Malware Analysis Report

2025-01-19 04:42

Sample ID 240807-rejg7asgpb
Target https://iscdoc.wimi.pro/shared/#/file/dc1e15d5dbca4d36a9cf906d9b2f4c6b4e336937331edb94e3f4e0f9bc261de1
Tags
microsoft discovery link pdf phishing
score
6/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
6/10

Threat Level: Shows suspicious behavior

The file https://iscdoc.wimi.pro/shared/#/file/dc1e15d5dbca4d36a9cf906d9b2f4c6b4e336937331edb94e3f4e0f9bc261de1 was found to be: Shows suspicious behavior.

Malicious Activity Summary

microsoft discovery link pdf phishing

Network Share Discovery

Detected potential entity reuse from brand microsoft.

Drops file in System32 directory

HTTP links in PDF interactive object

Drops file in Windows directory

Browser Information Discovery

Suspicious use of FindShellTrayWindow

Suspicious use of AdjustPrivilegeToken

Suspicious use of SendNotifyMessage

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious behavior: EnumeratesProcesses

Modifies data under HKEY_USERS

Suspicious use of WriteProcessMemory

Enumerates system info in registry

NTFS ADS

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-07 14:06

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-07 14:06

Reported

2024-08-07 14:11

Platform

win11-20240802-en

Max time kernel

299s

Max time network

299s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://iscdoc.wimi.pro/shared/#/file/dc1e15d5dbca4d36a9cf906d9b2f4c6b4e336937331edb94e3f4e0f9bc261de1

Signatures

Network Share Discovery

discovery

Detected potential entity reuse from brand microsoft.

phishing microsoft

Drops file in System32 directory

Description Indicator Process Target
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

HTTP links in PDF interactive object

pdf link
Description Indicator Process Target
N/A N/A N/A N/A

Browser Information Discovery

discovery

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133675131930449093" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Ondrive-Review Document.pdf:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2496 wrote to memory of 4828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4828 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4576 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 1088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 1088 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2496 wrote to memory of 4524 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://iscdoc.wimi.pro/shared/#/file/dc1e15d5dbca4d36a9cf906d9b2f4c6b4e336937331edb94e3f4e0f9bc261de1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7ffcf293cc40,0x7ffcf293cc4c,0x7ffcf293cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1788,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1784 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2060,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2072 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2136,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2248 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3056,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3140 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3064,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3164 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4808,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4816 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4364,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4952 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --field-trial-handle=4832,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5100 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --extension-process --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=5284,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5304 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --pdf-renderer --lang=en-US --js-flags=--jitless --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=5476,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3488 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5272,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5656 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5436,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5300 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=4988,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5400 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=5524,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5688 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=212,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3212 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5408,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3152 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=5484,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3252 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5372,i,10021897252525013998,14701027559164946795,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4360 /prefetch:8

Network

Country Destination Domain Proto
US 8.8.8.8:53 iscdoc.wimi.pro udp
FR 45.94.124.194:443 cdn.wimi.pro tcp
FR 45.94.124.194:443 cdn.wimi.pro tcp
FR 45.94.124.194:443 cdn.wimi.pro tcp
FR 45.94.124.194:443 cdn.wimi.pro tcp
FR 45.94.124.194:443 cdn.wimi.pro tcp
FR 45.94.124.194:443 cdn.wimi.pro tcp
FR 45.94.124.194:443 cdn.wimi.pro tcp
FR 45.94.124.194:443 cdn.wimi.pro tcp
US 8.8.8.8:53 194.124.94.45.in-addr.arpa udp
FR 45.94.124.194:443 cdn.wimi.pro tcp
FR 45.94.124.194:443 cdn.wimi.pro tcp
FR 45.94.124.194:443 cdn.wimi.pro tcp
FR 45.94.124.195:443 api.files.wimi.pro tcp
FR 45.94.124.195:443 api.files.wimi.pro tcp
N/A 224.0.0.251:5353 udp
US 172.67.166.190:443 f3dc6ad0.2ec37e06c0784e9c7afd712f.workers.dev tcp
US 172.67.166.190:443 f3dc6ad0.2ec37e06c0784e9c7afd712f.workers.dev tcp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 104.18.95.41:443 challenges.cloudflare.com udp
US 104.18.95.41:443 challenges.cloudflare.com tcp
US 104.18.95.41:443 challenges.cloudflare.com udp
US 172.67.166.190:443 f3dc6ad0.2ec37e06c0784e9c7afd712f.workers.dev udp
US 104.21.56.221:443 msn-n.com tcp
US 104.21.56.221:443 msn-n.com udp
US 74.50.80.130:443 docagreementdomc.info tcp
US 74.50.80.130:443 docagreementdomc.info tcp
GB 2.16.153.145:80 r11.i.lencr.org tcp
US 74.50.80.130:443 docagreementdomc.info udp
US 74.50.80.130:443 docagreementdomc.info tcp
US 74.50.80.130:443 docagreementdomc.info tcp
US 74.50.80.130:443 docagreementdomc.info tcp
US 74.50.80.130:443 docagreementdomc.info tcp
US 13.107.253.64:443 aadcdn.msauth.net tcp
US 74.50.80.130:443 docagreementdomc.info tcp
US 74.50.80.130:443 docagreementdomc.info tcp
US 74.50.80.130:443 docagreementdomc.info tcp
GB 52.97.212.98:443 outlook.office365.com tcp
US 74.50.80.130:443 docagreementdomc.info tcp
US 74.50.80.130:443 docagreementdomc.info tcp
US 74.50.80.130:443 docagreementdomc.info tcp
US 74.50.80.130:443 docagreementdomc.info tcp
US 74.50.80.130:443 docagreementdomc.info tcp
US 74.50.80.130:443 docagreementdomc.info tcp
IT 2.18.254.184:443 r4.res.office365.com tcp
US 74.50.80.130:443 docagreementdomc.info tcp
US 8.8.8.8:53 98.212.97.52.in-addr.arpa udp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 dec0c20fc368132cee705ee2b8d76d34
SHA1 a0eadfe713ad1ae2623342d6fd66c4be44a8844f
SHA256 0cbf6a0177b12bc9eac596e0f00f461bb619014fa8947f612bce3d9ef2d146b1
SHA512 516da911b00c40db5bcba41372b7c57ba4c2bc301f9cc27e5074ef32e308d4e21a3d8f8ce25541e854be0864bb4ec6cee363603d83396253167c2e60059f2aa7

\??\pipe\crashpad_2496_XETHEQUNRETOUGCK

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 a05ae024fc38e7ab3e578d246236ad9d
SHA1 9fac5124748911b56f4511dcae7194a0ce835753
SHA256 55ea1c17874c3a4f5cf4a79052fa9f15e9c769ff1b4e811485e9b39e824d81d9
SHA512 1f8a327718ab70ea942ddc9d4bc34c27d5c6d07e7412e7295482ae927bcc5eaca45efc41276115b96923bbaa4a6ae2d8410943fa572b72c20e38193ca0aadbe0

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d32fec9df5a7dccffcc447b1274e0793
SHA1 ea0ea1253991b75bd1402b496df57076fadc53eb
SHA256 ca5e27af0b8475d62a8ff516320282430decffe90ddb937839519f27d1cb9faa
SHA512 ff39f85f21646225ed17d31ffbd2d4c16e4a28b6ae037b6fdcfbc54cb5cab203db45208f2ec6f5a2bb8a80ca6f2f6c679cb95eac650dc2b2d5186c5c34f12228

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bfe7e6755591a1f03830a0744593df8b
SHA1 e2600bc2c972dbda03cc92da0acb885bdbde6179
SHA256 3d8afab2f6192ae6f610d325365baaaec3c813c710aa18e3fda9cae1dd778df1
SHA512 45e26fb41c030765ea3b8c3afee2f6aa90b61ea09a800edf3ccc57c81a1ef648788349033564ccf4ad6e59a050373b0bd8cf279f217961f8606ec15454b185e5

C:\Users\Admin\Downloads\Ondrive-Review Document.pdf:Zone.Identifier

MD5 d25c51a123669a9d33ee3041b3042c25
SHA1 3cb47d4a6ba0d6e5f35e9c7df81d3ec81fc260f0
SHA256 e6ffb8f6638656522f126d1c7766f0db3f48d052d9a92b2a46096592e0e484e4
SHA512 bcc234820c94650b7c92cd16026febb93bbc5fc9677e5d40809359b1cf47af4f04a527fec239b0f8f13e28e4626b291c2f679778835ae0a44ebdd5fad8977c1e

C:\Users\Admin\Downloads\Ondrive-Review Document.pdf

MD5 861c3823faa83638784d554057c3c1f8
SHA1 512db52879970ad66193908a641dc2586f5aa655
SHA256 33e1290dd32400b1dbf3a790bcac480e376c87892a59d793e119d4d54e666ad1
SHA512 f80634fc23e6ee85e4b336710e56e2195ea49cabf9ad513e440321d3168d921dae02aec0527b28c8b5d5ab2b5bdbce0f9830c3e81495c5d3f2d546a549ff3a84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a7037688a374b11a0e96d526c46e6d44
SHA1 92b88df894db7894720f63307313beec3a9c9482
SHA256 02657c45a0bacddbbd29e8131355941d5ae01d3af4ffef1ae0de46aea1f73a54
SHA512 f061c2929382debd16b3e5baefaf50ca496d3f23ee43ea4c7a962957ba4c611383899e80b88f5c3a020aa92f20a2a488804a4f4b09721915453dc3285070505e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d74e1b8157e36fe90817b6d20eca28f7
SHA1 0fe201ed8f869f15c2a95cd5d94ea3e630770df8
SHA256 690c082f5bb337f495baf6887f5371c1df9ca5078032425240f21acc21627e97
SHA512 04ef3a9178cb8ace54bb250f42e17e838d43f74e1e7953a5f382ef25d1b2ead0604ac7e57ab67b3e07d50e00174319560c412ba7a4dad306cf4bd603290a6a50

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 41ea71245fcba64c3ad5b84b868820ad
SHA1 3708e98ff45d9ba233f044fa4b4ffc2b8d664477
SHA256 1f94cda59175eb488177c22ad4da1bd64ef8745a16d532671c3928969cc02719
SHA512 8a08c38d332fb18e8b805e4d4011d4d797d511635a6f1f05fb55f296d794e84de3a5eb0374012ef67e738b82b4afab0cc74ea296c846633f585af36680a70866

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 392dd604362d3e6ebccaab3e8a5685a7
SHA1 c93bf21393d6d3bdc24fdf2bb8c74cc2f7672b91
SHA256 a0d396e2d224902904bd22a9faf27945f817585a91df0dd425d1034293bdc162
SHA512 fbf10161a0ef7bc9d4eb49c8a20c4d02d009d73d1c3456c25ce30993986a8bfbf2747a5949069a2bdeac34b35ac2676dcdd0f152b32ad1790aac9751129a82b5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\index-dir\the-real-index

MD5 37a7616c509844006a4867df2759f778
SHA1 a8a169b2605a1817af663edb8794cf1e7af232dc
SHA256 2e8d04398039f402dbc23b90cc8d67774f78c812b578bc7a920fc284d7213503
SHA512 ccbe86a0d12dbdd2207aba82cb5c4d54acd68b49c497f7c53261716d580b38c3acec2b7be5554f920c85b32dbd544714004c8afa7d296debb7af00730f3d9e52

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 9e538ea75de3e3d7b09b8f1929bff273
SHA1 af15cb0c0f2d505844b1483dd1e045f567fa32ff
SHA256 c004c42058ebccb15c39d1d10fa153a8fd497100d4f4e1820167a6917f086a4e
SHA512 ccd0cb0f9a0285c5aae2d594120b121456785041d9defc8a7d9c3a122a724b370d8a5d07887bbf56162995450aa3aa934c62e955e8976cc6bcfda7de43f8a69c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 170abab2b00de500d5711b0d06ee20bc
SHA1 ced17c3bf690cbb34019df2df0e756d80a527be2
SHA256 bc9183601896c9f352b1725a6380b738165ab0f0fee21104ec96129f6f3c4d01
SHA512 24a5e3e7d30942c1447b409be13e3773ac664c616cc3941d6e06f947f091ee0f65254217eafbb886e2858154c92b1c7da6b9a7e4ec92496736bd85f770fb573b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0c21966d90d5212090554c8cc061e570
SHA1 23d00a293f38fbe820f28e255515aee38bea32c6
SHA256 b5e36abbd8eedb82fec4e79d83708281ddd50b219bd52df1b012aee5af9a8db4
SHA512 e361cdd1d3b7d1637dde656217f56f5f48e8b61d6594898bd1bb2d1bf66899125f1cb67679a853048809f3aaaebc5a6d1543a901b5a12065aaf9211fefc045aa

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a7223825e6f0a3d4a55ea6ca9072716b
SHA1 778c37586a59cb2b38905c5714ff65c470fc3cac
SHA256 91f453a67260cf56b492e4054513a9bfc47d39ce5420733503ff7eb9a379ee34
SHA512 77085d0f44983fd0313084ae49f518090e1808fd8d4f1d06e3e9aea5f1303f95eb993adc9a53633f42135b0bcb09aee9cefa32bf4648525357ed3998f75c8ef6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 e5cbfa368c659ca90756945b31f15a2d
SHA1 5c5d1f3483cdc5d148f6d9c46e83da0dab18a05f
SHA256 1a2e2acdd5ef4e0dd697507ab194a6ed2e5029b473e7fb10f3f5f910f3e3c7ac
SHA512 df4f047860801401cdbdbdca0bbcf665ac0f07d5435ac9f4151c37d81a44bbef9f2b90fa170fdb09a197d488d8aad0d32824e735dfa2fcdac3523a2db6ffffff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 60c19953163c5636ec2b623eee16ef29
SHA1 7e0b43025869cf2dcb419660851933aa1f311a7a
SHA256 5828ac5c5f14e7b88c3e3dc829579786af6031281c47a2781163a699341b25f7
SHA512 c455a8a83a120e119e780a6a88e2a4f1724bfd5c562b490363c84fee4f183e200cf7dafdbbc17368ae13de8967e33ec87fa39a7b9e9c6f1de11c414a957a707a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 306111985d2fd3586738d09a81c3ff79
SHA1 6f9a9772032a63ea0eb51d1eeb7208122c761e01
SHA256 b9951e9730dc353d408a5b78d568030b3f9dc66e5a83b55882b95ef148b2f4c4
SHA512 a08b19e5f89beda24425fef952fe56e44526540b67200d629dc2fa9145f23fb61def49a8b83b407a837c71c00892ae8287b20baebc817aba4664073ef8047c60

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1b0690729b58efbeed20b7cc547eb3ed
SHA1 f9f3bdb07b53921436362840cd00c49d5175db0c
SHA256 e3220aaa786ff8635b2584414baf7db5994b88538be8ba559781cef35e10c82c
SHA512 004adb26fcde14c5c61207db806668af475a2c184dad839f483bdfab7d26adf8211959745aa9c8dbcccaf10aceeec26fc42403adf8858c799b7abcc04558b2d3

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 86bee5dee03ebfb6a8ea843bf687e628
SHA1 7e5cbd84e4184c4256feed34b2eb75a031294f1c
SHA256 e61961fe5326c4d3b1365cd99a7df03f7a99bfa2a5c6f0aed4228535d2f521fe
SHA512 a37c471fdcc3f1966bb3cd463753c17526c191cc11b85a39b791cacb7a963c657ff04b023f698048f01ad5de2224f1a9e221607f4aacf1af61864a7c25fd2a1e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1930d5d84963f7485c19988c7a535d27
SHA1 55b7c994d30b5912871d20a8729da43903cd5d3f
SHA256 59519350b2a3d3d6647ba4a52489783a9d0e2384ff71854b0c5865adc49432d3
SHA512 76560803b1eb3a8d7d6ae1856da415b72306ff9261fad85f3554a4b3288f167f6e1439d31d6dcdb80672b44b8494e3749b621567dc1fa5d4037f308d1263e536

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce33e118f97225c61507bb807d217f0f
SHA1 4a22dc10b38c10a42b73eb08d8ad5928a5e76f1c
SHA256 95891d5528ff6f09e41dbeaf355876b41e58493640bbf01e2e66b3b6e0103d13
SHA512 22a4de190def73c95d34a47801aa01ae4aa02968deae562221e8b397aa61d352e9985832d5b6fa3a0344dabb920178baa5966e2e747132358d6e65574cda4f10

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 951f292b2abddbfb79f4eca91c44e758
SHA1 2444ad028b25760693562c8ec8a93a19524a1e3a
SHA256 bdcc19abb6212912209c1150b579991380382d8af0b14c222163d70772e33c2d
SHA512 1158953b3231dbf2e99d3c0d0caa5902bf836dcdcf8c78abcc5122880d1a99cd473acd518fdde8b8224366a8f633f2f575a979ce7a9d9470a9e0ea628e874c9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 169776f653568f92be117460191faab6
SHA1 2910cafaa13c0d792263c4a60b680c2d4a089f09
SHA256 1fdd9551345413057c415697138e93b2f857e94907eaf0bb2d0a35a7757f7bcd
SHA512 53375c6c74d2a53ea88c6ea569f22fa154533da850a7dea2d9e7292b4503c93e59433475754341496b81a21f91c3716ce41976ec24a4e863300d130c4d5c803e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 23619206e31f01d7e1029a7efe22100a
SHA1 157590036938b997f810d8bc5aa675be0139272e
SHA256 8a52458218edbbb8f5143103f786854f043c549f36e7f08971641a5d6c6f8462
SHA512 13c34606e3c81e3f0119a49560befdda908de6025ac91317b76ea32979345652aae639ad5d75ab4afd1d6573213829e720c45da6dd8205394b781790e08dbd04

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0d397252369c2301017f33e089673813
SHA1 5f1fb3e650c5feb83810cc6f288462816cdb318e
SHA256 91486660472186b7df9f38c16fca9ab6732c34621f3c615a6a4b0a52e072ccb4
SHA512 b86fd7f0d8337e3855c432ce8651b0c0ec4f25507b93f7741a2091c051a8f0f349ba8e5594625495308faf654e2e547c927086bcc946e36a3b7bfc68f79a5534

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1d2fb192ec85dc0e88152656195651c7
SHA1 ff4e1636455d989d4e988c5fa3a1a14cfa488d99
SHA256 e5a6e647050c00803365cb7fd57ec0ce92695c1c2bb7a75dfef53dd09e4e5cfc
SHA512 ecc19ca8bec5522bf9ee3ac7f22e534ca42b690a0c4e819f099a7fcdcbf4084e407c1fa870b68fdfa3a75d8ea341b5d751468c51ba47575b1b7aa61e4ac7f5ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 693a0fe3530a9c459baa3bd3fcf65003
SHA1 8c729a1a15cdc7f490429bb0a8155972f96602df
SHA256 5335f08d6280ff5360f67bd06e8d6955723fb9ad9a45de099d531dbfef57eb10
SHA512 d28f32929b5266246661b7933d3e24059fc948b8f27e3cae53777b426edad0ee144198d8969a430bbc5d8109d6aaba3c294bcf9d985a0f5d218c34ab443515f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_0

MD5 604edb1f909efc299ac23bfae5860fef
SHA1 0b88f6e5b58c2726ccf88d040b9b4a1d819e08f1
SHA256 d025e42d96a7eaea85dd8d3ae4c236c9f3cb69fcb1cfd5a213e0cfbf43007b5e
SHA512 2729c29aa655e2a26f975306a0da6a4ee0a46f427e563701cad45004d7371c3fdb9636db6447bd2fe47091c7e28358972228f49af1f2c8dcf4147103c79b19ea

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9f4ab89e8ae780e8257bcb26d738542c
SHA1 452dc193326e51eb4265ea5307d4d68888f7c74d
SHA256 864f5850f289abf8edf71538b78e0defa28a14eabe81fcf3a6070ca884fc10d8
SHA512 a8400369481bb71124d9001ee20432140a83a7fc7ae930b27197e37a012253741a1532d8cd42fef5964b942380d3ffd94825157e57ec749ca6f8729e01083ba2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 86dbd7e7235a9fe58bb9661f2c2da164
SHA1 5c0a53c38a94109b39206d17a4c84038eced70fc
SHA256 d20742e483dbd9b1bc158383795743d62b735bd82f1e115f0227981c82240c9d
SHA512 4d3c5c40faf864153b19c6127fcbc6cc692b18dc708229b0225108d2c28f72d0aef337f47d12b13f6b36b448000f48d28c870251e172bf7c1700827b25aba411

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\4c4cd06c-c276-42e5-b8cc-57ccd6aa016c.tmp

MD5 1714a52170c3a7ad8c2f752be36105e4
SHA1 fd87183cd07e24f72ca951108ecb3fe474a22b54
SHA256 a6c7065bb8b2bfb1ab3d632d8a590395b473e7579916f87b92d4deda0d5e0d6c
SHA512 6728a787c2fc3584a786ab594faf7711988fbb920d248402adc6776997c677fe72374f86ae133ad68caa095bab298165eba70551ecb1805ef9d2d7140351a2b1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7caee226be7147eb81e76a341fe3d11a
SHA1 f19e2f475edebfbb6ac0b34cbdd1e27d3f581912
SHA256 0fabc0aa8e971081ba32cb9e5646843e3bdddeaec1b9f9a05505fa71c675dcec
SHA512 18e6055b9140a265c6cea09cac1c966ab3d0fd0a606fc24d1a6558871355c0ac9d6f70780dbcd24266d28ddd871f5b3514504a99e3a638d7cf1b20602506a650

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\ScriptCache\f1cdccba37924bda_1

MD5 163efda525009992ab6050e379f1ad80
SHA1 56925fcdf7a27546dfbee7a27892fa0df03ad5df
SHA256 168048cac127383fee9b958803eb58c3b4ba859cd207437582470aa54e92387d
SHA512 b4277f6e2f5c6044bf1956d9e4770323925ca93dbc9ce52e48aca1a043dd971a3e741c136362036505b6c052507b4e9b06810f51e58f0a97dd63eef3eefc4d3f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 054b4b1e5df82d5c1e36790f163a7e0d
SHA1 fe773eb572cc9173790b9e6528366446396085ae
SHA256 64fd8d492ac2527e77c428a3db88cbd17d27de1ce82db1efdb787ae9b1df7091
SHA512 d8f84b1ef866435b0d2c03d790a9270c052455927eda0f10a2549a72c017fdbdb21355ebd88a55b70b00a3bdc0bfd94f7b101283ba468b84f50f255f5be2dcf7

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f0a1150315f39ce878d0b7ce4f025d52
SHA1 322365c3cbc9f5cda603cec1e503addb46fd1faf
SHA256 604fdbaa039c8dc23972bcbc0f95cd651f91a155a024dc7b9193b1cb96c883a1
SHA512 00b70e410eebc4350b0f6457bbd8aeb2fac1bad0b70787d8a32d09af57727a16e5d4daf2923a54031ccb370353027cdda90c804d0b19386316016b310b85df9e