c94534fe654b7ef017aa0aea8f74e621ba0
SHA512 4bb15f5c302ec8f19ee4872b68cf0b4076825ecf8073bb01508e0ce7f6ac2736b3ac800ae8fdf8ff4f9d523c0412b80f9c17fc43ccb801f65e6e194cc4feadae

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ca51b5ade27b3151b806fa5cc3ae7a9b
SHA1 3bb23e997033453fca0d8bb28a08b0d03cb95d8d
SHA256 965c4cae0cdc0d6678c305fbee2492841e7e2f09b61eaefca50e5c7fc655f7a2
SHA512 cbaa7b2b5059f7e5ecf31bac7da0d382cf70c96fbb345d1686bf239d2c16d39222b0a224f49a2f0d64e2af2623cf417ac8ac58ed792460965f7906b208d89f7a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fc07782af686988e3dd5a478fdc3d2d6
SHA1 cf4a8c8db90b69999068306033cf3d37e7076f37
SHA256 3c0de3c0074bf95eaf1a53fcbeff91c622e691839b64d3d48814d24805d42937
SHA512 e5005b6170f1b049d6753e4732533515bbbe42fbca1e3ed3294b3f0e33d2495952739a1f897e38573ae9ce13fcd28b41f5e91ddf462e37ff7b016e5f225bcb7a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 ab6ab31fbc80601ffb8ed2de18f4e3d3
SHA1 983df2e897edf98f32988ea814e1b97adfc01a01
SHA256 eaab30ed3bde0318e208d83e6b0701b3ee9eb6b11da2d9fbab1552e8e4ce88f8
SHA512 41b42e6ab664319d68d86ce94a6db73789b2e34cba9b0c02d55dfb0816af654b02284aa3bfd9ae4f1a10e920087615b750fb2c54e9b3f646f721afb9a0d1aea3

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 0630e88d52e0e81cc485a46cace24a66
SHA1 d8c63594c5efd3676070e6b05c098b46660023f3
SHA256 1d5b5745103b96c3833c5a33cdd95ba3c4c24aefa4957171a4d1090bccf318b2
SHA512 c4ff2f8a6aef2bade3a5da80c8b45ef7e141711edc4919395523f734cec4502e0f4f88de432ac5e64fe443cbb655ba3e6891b0be0d4141e0c4b6799450839e54

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 1c25e3d37710bd9a075d2109df831172
SHA1 6f25216a340e9109112d8bec26cfab2d22e35809
SHA256 0af07fa50911ed62b8aae315d5f2b55253d7be8b0ffd555906138d2b33331805
SHA512 ef9f1c406cbb76c4a36ed378ae0335a5752c3044fc9d8c4aaa2ed9d99425b6d2bd3d6a0a5a89c8a6fc7f3f27e9b43de926b0f43693a74ebf821b32cc4be679ee

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a1de09c838b7820a003453fbaaa7b57f
SHA1 7c183167ff637d48a4437f1b4ac8ea00381c9ec2
SHA256 5ab1972391f65e5175c32659199c7c7ad7e76cc8319d8273a23de5af80913344
SHA512 3b77d06616de0dc86abc46ae114924542e158760b94672cc863cf30cdfb4cf759e979bfbba3cccd57c31849b1cb3035ba7030dac2c35802319bfde1e6bc48df9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 94ee37f0a081c72404f8d87778e82653
SHA1 e43c54c9f7d2f142524c535b441f50a8656d1219
SHA256 42191301579fd819f435f032632acd84e4a82c3575a4de621beb4a3d46d17a06
SHA512 fb53fef706887482db3cf4278649c8f7777ee3fce9156c9947c07efea87f250a955d83ccb1f3badc6a0120500081fece5f735a2bd5db95f9f3f2d27305fa79a2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 473eb52ab70f8b32fb7cce38b3795d3a
SHA1 1e74bb7c53b64b12f4e000a575434edb8e524c3b
SHA256 a788b9fdda5a12df60618f9c8246291a03997aaf3c71118b197f64de2f180c90
SHA512 7ab2cd2f2a54f020c534d1de9e69a50d31b9a700276b8df48ea1c99316e3fc4c8896681c93c8fbca1efb17a99b8fab6d2728d26499a958305a5e1a969f45813f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 0b699f0746e3c11f57a33b07039a0f8c
SHA1 fc0d8a0c8de8045fc39e828dbdde2b9586ee2c47
SHA256 a1822a3c730d96ecb0cd934afaff0d68cf64eae3083d6e39fac4fae1f1627191
SHA512 2b73a6c46ff5975d657ec127734b61d657b59aa48c7be24e913146898dfb76053cb1f59bba00dd8c91276df93ac9584f11de6aa78e3e99d61dbfde827c7ad7bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 ebc863bd1c035289fe8190da28b400bc
SHA1 1e63d5bda5f389ce1692da89776e8a51fa12be13
SHA256 61657118abc562d70c10cbea1e8c92fab3a92739f5445033e813c3511688c625
SHA512 f21506feeed984486121a09c1d43d4825ec1ec87f8977fa8c9cd4ff7fe15a49f74dc1b874293409bd309006c7bbc81e1c4bcba8d297c5875ca009b02e6d2b7be

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 4d0a67211a253a9723ed97d18a3a5675
SHA1 35c2edf5b9202e166f985818d9c5b1ae273f4399
SHA256 ece918f69e772e91501441fb15e69f5cc1c5ce1217605768c6b797c19c634dbd
SHA512 911c8af80b0815d4f5eea2a6e45fd5c9bd0f9c8c9a511d53e98812d89e4c4d5048c04e23de072eb73525865003183fddb55c4870012f9f65762816f28d798942

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 c2c396b065df0e5fd7b4b8f95a1cc554
SHA1 59578a8489a2200b4b065df497a87714c78aef22
SHA256 9b1170eefa33d1c7e898de902a28e54fc83e5a4054d2f1e1748200f59fb896ec
SHA512 df2d07ec78276392a72346952fe9ffd2253975f3f6c7971272b27e9f2e2b86711adcc4217968dfd28d42b5d8b5d89f09cc5238c613d9057e2120487b640894cd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_0

MD5 ee9082353696c739b7f6bf2e70786ddc
SHA1 e38df7eea283fa0b0556c823fbbb20f6abdffd67
SHA256 55c60f81dd5a0932035902e5dc0e12b7a8c2adea883bc5ce4d0f043455017345
SHA512 e494671b2d920d5864334598c1c2875340de16e37ec438fc1380abcf6b317d0084e7cd8d72e27b82913c88a3b2245df8a1958753ba3a76eedcd0932244fd96e5

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\GrShaderCache\GPUCache\data_1

MD5 964259beaa05371c8208eef945a3d67c
SHA1 798a6ed635d84b82ef88a20cf6183374f93aa1cc
SHA256 a2842fda159437d37468da796b6d2253e7dee74222b36787e49f0f5cffaa8d29
SHA512 e8951c58a0cfd7e6dd8996126e882d386f2795db589c4594b90ff8bf8a36017b81bca57046bcc3966247e54d06af562add850ab03591d03293d0d169359ee818

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c84336fce0cd8970bf1610b22197e052
SHA1 6f363d708d416c8b4eaca268ae2f07ab317cfdb4
SHA256 05b5570483dc94fed6a0e0faa98d34e5cbbc56211aa1d0acdcc399130bcfbb1d
SHA512 7633bd4f7ce8194d6800a43588772fb4a9403fcf2565304a3f4cbcf6c53ef11d027eda22e632854c9178fb6c69e48ecb6b792569e21136941a935337ff29b38d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 994ddc0131aed5c5b297979ecba75c30
SHA1 0f497b51fe0fe59fc7e29b210be0ddf0b6d9e415
SHA256 03841feb0c20df099920cfcd9d84a53ecb7b791807cd3066dac2e1fbc9b465be
SHA512 7f2c3a886b1c0f552d319db5cca0ae291b3b4054636090c075ab7a00b18098ff47701cbb39e6e39de80953258bd67909ab30a3a87e82e6e11631c6c7310246b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 5228155749ec5e1814ef8a8abb78ca4e
SHA1 5d72c54fd43ec4e64e9c9fbd91585eb377558575
SHA256 43f487448c17468800864308cd4a939a9c8b3199f79f2ff799b5592e6855388e
SHA512 d1204e93652eb991128c04fee5cb270fd8b2b311d00b5b9c92e74db5bbc7a9c8cceccf72120e57da22cee3aa42a06fe6eb0fa6834de519225fd1c8301054e44f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d72e4266ef5b71337c752d81267546d2
SHA1 fec2d5ce42d838e2bb5e749d83bbe77dfa25342c
SHA256 ab27c24daa3021be8888667b47bfcaa170a44ec4662643de438b21d01b14cdc6
SHA512 8c3cb74908b2ce83ac67101adefc302f09624f5eae38d41528bdde4d9cf43cfb0ae5fd7bf82b6566ee46b24b9352dfed771914b187778419f0c17aa420df4aa6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sessions\Tabs_13365983364410329

MD5 bd883694eca59ca3f9c02fea4c12c733
SHA1 bc3ef5773347fdadfe02faa7a7304da60d8e8c0a
SHA256 cb97789eb7ea96fe3609a93d874cffb14ad58517260bab221ee0a2e6b7cf2f0a
SHA512 e35760a9803d8c3185a537930adec9ba8a32ce7bdc8f50e56e2cbf3e248ca832a36474af16e02ff258f644ef4e4bbd6477b3b1a53fda1923e5228ea95151ca96

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\0a50cd7a-0920-40f1-8261-2abc00c7b1e6.tmp

MD5 4dd0f470eaf8ae4f7a8e050c90e8faf6
SHA1 c617a8b76f5c2f9221a21c349cf998f83f7ee8f7
SHA256 a735d96d795b9bc4afbc2cf7093c383206b3866c5202fb10e758f4245de75f37
SHA512 a9188312d45437619978c2c9f48349f435bf88131bd9e2a69558761ecb37d2c883132df49090aed89aeb506ef45f797bd0568ffd042fde8250dc6979668fde89

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1b1cb7628ddf7402d2e35ee982683e92
SHA1 3494b773006ff9af7dfb6a17bb7dcbe712098646
SHA256 3700a10f47337d4d4a2067efd19888c98e16c6669349cdbe4ce95c981d87db6c
SHA512 53b4081bda66acc21207735e8ebbfcf4f15b1d3093cc63bba0d791b672f5a7db5c9084e9bdf17d123c280634bc13b7c94b0e88d687354dbc7b04fc9d5a2fffca

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 2652306efaa399e65c7bde1b425a901d
SHA1 bf19d30be5ed33a5f9bba9cbc5fcc0c761176c9a
SHA256 3c110a8e21f992ee8201b1576bcb4a99f21bca3cdf605c093cfa5a5c97a98b36
SHA512 06867e6fb77dbc1e339624fa1fe467db0815d0fbf88851ba32433347444f41d5fde2189be4a61d37526bf15fd0e4078bb0303598555033dd22f62e7327a06c37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 035c6d873de279956a1eaa6f76a497e3
SHA1 d96abe46dab0e9ea8f11a04b87dbe1329efd67e9
SHA256 3dcd4e7a6a4e0e9618fd9248e131e9de30bb257c33b7d9543dfc7d0a3b7fddcb
SHA512 2c2d56a550676d6b9b94deeb050a99dcecd3d5d259dc77d9af580112c7f88d1013ad8cbb0ad96dbfc16ec71da9507cdbfc3020ec7e3b6e262359436c76daf323

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 af772f44603959776594d9635ca5804c
SHA1 5d713b990f180645fba47ca4d25c2c5748617912
SHA256 157c9a80b9134646b3f44816eaec00d22232358d33f969a25957dfb6c53245e6
SHA512 ceddcfa3586d045d633394298934b2db17b450ec2fc41fada1ee130cc490d57cc4746d35986f0639347027ac1e41bfe2eb4c1426c851def10b4767e81f6b961c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fffb5fdab9b25e697c2aff303678b189
SHA1 f7ad152a6a95e87b2ed022eebda2f3f1600bf0f9
SHA256 c40ae951dc3cac756842531e71c00400684619d464ca58e6d4f533fd87906f8a
SHA512 3da57f4b5c5b679c2ebc4e8b7533aa8ac17b1164cd9817596e96a084973968afd77faea49e61bec40bdf1932abc97efb5abfe4f2467d830f815b86457ef5aa90

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 b6a461e992b2ca76e776446291fec57f
SHA1 92136317142f0d5c3506070a5b490a263507bfd2
SHA256 5dad8b355576af5df19f19abbec3c4d562e915088c2a9a2f645f67af222dd91a
SHA512 f3ea70727c3eb9b0c0fc5a9ddf38789903b87f3c4132ac34cc5feb140db69e7d957a99f242015639d70353ca731f802ba05d25fd3d1521a38687b41c36e08ec2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 76bfaec7ae00da91a900443773f93bf8
SHA1 02e19be50ea60570356947bd70449eb34ff286d0
SHA256 55b3f624ed65f07d7dc85a5df85c3ec99de1a4539828455c3d8545bfecab6b57
SHA512 69631351e552a6027f39fc0803e2e9b718ae1e8d06ac031354b4abbcc1cac0a5e5dc17c68fba0dac1ae3f9dff77f04b19a77d8b20c161af06c5a67dbba8fa5fc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4ebd7c22b29fd306853f7b1f51dfc49f
SHA1 5f492f2cc84cfc035565855ee0171fee332195f2
SHA256 c3698510348cceaa614591a8769a756fcaa0f5159723cb75a45e06ff6f283beb
SHA512 f22a8c5f573e6110e181fa224498fc66c9b622f610e53ce9bdab2765ed30632a947c98145856c60ac9ee7b8b63f71ecef1264801acc0039e86e13bc48067cf34

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 edd71dd3bade6cd69ff623e1ccf7012d
SHA1 ead82c5dd1d2025d4cd81ea0c859414fbd136c8d
SHA256 befea596b4676ccf7cc37ea8048044bfa0556c8931d76fdeeb693d20264e50d6
SHA512 7fa9b9ef95db0ce461de821f0dec1be8147095680b7879bad3c5752692294f94ebc202b85577b5abac9aeaf48371595dd61792786a43c0bd9b36c9fc3752669d

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 07aa421ead838368e77fda39e57781a2
SHA1 397dd72fbe01d83d92cff18fe81e7dfb2f6a1eac
SHA256 52d8bbc94c2ae1244994c05080b1ef32f2725cd9ef188ef7b3b3c45ab06bc69c
SHA512 3597c300a069ea58593e88a2217057a670dd229157578d1a5d5a81b527d30eef2e7aae0774e8aee895f2f9d7ebf8fb7ca60ab9e5325fca4bc1e6b704a9789f62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 0177984c8f6faef7c867863335e6f636
SHA1 95d40ab97b09f49c1b50a263f64d2ee07f7e469c
SHA256 fd5975f0e6bf7543536c3eabdc606f78e1a3ec7b4ad7580c2aca77e6e0ec65ef
SHA512 7d63cc28f5a9bcb4b9b0c9d16218bea4d6518a14d5318f31c19d5f9a5de1ac84162a98a28d1793952d8c50b8006ece946c32cc211afd3f10d3a13d3cff0bad45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 56084a4ca82aa41fb551972e3f88644f
SHA1 0d899d0a0769222c88150f8bf77209862fd690e1
SHA256 3b24c6f254c69dbdea8423687ea2c90f7be14e0a715472ec179ce35ec33d9892
SHA512 d5b03f3370e648dff4d9954d66dd9ab35617040dfda40b1e8f7066ecc4c657c96496966ff3037e705a5350ae4d2191d8f119ed7e039226d6298b0705430c3b25

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 296c7b5e790c16bef3f32736f6e1db59
SHA1 3f8be050297564ec842d41099455a17f1c461f34
SHA256 9103cff31a456460cad667197e60a5f34e824555b7170c4e251b3615139fcac3
SHA512 226a87c98534dc53865eb42a500ce0368c6175dd34a36785262fcfc090f0a4d9ff53df00ca8298bae9e6cbd1a37420db2bcc00dbe399c331cce77909dcb87e09

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 970ba955aa68a62fbc8c88425a26d155
SHA1 34fb97873bb708b0075b0121dac58e4e99d49ebc
SHA256 3991bc291f90d71fba70ab124d64afdcb11d8adb3e040a2c34b15e05006957e0
SHA512 d325ad9ab44f3d679dcc85b0ab2dd407e91f6b99eea3e23747e274c4713bf9522ddffb8df8646413acfc816ab883ae59011089f3aa9477591121439e11d644ee

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 d5c6c342cc20616af8f1c890678591d7
SHA1 50b1ddf4a08f413eb59c36c2c8eb474cc269a8cc
SHA256 c4c27543ccc631803f410073de4f6b029e3df5ed8375fe9253d7950994cb6805
SHA512 8f9fe224e311a3604eadfb76989c1802ef92cc2117dd2ef3a737a43b7c8e9de223d0a2278eb2f9df228238ea2d92e54e26976bd29eeead3c2d5efb4c1276d3f7

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 bb2ddd845c605c020c6f77e6d3164205
SHA1 2e8175838f7ad843061e742a6dc3c19acd118da3
SHA256 5207b8e4f77f2558a8f65383856ee564b036006a300dd4072c12955fae9fb7bb
SHA512 5622d7de35d1e3f55a4fbb5101ae8bfa452b693a0b9934f2ffc7374a32edffc74241b5d6ae1326755a661bc5278bdae2bb5f470ac969dff87fefbbaaa6b12d30

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 904754a73eb4f8a75410a92b2b7a920c
SHA1 208f9e70a93742e8ca1f5e2537690172971209be
SHA256 c3225bb8babf9823a2daf2bccae0cafc5d3e0857c5f24187dc004f1b2560b4db
SHA512 cb251f3f6679b9f339c3697f64ed056ae53caf22aedbf37fb57dfe47e8c0e95f295cb180c342e415bc540a9332c0aa9253af7fd2ac17b3e80ad94bcf2cf29469

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 185ed58fe75a44c0389b22cdd84dcefc
SHA1 c20f8f506c96345120bbfd51b430862893dbf8c2
SHA256 dca19f6efb54c794892a9eba53164fa73d00beac2cfd09accdf226069e0e8175
SHA512 e5a66aa9adddd95a718652d59f8aa121a8cc4de36a97403f60ebc825458f545c8bf2274a550a207c06891b1304582ca67822cca9049e98b5de7d2033862098b1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 d8577fd8dd7efb90d6de3d01bc47dfc5
SHA1 13eb3dc9ab2da8d65632144a45b707591e4f8755
SHA256 20fe4617b589de584400a476267e528c79e0c93a47a856263773972c5a106a30
SHA512 9ef1c27a2cc584755d977ddb6d1377fa8c02183abdfb1722344c45cc45a04548a66e7b51e4486d16a8ef9253ac968258de53a73f70e3eac428702e5cfce7920c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 4c1df9a7bfe2b40e2c350196edb2b9ce
SHA1 7ae609c2d01135a83933e70f3024f38260787ba6
SHA256 7883e30b2dc6e0a4b9ca90ee3f397e30597ba368d68fe907fe282cf5a02e66ab
SHA512 87e26cb79fbd601d3352035200748c0d48db6fd1691818bf4bc918740726a321ef57c37555d2bfa2dc665939c7c7658eeb6f6eca6ca6e2011807d6c6747ff94a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 96577b24bea4802a03dd13949fb50761
SHA1 99fe47de6e55264b6582907a55fa2af39dd631c1
SHA256 2ae2b575645bc7c9e63f0d2b57138e1c5226d09267545d7e2aac8a880a9b5a90
SHA512 6109f7a0dc48bc046d37fe7b156cb8542512dd6e366846657cb13e438bd3826813fe0cd4d6a5a8f7a6e85d2efc4ae98ce371ebaa0e55fd81be7c55ad7d2e677e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f13aa4c35479b44adba2c82ae95828bc
SHA1 99799393721aef2ba6d5555218a1b491d57a20e1
SHA256 53426b697553ce3f90fe18e203d50bacff97f7122ff0a6cba75d005af61117a3
SHA512 b626242a70feb56a0bdc95aeb4fac4cc90a410a83fa350e9952e2be405a82f7bbd6a6852842b626a4b3c7fb7ac058bbb2fb523664632feded9b2bc6f636d3fd2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 acb7381198eae7f4426843688fbd692e
SHA1 21801b519a21da71f696df50635b42069fa9833c
SHA256 e0a3b1118d9ccb1415f0cd31e7dd45fb706363eff5d97d0527e330874aff1bd9
SHA512 ca3ce4bad7e9f9d78abdbcf0ca4cfc484675ef33baf510f8b9918736733e7d5f545f72f3e5ba0c31b5e9cff425343fbbd1a562c9c89b338ab6ab8b931c303832

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 ae558864a550dfbf581e8c6f27d9ba14
SHA1 b3a617caa9f6990bb9f1dafd2e16c78cfba0d381
SHA256 d4b8dff044ef4a59fd153a782bb16ba4ca5983b2e1dae238a740dc0db4e7308d
SHA512 4d76097526d41c9713f10d08cea8b9243d97705ff06de53484245c1e311619c1730ca1c21a7c3726a0c3082f21f9f5d487e0fca0bd165b999144e0627c4f984d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 99dcf35a954c161017b3226d84ad8fbc
SHA1 8cd9ee4ef46d2b803302799f702e5629c196ccb0
SHA256 d56a6a55f4b390ce5f7953dbaac55c3930419f885b258c88020f3c5f29803c17
SHA512 1cb600e225c8cdc960790a811f2c516c5758d404c12e72afac947421530178f4a77cd6e8313be48fa394c12fa8cc872f1be9eebf559b621533ae358c668fb1bc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 a874f3e3462932a0c15ed8f780124fc5
SHA1 966f837f42bca5cac2357cff705b83d68245a2c2
SHA256 01bd196d6a114691ec642082ebf6591765c0168d4098a0cd834869bd11c8b87d
SHA512 382716d6fc0791ca0ccfa1efba318cff92532e04038e9b9aa4c27447ac2cac26c79da8ee7dbafae63278df240f0a8cab5efea2ee34eef2e54e884784147e6d00

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 17f5ef661f2b240926fcbec3e3169a75
SHA1 9185cf74d20ac07df2b817c0441970b14d7a6fd0
SHA256 7bc31c79332d89d9f875ea1fc6182a57023b8d335d7ade0adc6587f47672390c
SHA512 c681b34f0af08bac6e3a660d0ce590527e6d8f78bcc682fb240d0e3995aaa82bc9be6ff7f34e5c2b80c98d038f6ed790c5c47189405e963d5c7f675dfcc507d0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3fb89ebcc6870a73be3379d9bb61fc0a
SHA1 096e71ce7b50ea2df84c70067db5522763de65dc
SHA256 fa50754561e22f6157cbb87052a17f7e6e8d2080426c9234e9d1a1f190cdb4ab
SHA512 c79483964bf7e38b7935e2946d70e31e2e1cb8594e52922d7f2356e2bb1e7b3014ee3771b589b11be084041f6b61f2c8e3b4b81f8098826b563e9cafdcb600ab

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 73067ee6bc485fe9d6ec4867808badc0
SHA1 246498e495b7248b90a64a517e0ffd62e86ce32f
SHA256 e4d6bbf85232ac37dd6019c8d0370a3c7b1180058da936d390fe9c85a0e00aa0
SHA512 52b400bd9d2cf40acc3a8993b2c71dc8c9d3b5bd0e24e466cbf4c0662953fcfe2070f67f5d3a44f210a1f4d280a23588f2f7279e36edcbf8c1d8b3bed1cdd343

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7215ca2082ea861f4278db13f528e184
SHA1 5d7f5597f9209d608d619833a4e885d4d62eb3a5
SHA256 9ace43374a0d30eabc12e5f01c171a6c7b43b89d17dffd22002fe9d4eb2b0ffd
SHA512 0acf8fccc03cd891a92f2ec5bba65f36eb0a7bb2ead911ac83016b685e795fceac9674f160802cbc3137385e2ef1a3a5e6c07d463362d8ccc9a1dc6696046c13

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 46a72fcd3b7d27178663fe539d3c3207
SHA1 05e9c5d02d49825f199b2c08ffe5cf470b604f8d
SHA256 4ba7ab56b71c716e3d3f94694bf096e0ad120185b3a088d8ae684e18096df078
SHA512 893a9baf3af1d905f9fdadc3bb3efcedb1913e7abb8295ff80d7cdd6cfc61602adcb31c5015b1d3a80e2b6bd251402453271a230de542366ed6d43d8892e2fd7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 74635d1d51bd2d8054e2edddcf80d734
SHA1 9ccd199c0528487c1ca8f3e30cd8a542d1b0b16d
SHA256 65ae720f14541c205d1667589efe2d1980b6cdb841e60a66800c20b8b8aa5d45
SHA512 240e4ea9cd002fab3f73351afdc3b7b3e164be8eb5b0612f4e5c00a19d37ca169d0154842157853570a4905e95a5c42320d85329e3b41d059844bb5a956db3cf

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 9c3b8442f833ad6d1e6dbe424d1ada2f
SHA1 434d4c5a97ecdd00904d0864ef803e7b8a6dd5ae
SHA256 d9884567e7385a6fcd06f9da936e9ea10192e764b1afda2e79fdabcee9a8762d
SHA512 2d1a0a0b9f658d0689a7a40ebca8c0d93b823776fc5c80ec5b8330f550543eaa7ab839711cae7a1f4ffdf1a3a522a144c6448445f7dea2c61f6c47b948ab8074

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 efcec5e61b6f5c95dfb0a88bf399bdac
SHA1 923b1d7c0f6231e7b80172bdcede98f3ea5c3854
SHA256 8e59eef06868f6e1d7a3949b485361cf52aa6acf3b77f3f966e20369ebc4baef
SHA512 8a54edde2abc795e2e3e90b8c5e791b45fe1b03607dc6059be6cd7944891596dbfcbf615b6340ba5a5fa927287b05aaf732b7e047742454f0ba06561b8c670c6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\load_statistics.db

MD5 4bda777a0b4554d2130dc949ae7738ba
SHA1 97fbdbf89419f28c9eb164bf793bac6bb6748340
SHA256 f5115ad6b8de98b8923bb78ec24164c81d034758fe46288d481b6e23904755ef
SHA512 a914d469bb27b4b97e87a950e6cd71c54287254854fda3d1e9ec9489d09165d0e80b102e3eb262fccc1ebdbe5396ffb88a15f1ad310e75004e18ac74ccdc0508

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 fbf581965c78d7cdb7aaec072e597380
SHA1 d4c57db08a209506c3ad7af87519fe2c11578c3a
SHA256 6fbdf6efee2c99ddc5d59940b2b5f3df58edbc149564832c7967e175f4efe72d
SHA512 d26c75f7c21d2516e60f5395f1bc2b9542cd2efa374cb2e57e2c799c9448afd7a6e07253916cff70dbcbde62a51cf2665aeb992a6b0c3731b2ea7c8f65748fcc

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3d50a830233422fd60f71f22e04c76fb
SHA1 6efb8de850061452dd8e56309e108f6f63e209c0
SHA256 3882b853b04046cb4f82100d8692b695e1fe1a20dbeebe789eac7bc7229c01a0
SHA512 ec7f47111213968454aa62c1d6107b82279dfa4d78fa2254f4a3f58bf542565182551137b87093ca51f48ea83732aeadbd0ced34685b21503b7b6166ec2a936f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a0818c8e2460d13e79bb9862c6f735b
SHA1 b49aff321aeb000ce63eced4efe1c372d39721e3
SHA256 18c0d0ddb5f7e5dfb64a6e9723e5920ead60421e9c6ad577a35bf049b4b90035
SHA512 6e6764f8828db633a462e9827cb730829b260a6ec7f060561ab411e232e22103514291c2001ea7cbd857c901a4ac89b9bf0f160f060c0789cfb825e101d903fa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 87211d6285e7dd1d67f3d1ba0575ddc2
SHA1 9bf1bcb6f0554d27abcdeb149679669c0302aa86
SHA256 1ffc0b968faedceac3874559fa7004314697b64f44b7caecf5976e25cfceef2e
SHA512 b6571172c4aef8336533af67f240d15bd14f323c21d161c2424b34e99f4ef62f3a71f5e56de6e00e1bed34e3037134ccf17ba1002fdb2646de8c1d1b84ca5e30

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 01bc1e2d4e8fb3d7336f290a394f9c12
SHA1 f1005ba44a8b6b657b7b01e6e183793ab3355ca8
SHA256 8a06f0577b13750390a3ad4f452fe65d68d9b05c921cfa3210d0d2c6a3c9e47c
SHA512 30074c7b71ded04320e3f699e39f3f8f7cb5e8b918d09a712eb78b54f27432b84be79150bea4bb7776df1814cd3b8e05c1517144b34dc623effa005ba5d1cc98

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fd9707ed7d6d6d0705dd878336bf1e6d
SHA1 dfb22eceaee90ceb5faa5d8266c78fd13455572d
SHA256 188cfd36f34d9dc5652c694c161a87d07c5cbcc36f8e5570d1552b982a8f0c89
SHA512 53e2d92669c0c5f475d894d47b382bcf823dc03554a666c76b608a1986c92b732d30c0c6cfeebc2989bb85abb3fa6e0d73694128d09915dca359725976970d8d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 caecec6fb6d6cc923213af6cb71d8ec7
SHA1 fb6571d37aebc78316613d005bc48a7e358b1341
SHA256 a1c2e57dc7f91661145704153d928db6d0207e66b945f4d5138fa8f4c5b71c09
SHA512 2dc742333ac37780fc0d6fcc391f2fae28fb0350bfc0b4d8b52bd9a619f43ba3ed9bb9c9147a191fa0749490047c61b864abc3a4c81c3b1a5dd6183e7373ac98

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 754b89d92c7c62d31cd0b96da9a8cf45
SHA1 cfe2484b5fb76c6050dae881a03e340dd5c0af45
SHA256 f5b489229e9314e8faa9f7f7100e1540c26baa6e1f4d77d363c8e4bc6b651120
SHA512 38ea69089ae0b2ca208db08f4abfe3da14454f495fc0232585adecc063b5e01cc25daa01077b0d3412d1acbd5e3f57079b81cdb451f9a3e3dcc2604f30d5b4b0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 70e7e1eb0090246eea25886248325cb7
SHA1 f69411c39db24b6ca4166c8da9c48592ec4a98ec
SHA256 1e67bcb40af15c9dc51da310ca8e5aac20048e7627f4bf0d9fcb09611d83eab2
SHA512 43d8394d7d31c4bf636f99e32957decb3129a33f5e8bfbd3b4cd705e5f1e33126cb859d9fb79af83793e1de5fcd78210619abaadd098a576f1dd29cd0a5691d6

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\data_reduction_proxy_leveldb\CURRENT

MD5 6671db8c02f3c234bc5b756619a0ed77
SHA1 ff451a14cdd61df48cce4448f118377af77da143
SHA256 f7858098c26ef2a143b0e7cafbc03040c3c1c3185f446517108a7bdd2a6d9c4d
SHA512 1c6182196ec6086d5316c741f974e6ec4efcedc3eb835ade8df2762d2ff245f055c05ed95e06fea3e04fe3a08e9582846cf2588c31fd69fc4978440039604ba1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b9ef4c897350b12a0e2f57d28835aa00
SHA1 1ffaf4614b1fc7ae76b3a557f7a5a7066e3def72
SHA256 e40ebaaca9be71541fdc4ef92ba23166ddb734c7c2a5503a575fee3ae51073ed
SHA512 9fbec544a96effb2911ab280da89d368f8e4ae1b35f5b8620a10bcb4a996ff6eca2662719daa55074ea0cc2b8750a73b29eb268856c695f08180b9b3718b1484

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 a3700119b8c93eaa4bfa4e534cd7ac84
SHA1 2ea01ae23fab6bbf9f1ece46ed67c2d35af757ed
SHA256 b59536a52b5fe1fd5e1a6dfc8e5443498aaa1823596b262871ec15ea293dcc3c
SHA512 6916e255adf48811a97307ecb1c6572357a81481927a3e1933beb7af3e00e4df0ecd8220523797f51c86b34a7ba7bef657780dcd8f699a861140037c140ce651

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 7ecc8610aa6e23bb75b1688585efbc49
SHA1 2aa71ef6de2fd062c9fbb39ba8065b8efc0ab519
SHA256 893a10f24d15cd3a419ac5522a1ce6e27a3bbd57e0c0b4ab09e097421e22556b
SHA512 dece0cb634845ee3daebd3b7d21871996b725a23c4272bee14a516b613f26b0483f6d624dfbb38cfe4b1fca5ec190b78766d5e00743253b22c0bea47d34d2700

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c27231ca9bf2d8bee913c81953344cf7
SHA1 5cabb1e17d65ac8169f1ae02e0cc66b2630cdf73
SHA256 a89d595ee87af574025122e729c29d75c0fc47eed283caebbcacfc532941709b
SHA512 2d50d402c8ce05ab784fb5f3d2b0a7f672794b624be2e861d37bdea31020f8f8c57ad71c23942dee7b109cfb441c734ccee3b3e9890519854b4043bd2626bdf9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 ff55c6fa9c749e4ebf48f58b5bcf8261
SHA1 dbe6504ab85a51a7b08a48eaae8913988de5430f
SHA256 a1cd004ec03dc96a5c526f467eebcc1720b02a31ad87005b9f552f002cc60dbb
SHA512 07a3e68ebe632648e4dbb2c65214c349431253cee1b58f5553301570ea6bc13139e9369af0327fe1a0ee9197a5ca6456ecf95d7c01f0244e94816b53d8e474b2

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 6d02421249e5c20760da9c1a9981c05d
SHA1 120b6790a4c11f0f4d472fc1d0b3350e2c8383e7
SHA256 66b8254b6afa4e1fae84c7d51ebe5634609461f33eda51e909b2d03fffc0da3b
SHA512 06c2ed1657c8a90f5a561ef4fbf62dede813dc545d4546bb1a62af496266920d5f8f54a6768535ff6f00e29c9dc7a40eb7197879169f30344fe910130c06bf62

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 98f95d45bac9617eaaac0dfe41671dfe
SHA1 1ef8b9065a22ddb0cc25e734e2c4958ca3998311
SHA256 2803e1a21d809c089950a21d02af187ff47132cf05d6e9b7ca1676101d55389e
SHA512 8b45bf66ca158f6f9cb273c54fb8eb6b7f87d5e8627404e7657ef9398608d2f57a49cbca766851e264c2ae5b0a664fb5c0ba53daf8667943b85bac9ec680f269

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b00d58d0bd58b3bdca5feb6aafcb6488
SHA1 18a0dd412a61ed12b0d31ab004e141c2ae63c07c
SHA256 cd4359e6063c756aedadc13af15c3bb52942f232daac1f46e825b11581e605a4
SHA512 4e6af9628ab98d162f46ea81ca63b153d0912b3879956055c604ba69eeea729da465bcefc26c5bee3c088d6b13e67016fda0da59b3a7cd2c60ca9c8259e6c70e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 58106e71c413ec731fac5447c7743dc0
SHA1 f93fe242d3a0a42e2a7a6d1eabf05865cba6cc2b
SHA256 7aefbac1e96ca95092b5c5da5392dd90b3afad5b49c88cd6c49644e85f106f47
SHA512 7995c30489e40770541c40fa50853d7014d4305624d9eca151ec36a580eccaecfe43d209a85506bfc0b84ec20e293c803e6398a9355f7e4ac38a87d3e306fb0f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a8bde01d9661791b50f744f7cfca119
SHA1 1bc809cf3f8d3c4c3230b83dd9af7cf7c0e19cd9
SHA256 327dadea4788c1d8ef1c5e87b345a7f5b3b629f61c34e8462970cadcacad4c16
SHA512 a2210effc6e64417178841d58d37291e64fdd4dd9076da79071bcb7f292eb4c1c9abb7a3edb6dd2ec725ad3da95603999b5f36701c159311aef22ea12e5c796a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3bf5c89ef2b2897a1d478f36f892eccb
SHA1 1290559eb1681a31f5e429d33cba570bec2b12a2
SHA256 0ecc37ef28c7cdad3ef2d401184139cd9409abb515a5f2220a140dfe5c993bc7
SHA512 e319b4aec7b85b8c573ee0dc630e4fa73fb9d338dd781b4a07729b629316ab05efdbc04e2f98b131bdfdbed027f8446d736e20e44e6c622086389ca3a33740f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 590e06c5626cf4b5aac73f7ddcc0de2e
SHA1 6b9b1f8819dd60e55075aec0bba64a1bd7191a5a
SHA256 1c50fa6408588d2bf00d91388c1fde0346f68dc9cfd2232a2105c6a0473df100
SHA512 7909b3b9794afdd76705bddd18bcd7444741c25d5881ae5185a76b71e5aff084e943f836e2e5967effaacdca89cdc0d19913d9e5c7fb9c6ad76a0ae4149d9d2f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ef80ded08b03531aa7037d447e63d1bc
SHA1 3433cb8cc3ba533eea4454cb154abcb17064ad23
SHA256 5a0d46e7f5e1589d8821f35e8324062c124dc3ddbf9d1095a1dd9a67d6236725
SHA512 701079625640ff07c302194aec7f95d31a1e896fbed4627c5aae501d780432422fc2f2040560346a9c9da2a82f07889f82cebc3cc24ac3473bae47862f84950a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000061

MD5 c594a826934b9505d591d0f7a7df80b7
SHA1 c04b8637e686f71f3fc46a29a86346ba9b04ae18
SHA256 e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610
SHA512 04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2c1be59177651ddd458a61088478a2fc
SHA1 50f705f2819fec83e090e977f66ebf4c1b4f7765
SHA256 016a80e748ede44070c169edf591e55931581d10b2da525e299e9919eb5b6b57
SHA512 27df8a3b89004f4f563cf020f350ca72d6475ec34848129cd3dfd94eab2cb9b97b890d2ae7b2ac0085420d091202b79a1b4149fbf89795e16f9d60d2a5216669

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 1879be7a41569bcb838945674dc0a845
SHA1 a2394dc1297effe3a05f2921257532bfdd8c77c8
SHA256 eeaff1f16d53aaeca0d0af47d5dd4099b91a279b2a04beafa1f49a4927e0d100
SHA512 7180d832f8b1841a665f8f9d755649bf685114444b8ef5769b5c5e4e3c4dce8a7d8c1b5d12749524c5387f725a202bac82ef9cac9c91e46d2a2937a9065bfe15

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 039107ef1d2e335eb208b6addd376611
SHA1 6b82c7fec3f337d633992e90ee1c1e6faeec89d7
SHA256 18463a3342f1cf70b127ef1aebe3c954e6700885e9a5e21813afc1f3e1fdf25b
SHA512 f1047ed0b7329b279d16a1607c62273704b2b033c1b4f973afe4c0fe77fdc4d13d3c3cadd33a848e0d8139addf366cf889303335be195bddf724218dfce113d1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 214ec1cbe33636ff6191156d1872bb41
SHA1 fb78ee4c32fd74d717c13419c19f9edb7e98a41a
SHA256 b0451d3100a10c7e6aec1641a77d4b1f4201d28a51364de2f90b3782a140fb73
SHA512 47004c2eab6d1144e37e635e0e685c54807def29eac66f4f1fea05b8940400fe93cce02223a4bda5f16e496a8ce82b5d043c226aaba0cf06943791c6111711f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3db2c5c9dd72f950676d7430d6b7d806
SHA1 92df458d71b57fd46a64f3d55c78dbbac3c731e5
SHA256 71ec8f1dc6dbefe57f558674e0ba7b0d4dea6ab16c0f478b3d2274bf5994d0a5
SHA512 5b16c424db5b3b2143defd23816f353c7edea790127f2781c5a4d492ffbf373fa41804acffcb787bb4099f38ffb97257ad9f4b549db43900ce2855ed49ac4116

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 4ddc7c5317a598e9eca1316cd1e6e7a6
SHA1 f6768cab16111a56654e510932c5be96cd070b18
SHA256 5808d99439998b3152173b6e13a34c9442dd11637846408c0c69015456fe1aaa
SHA512 cd3290e4c07c6c16a5dc02ca85a175869e46caff4139eacde62a4137ef3a9b2d17483d728e9b2dfc9177627eb8fbe3c557190de72d1f4f65191ec4f079cc4db2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ef18073ce3a0072238d54061ac257ba4
SHA1 9a417d37442e41244a36bba02be842d1c0aa1823
SHA256 8a0cb9c1767a89fbbfde84f7dc9b9bc6db1980abd6d5502270afdbfad015a38a
SHA512 6917d8f9689442d88925db1c71428c7ec2a826f8e3b95a47680d46e8040fc4b1529082726f6b34ad4dddc39b5f401fdfc9dffdd05c8a0ec5799556b5e31dfd35

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2c1ad4645a6579f03463fa4540ad0120
SHA1 1290f2216fc99515e26ab301857c74429abb4100
SHA256 19f08fdf09312ee74f85a81007a7b20266d928b6ac06f36e16740469f0cbf82f
SHA512 6999cf7fcb881604a83eba531d30043bc3858ad2a5c84d4426c28be38113f61d4f503a6b8e1102a0887e93e1be57359353b8d1755754e4acbefa81cb49ff044b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 8c4ec76b5e4e40896e60617722cba61f
SHA1 9929857f88a9f14ff72f7fd266ba6113a3925850
SHA256 e0a4602d0f108218f9f44e5f42d99bf2fb481bea3a57b4abf4d838a3371086e3
SHA512 950e5dba2062d4960c8d6c9987dd601606062b8942e7911bd9018dddfe027aecd1c65c8ad733453226c8569072e0b3ae80339e2cf9c0fb8c04577bb4d6dd7be8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 996040f3c2ad04e2c8f83bb9720d1a1b
SHA1 df25a5323f30a8d879ce05cfd1d873661e8e8041
SHA256 1a281891c624b98a24ee59faa480e729935685c40a4b729182b43ef53e4c0ef1
SHA512 c9011944091fa5bb10294e8045c6c3cba0f7ca06acaee227d734b7667dd0111ac6c2a3f9acdcf3dda0e174d176ea18044aafba336443a32ada223f41c6bc7736

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 624a0c0db55b3292feb1f210f60e3b59
SHA1 9d1d417918a8212e38cbe6d4eddce850fca32a54
SHA256 a8dd746e38bd94800b6f400cefd0fa9eb0ac28349a8b02d32f1cccdf33d1d4db
SHA512 f4e67c3a7836af1f6b3a994018af671f02941dbc18c9d6e7dcb4ee2e4cb91150c90787d5d35b8e0aa4e135a179de4849a33c2afe55295eef8f9bcd42cf983379

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7234cfe5ab0a9a042d6be26a9695471b
SHA1 5e3c503344c7c3e5fc03be69c4ba97e244b0492f
SHA256 6c9cbfe2533316449645a00237160d6aec7d62aabc0df64684091355c26f1a72
SHA512 3edf71b72784d27db06f26a2869abf835e95a0010529a3835ccb6c113af78ce4cce87f75f00b5539c5717622bf1d92324b9f752b724d123a51ba0abcb90a3320

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8a4e19a5e52f9d9d6d7af40754a00d30
SHA1 4b188d18679821afb585e04bd6148020c294b8e7
SHA256 b5151504a7e12e0ee39de0948c0be998311079ada98295f9305e1fc3138fbf37
SHA512 19e3c529d221b5ac8165fa6573383732e241aa4cfa3a6f79172c9593ec42474aa20b77e91f8b5cd61955707adbb2d23acce24759c50903b291ce109b88edeb01

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 91c04eccc2c0cb596d54722f40eb6e58
SHA1 597ae105c285ef5092120e09d225ad1447ac1ac8
SHA256 04388e8f0ad655fefc90e133dae62eb3e8ef3eaa70291de06c91063e683f3835
SHA512 2b147bc984cccdfe5931b14ed8eda5930bbd1b12ab4ea42add8f9e6e9d73f94bf3da7c6e0c975aa62ebae2051271b62d6c17edc39003106fd962543c5939e6f5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 5263804c098ad9ccb331b26e92c5c700
SHA1 0aaa5a24433ae796e2dde0188a30216556b4ab86
SHA256 3cc75f747488cdd05850b3a118978f7c25a640e0e30c6ecf8cd7879b7251941b
SHA512 a7e2de488703d1530b90c749a43176f69f0b5d36e963b74225620b258cb3bbe1c1cbaabb9e58f2f3fc83e33781ee712ce93062ee2ee0489d65f95fbc9823244a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 556d7733368e420d371fe45b5f0282bb
SHA1 55d82480fbe4dece9fa0e88b351ac6e591ce6001
SHA256 b8d79b1c0f7fe7d20cc03efde01b4cbb754ff67f3c477b10dca199315900be36
SHA512 4166a3587693e3d2b63c0ea93215cced2926df601833270f0a11c66a1b262365559a1c97e9af9fe4f74682b405b0518eaf840d535c39cca6bd5eebf4219e2888

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 98f951c2ea076735c5c89faaaeaa24a4
SHA1 96b86b3f2eebc97d14d720b0179bcd78de022802
SHA256 6505811ac4b37e5f002001ff2245c209e608c25fb242a529a9a7ac66a4096123
SHA512 7cb43954d102568b7f161988493c7efde11a55daab763a8b24d9e918ab6a3d3c99b646b46c6292feac02ed45c0481006f9d13053da4187ff23576d9e88f6334b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 162161ed8c56bce40de62627850db550
SHA1 b4588b3e5c91528dc541d1c5947e874e7e4ce0fc
SHA256 f83e60fc3e76af7583e65fce4017fadbb18c75dca7b9f10440451595ffcef68e
SHA512 0286362aeebe2f6d08d8f2d8f1fb4beaab69254fd44269e7c1f3344ab09590da22c1e77d9e59941719415e2ca5ef4e2c9955f6d8224376bb018f9ca1c9fae45e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 82f6c56448efa1f0b2ec825db0319873
SHA1 b8b8e6ce8eac887447122fafc820348546f67422
SHA256 ec816f7358ad1e4b3bcf9cf727258e0437c5d0899327609106d4716a2a4d49a5
SHA512 4cf63194c5a4d787e2340fbcaa517ba6fcb798f148badd2382e911303427d7a85426f03b00130ace8752bbab7b437192974c4eb7f4d0b0e6f5d7ed1d09949769

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 6acbdc6746aeabf364917c9dcc8bb5f4
SHA1 5f14ec0001456eada5f12a172d027eb049b73448
SHA256 b5e0644aae33da0e3e10e3e852b282f04ae249cf79df920e0cab87ddad2c2224
SHA512 4610a42000733fec79cc3468dd4fc80dd169bddc8be9008ef893d2e805388bd2748aca1cd69fd832a86c7f57836eca19aff9b59e4beaea6987e7079a7aec0af1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3a1022bf9d666190c5237b59ea86e11c
SHA1 88224c9d47740d76c9c4418b7b263fbc67c077e6
SHA256 96e6dda9c5ca011e48a753aaa6077ceb5b6af6cf1c9743d343dc0d0605cf57a4
SHA512 c43e9737dcbc8b6367a35d736bb739a41155b1e15d469580fe7fac2d089d7cce07f8346681bb0cfa0049ec6a00e3b1f941d9a828121a7e97ecce8cba0287e746

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a191b21dacde4182e16c438e6b24bfa0
SHA1 4f65d6a358c463f55ec2d24b33c44825150e62bd
SHA256 45d39bbfdea2df2ecc4354e83beffae94b6e53da89a6a4753d1f85792c30142c
SHA512 be980975d2b740c56f7f4b22507c760ebfb6be59fc2ad6ba7cefacb7c862a7f253bbd25f2bd3d9d607000336a027ad394f70b424dabcfdb4bc10f354c3201abc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 43b96c09e4e3fddaae7c4df034b1d54a
SHA1 e6f3de61769369cde4002b3da7d61fb1af02ccbf
SHA256 c3e9c7055ebde5e989fc679a0f7ab8146f11e6222265cf35e7b25152818350f3
SHA512 df5df092ec51479838ff33af22ea9644e79d7144222e67c44c91af8db4a889d5a1ab36ce544216027fc5e1791ab022888a9bd3d880aa8957f592fc64f9028e72

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 87f270a75e112fe20de5ba40995445f6
SHA1 3dde3a14acba1286437ffb911be96b0cfdd60bf4
SHA256 c41f5cebcd3fbebca8af591a1c7226e915068d312d3f69e2b0617bcb70eaca41
SHA512 90a7751f95a86db87e5fbb0238b540b166edfb48cb7d9c4916621e1f09ff124d39c0dd04581530a8cee4ce9303cc2920a3044c6d5ac50cb93d1d7bb2c79dbb7b

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 bb4e513e858f38983282a3b63e956f00
SHA1 846f8e40457a76023b9a9cee6d93329a54614649
SHA256 5319620afa5f5478635f5712cc5f4f8485877ed7098ee0837827e096e9319f55
SHA512 2d6396b456fef88f7a6446166880b1172e7f59e56f2a65cbf35cbb213740ff6d10604e907de3b7a125936730568fb6a7b931e03191a86e9f60f306c6e7a70300

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 05ae233a3e85cb866066e3ef40a05194
SHA1 014c47259b873d07288f4fbac9430463c1120fe1
SHA256 069e6c4b418020958e44a8603c993ef8ed783ede4f0e449bf65a3ff391701d44
SHA512 b952f40c54375aac7823d802abb711e2c76b64197b7bec0ed7faefc68359ea57383366c29b5e6dcd775da0530f9ac7092bf9e2c43794e1726196c58c118da76e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7e81a188439cadaf57d013b077ac751c
SHA1 9a6f480f9fabaa47b568ead5d07332a005fb4998
SHA256 5cc729354047bc2aa7630edc8e16101551161da500252f79e37ee825e3d5d067
SHA512 2b2e9ae1b5d41f9f6841427e4415442adebfca5788cb56499d1d57b4092b9506408497f617bf9513acfdd340bf85ebcebfb903ea7e1e95e864f39d007c2d32c8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 b738d222848304312a5a9699c502d2a9
SHA1 ea822f409e260590e75ac41975bd32167c9678cf
SHA256 e3116a06d3745cc10e45d01ba50bb223fcc746f8b9a991a423e41fa256096567
SHA512 7ec2dbef5a87d4b4fff189127cbc820af4d2125c38ab562c310dd9cf61bff02ce3d1751ff5286e5f06dd76bfee946d2a1cbf63ea655466154879f8ac833bd17c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b0b4a9feca0e689c9af0c19b9c9e562f
SHA1 01679971130e54ead62bb20aedd75a5affbc431f
SHA256 dda7d1e2fb69c21f9faab9bf19e1b2c9cb547af582813bded99c9213a751d19a
SHA512 8c52f6b78fe21aec14d5128286a0089848a9638f82857adccbc9da3944ae71de3e824dd91d53997b13199462c1f1b16890d9e12d4b7db1760ef98ead00ad4776

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 be2cac483b42c219db25a1ca556640cb
SHA1 ba9398b3b52823167466718a792152aaf346790f
SHA256 7134fcf7325d02a30ed3c55741baae9f891da8eedb6f7f685938789b032dc693
SHA512 7538e9f315eaa5461ecc064ec50e6135e4a7014ca2616f6b906f4a6cf199e56a2f7d0d8bf62d416aed353664e3a20a8cc36087dc99f3b0b64f5364085228c033

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 60a7ebcc437f0f6f9fd570c1fc35f9d7
SHA1 dc34814d4381598663ebca40652ab01f52ebd739
SHA256 99fa2a456e1d7621dce99a375454affe7d0b7855e556bbbf6447516d2ca448c1
SHA512 a359db09e547f28779a47b2b244befd86305b7ec6f99fb3a82b2ad7a78294ea348aa28171eff2120946d451fd071f672c8bac7695ce6b0e83d4e61a600c319be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 ef8aa60334da39405ae62b916d70a766
SHA1 205d569fa068ca8327433137156f404a40c7fa58
SHA256 a3118a623268b4a18980a8f515ef2f054972922e3cd9fdab54f7fbe653cdfceb
SHA512 717395703ad76ab987558aba851db3c3a3e27b7261b840ca0e27687a6727232d67894798620d76c986dcb2f05ac27559b80765b7f8f33420684a8d584f3722ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cace9fa58a813c6da36cf36b9e2478e7
SHA1 df9240776c4a7c62e8f0af3e0aaf9e8e6d869dc6
SHA256 0ef9adf1ea6929d71ca2edb83af758c1c3f4adaf00b5341f19e16cbc65cacd39
SHA512 1f0d8e69a8ad21f117e332896f7f278c710b68646306556642a9d975b662587d934a366e25f34c25df0e712819c7cbc5bf00a71c3581306dd4ec777716a71521

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 c9f323a954bde3b2394c2ae094c30414
SHA1 6490f4ffd594d1ac3745eb38d718e53f01864e72
SHA256 42143bbb1a039c026650c7e318c103cf8d3b3650457cf8d761b69b5c966a57db
SHA512 e3a215d7c140382c14fdf12e99bbbd0d69778d99f837383cfda5faeccbcd3f4ad41b72de8cf3dc7fda8c846fddf39a8ae4df82e1192d8068c77eef6a2d41705e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6fed82c0f37065e6ea54b19b76028d46
SHA1 c1d0461dd4d1727fe8b76b89487f3073bcd6b6a5
SHA256 a1a174a9737431fcaf73d328ec7c0c439f32198b86fee6b9be80aa5692aff4b9
SHA512 80367f40e50adc276653eaca0ced8fa5ac0d6b258acf4f2deafa353017afe17106baf154c2309484702dc72af3be3a552e486a88eff0599814c2b60605faab85

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 efdc68cef91772830e97d63a95ebca1a
SHA1 83198ee17a6f40808da2e0aed114dc7e809f4cb7
SHA256 2d3e8c682d1ddcefeb3f99db2267fd178a081c43d1da7e7fd0710d93d212f211
SHA512 af7d6239d563e3f237a932bd2da6e463d04baa06df295194ea6686301a6497340fd2a225a9efd14e4f75c57a612b7f0415e52deb7e33aef315f9effd7ec50a84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\temp-index

MD5 7fc83fa0f4e9e55cec93afb2e577e6b1
SHA1 f4c2c8861d2139fcafc3330ff6f8117f79b2f84f
SHA256 a9eb5931bdd8d39d80bb85efa3473cc60daf88d284845b1a19388b88e9ab3d80
SHA512 d4fd3ea91029d34fd6de769a46bb114865c4ac531372c6fe2126b414a6e036e0ecb362f1e50c54f2a420dc803ebad7cb4826402174e0d5719b08a4f85e63e116

C:\Users\Admin\AppData\Roaming\Microsoft\Windows\Recent\CustomDestinations\5d696d521de238c3.customDestinations-ms

MD5 cb45fd002ee04b740bbe50b3beb21863
SHA1 13016e5336f8de017cb263fba2c40ae23f005d68
SHA256 efa80c2e355c1e218fb91b61616e09a0a9b5875fadda0d040101758c9b9b3348
SHA512 67b9f32375a1c52fc2dc6e8b92b043509f738a216a1783e494f30c85258d374c019a27b7721e6cc3e2a570ff303b74ef7c7f25442883ee6d1287df6538b4b582

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3c7fd1d7d334f33e8b9959724288e44d
SHA1 e067f1861f020380b518250aff1e4460fbd538b7
SHA256 8cbce8fde209080f44adc4f8669e3788d2dff3b4690210b44fc9b36f190f9697
SHA512 41ec198a50f9a501c25ebf5b47684fa84a7328c477b2ddea2b57a1c294bf25d1348c9444e9b343524b5c849f3a90b37a4a4667173e91ec171147562047d158f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b1a97c6f24c641475baf2b4c975a7530
SHA1 7c5c9187e1aeeb093362373c1ce8e16ea44df96d
SHA256 c877b2f6fa567b119c9d450a0add07a8f4c046c46a8e1b3e905227135630a391
SHA512 77bcf1ff67d025ed0e8e7c0147daa9c7968004c2a46100d0cae82382851c56899229edf2b3a4b4938b5ca7d90658cd555d91041e681cf335cc5ed53fe3b0682f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 29b5e7ace97353e0c883091262e1dc57
SHA1 ef9989469b773efb50e91868dbec5e38144e716c
SHA256 312e10385d7894d3fcd000d8476092622ff7429fc732f57b55a3ae2dbac7ff5e
SHA512 d3fa5eb4de548c8cda95fe7d1f3167b7741063bc570228ecdb4e32df7beadab5fed38b62f7308d1b886f2320fc891e6cfa30c715313b5fd266c57f239f57a375

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 074026f95ac23ab1fa34bb94874f9627
SHA1 72c0d784c850582ca102016d7a27672c961d22f7
SHA256 61ca13890208e15ba14b460061dea41983a257ecbf76ffcca208ea30420cc24f
SHA512 6efa23939bd209a641f880c4237d68a45f061264c9a73e98b26507260398d69167d5ac0d203209bbd4e48e0395d8023c913737bc17464ac7e6ebf56e290949b9

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 a8854b11a90ad111be0a2aec599b1798
SHA1 b15122d1d39e6256b3da160ea25b98a52566627c
SHA256 5800033137fcf08e3f5c966db9e9f9ceb390618beb072507a8ca082f1a09b556
SHA512 3f3550fdb229ba9ca57193a1783847ffc26dabbcfa66b67878443727e7096e67494b18bec7caaef2e34e85935c4861fd4ce303d34f53553d350df63246c9acb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a73e428ba709293a444473361c5f2266
SHA1 2073d5b7f21625ae54c42234b3761a67c218335b
SHA256 85bb90a4801a4f9af690a49a45e92546ae18dcb3f4022579f3e7da607961e7e1
SHA512 43c8ff22a3545760a7c661716f537f77d18db24ef7f75b9893314062c0de67121a82cb6ea0a660f5d04ba3aa22a17322328172e1a185460d9d9a9f7375f8480d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 a5d302e4052ec3e0e53124edc0178368
SHA1 0358b781468d11ed4c5b13d37f7bf8a210f92b3c
SHA256 04c4dca0acde95f30ab4e39a401bb57a9432fd539f974237f5940c4c1d03cddb
SHA512 b8ba50b05fe1ba35bf216d7f5233e1325c838e1d35557a1df82c585dcfaa9b01a70ebb3dcb733f643ff2718fb7c7feb045809866158fec73293775dd016015b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 feec8d12a4559443cce75b46cbc3b5a8
SHA1 985a717f446419ac11c9f8165e65d9a73a4fee13
SHA256 b0a027747e3e9a395b5614be9b970dc7af65dbfcdbffdcb64d08852b1de11843
SHA512 2486c0e435a5dd09f0ceadcc9ef6f909be86e995c3f4ad34d4be06f93f409d289daefa2e3b0dc8738e0d957f822fefff40249af53b1fb9ff25df6dacfd22a2c2