4da31bef923881bce96e3dafe3c0cbc43a8cdf6210c7ed24ab926118580edb1e

Analysis

max time kernel
1800s
max time network
1684s
platform
windows10-2004_x64
resource
win10v2004-20240802-en
resource tags

arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
submitted
12-08-2024 07:13

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

OIP (1).jpg
Size

6KB
MD5

f584883d2cd46340017138590a4b4ee2
SHA1

e102f004ebe62f32a8056f0d3aeba157a0729684
SHA256

4da31bef923881bce96e3dafe3c0cbc43a8cdf6210c7ed24ab926118580edb1e
SHA512

21eac0517a5212ac14f22768c8d28ddf563c47676d6550a17c3045898d1a2d3ff4ce98d91762ef3a3c39d6f50cff4b19d05627982567a911ec9312f6900e2050
SSDEEP

192:NIFJhPOZGh5h7wli+/lQeEOsjfgsNa/m9+kVybZ:NkPOO/8li+/WeEOs8Oum9+kwbZ

Score

10^/10

aspackv2 discovery spyware stealer

Malware Config

Signatures

Suspicious use of NtCreateProcessExOtherParentProcess 2 IoCs

description	pid	Process	procid_target
PID 1020 created 2328	1020	taskmgr.exe	128
PID 1020 created 2328	1020	taskmgr.exe	128

Downloads MZ/PE file

ASPack v2.12-2.42 1 IoCs

Detects executables packed with ASPack v2.12-2.42

aspackv2

resource	yara_rule
behavioral2/files/0x000d0000000235df-1992.dat	aspack_v212_v242

Executes dropped EXE 12 IoCs

pid	Process
4896	OperaGXSetup.exe
2328	setup.exe
2188	setup.exe
3580	setup.exe
1132	setup.exe
1432	setup.exe
3272	Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
1712	assistant_installer.exe
1988	assistant_installer.exe
752	DesktopBoom.exe
2336	Avoid.exe
3564	ChilledWindows.exe

Loads dropped DLL 5 IoCs

pid	Process
2328	setup.exe
2188	setup.exe
3580	setup.exe
1132	setup.exe
1432	setup.exe

Reads user/profile data of web browsers 2 TTPs
Infostealers often target stored browser data, which can include saved credentials etc.
spyware stealer

Data from Local System
T1005

Credentials In Files
T1552.001

Enumerates connected drives 3 TTPs 27 IoCs

Attempts to read the root path of hard drives other than the default C: drive.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
File opened (read-only)	\??\S:	ChilledWindows.exe
File opened (read-only)	\??\H:	ChilledWindows.exe
File opened (read-only)	\??\P:	ChilledWindows.exe
File opened (read-only)	\??\R:	ChilledWindows.exe
File opened (read-only)	\??\T:	ChilledWindows.exe
File opened (read-only)	\??\F:	setup.exe
File opened (read-only)	\??\E:	ChilledWindows.exe
File opened (read-only)	\??\G:	ChilledWindows.exe
File opened (read-only)	\??\N:	ChilledWindows.exe
File opened (read-only)	\??\O:	ChilledWindows.exe
File opened (read-only)	\??\W:	ChilledWindows.exe
File opened (read-only)	\??\D:	setup.exe
File opened (read-only)	\??\A:	ChilledWindows.exe
File opened (read-only)	\??\M:	ChilledWindows.exe
File opened (read-only)	\??\V:	ChilledWindows.exe
File opened (read-only)	\??\X:	ChilledWindows.exe
File opened (read-only)	\??\I:	ChilledWindows.exe
File opened (read-only)	\??\L:	ChilledWindows.exe
File opened (read-only)	\??\J:	ChilledWindows.exe
File opened (read-only)	\??\K:	ChilledWindows.exe
File opened (read-only)	\??\B:	ChilledWindows.exe
File opened (read-only)	\??\Z:	ChilledWindows.exe
File opened (read-only)	\??\Q:	ChilledWindows.exe
File opened (read-only)	\??\U:	ChilledWindows.exe
File opened (read-only)	\??\Y:	ChilledWindows.exe
File opened (read-only)	\??\D:	setup.exe
File opened (read-only)	\??\F:	setup.exe

Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Web Service

T1102

flow	ioc
303	raw.githubusercontent.com
304	raw.githubusercontent.com
298	camo.githubusercontent.com

Drops file in System32 directory 2 IoCs

description	ioc	Process
File created	C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe
File created	\??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF	chrome.exe

Browser Information Discovery 1 TTPs
Enumerate browser information.
discovery

Browser Information Discovery
T1217
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).

System Information Discovery
T1082

System Location Discovery: System Language Discovery 1 TTPs 10 IoCs

Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

discovery

System Language Discovery

T1614.001

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	OperaGXSetup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	assistant_installer.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	assistant_installer.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	Avoid.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language	setup.exe

Checks SCSI registry key(s) 3 TTPs 6 IoCs

SCSI information is often read in order to detect sandboxing environments.

Query Registry

T1012

Peripheral Device Discovery

T1120

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\Properties\{b725f130-47ef-101a-a5f1-02608c9eebac}\000A	taskmgr.exe
Key value queried	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000\FriendlyName	taskmgr.exe
Key opened	\REGISTRY\MACHINE\SYSTEM\ControlSet001\Enum\SCSI\Disk&Ven_WDC&Prod_WDS100T2B0A\4&215468a5&0&000000	taskmgr.exe

Enumerates system info in registry 2 TTPs 6 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe

Modifies Internet Explorer settings 1 TTPs 2 IoCs

adware spyware

Modify Registry

T1112

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000\Software\Microsoft\Internet Explorer\GPU	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000\SOFTWARE\Microsoft\Internet Explorer\GPU	SearchApp.exe

Modifies data under HKEY_USERS 3 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133679204488484980"	chrome.exe
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe

Modifies registry class 22 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\windows.search	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\windows.search	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\MuiCache	SearchApp.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\SOFTWARE\Microsoft\Speech_OneCore\Isolated\ohDO1Sgy3MzgdEgEb4WYfDS4eik = "HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Speech_OneCore\\Recognizers\\Tokens\\MS-1033-110-WINMO-DNN"	SearchApp.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Settings\Cache\Cookies\CachePrefix = "Cookie:"	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DomStorageState	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\microsoft.windows.search	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total	SearchApp.exe
Key created	\REGISTRY\MACHINE\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppModel\Deployment\Package\*\S-1-5-21-2718105630-359604950-2820636825-1000\{0DF65877-68D6-466A-9ECE-5F85A3BAA443}	ChilledWindows.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\SOFTWARE\Microsoft\Speech_OneCore\Isolated\ohDO1Sgy3MzgdEgEb4WYfDS4eik	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\EdpDomStorage	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\microsoft.windows.search	SearchApp.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "152"	SearchApp.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\windows.search\Total = "23"	SearchApp.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Settings\Cache\Content\CachePrefix	SearchApp.exe
Set value (str)	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Settings\Cache\History\CachePrefix = "Visited:"	SearchApp.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\microsoft.windows.search\ = "56"	SearchApp.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\windows.search\Total = "56"	SearchApp.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\microsoft.windows.search\ = "23"	SearchApp.exe
Key created	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\EdpDomStorage\Total	SearchApp.exe
Set value (int)	\REGISTRY\USER\S-1-5-21-2718105630-359604950-2820636825-1000_Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.windows.search_cw5n1h2txyewy\Internet Explorer\DOMStorage\Total\ = "185"	SearchApp.exe

Modifies system certificate store 2 TTPs 6 IoCs

evasion spyware trojan

Install Root Certificate

T1553.004

Modify Registry

T1112

description	ioc	Process
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 040000000100000010000000d474de575c39b2d39c8583c5c065498a0f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703086200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc30b00000001000000120000004400690067006900430065007200740000001d00000001000000100000008f76b981d528ad4770088245e2031b630300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc25190000000100000010000000ba4f3972e7aed9dccdc210db59da13c92000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a	setup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25\Blob = 5c000000010000000400000000080000190000000100000010000000ba4f3972e7aed9dccdc210db59da13c90300000001000000140000005fb7ee0633e259dbad0c4c9ae6d38f1a61c7dc251d00000001000000100000008f76b981d528ad4770088245e2031b630b0000000100000012000000440069006700690043006500720074000000140000000100000014000000b13ec36903f8bf4701d498261a0802ef63642bc36200000001000000200000007431e5f4c3c1ce4690774f0b61e05440883ba9a01ed00ba6abd7806ed3b118cf090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f0000000100000014000000e35ef08d884f0a0ade2f75e96301ce6230f213a8040000000100000010000000d474de575c39b2d39c8583c5c065498a2000000001000000c9030000308203c5308202ada003020102021002ac5c266a0b409b8f0b79f2ae462577300d06092a864886f70d0101050500306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f74204341301e170d3036313131303030303030305a170d3331313131303030303030305a306c310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d312b30290603550403132244696769436572742048696768204173737572616e636520455620526f6f7420434130820122300d06092a864886f70d01010105000382010f003082010a0282010100c6cce573e6fbd4bbe52d2d32a6dfe5813fc9cd2549b6712ac3d5943467a20a1cb05f69a640b1c4b7b28fd098a4a941593ad3dc94d63cdb7438a44acc4d2582f74aa5531238eef3496d71917e63b6aba65fc3a484f84f6251bef8c5ecdb3892e306e508910cc4284155fbcb5a89157e71e835bf4d72093dbe3a38505b77311b8db3c724459aa7ac6d00145a04b7ba13eb510a984141224e656187814150a6795c89de194a57d52ee65d1c532c7e98cd1a0616a46873d03404135ca171d35a7c55db5e64e13787305604e511b4298012f1793988a202117c2766b788b778f2ca0aa838ab0a64c2bf665d9584c1a1251e875d1a500b2012cc41bb6e0b5138b84bcb0203010001a3633061300e0603551d0f0101ff040403020186300f0603551d130101ff040530030101ff301d0603551d0e04160414b13ec36903f8bf4701d498261a0802ef63642bc3301f0603551d23041830168014b13ec36903f8bf4701d498261a0802ef63642bc3300d06092a864886f70d010105050003820101001c1a0697dcd79c9f3c886606085721db2147f82a67aabf183276401057c18af37ad911658e35fa9efc45b59ed94c314bb891e8432c8eb378cedbe3537971d6e5219401da55879a2464f68a66ccde9c37cda834b1699b23c89e78222b7043e35547316119ef58c5852f4e30f6a0311623c8e7e2651633cbbf1a1ba03df8ca5e8b318b6008892d0c065c52b7c4f90a98d1155f9f12be7c366338bd44a47fe4262b0ac497690de98ce2c01057b8c876129155f24869d8bc2a025b0f44d42031dbf4ba70265d90609ebc4b17092fb4cb1e4368c90727c1d25cf7ea21b968129c3c9cbf9efc805c9b63cdec47aa252767a037f300827d54d7a9f8e92e13a377e81f4a	setup.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4	setup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 0f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e1996530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c0090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b060105050703080b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac89988140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f1d0000000100000010000000a86dc6a233eb339610f3ed414927c559030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e42000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e	setup.exe
Set value (data)	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\DDFB16CD4931C973A2037D3FC83A4D7D775D05E4\Blob = 190000000100000010000000ffac207997bb2cfe865570179ee037b9030000000100000014000000ddfb16cd4931c973a2037d3fc83a4d7d775d05e41d0000000100000010000000a86dc6a233eb339610f3ed414927c559140000000100000014000000ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f620000000100000020000000552f7bdcf1a7af9e6ce672017f4f12abf77240c78e761ac203d1d9d20ac899880b00000001000000320000004400690067006900430065007200740020005400720075007300740065006400200052006f006f0074002000470034000000090000000100000034000000303206082b0601050507030206082b0601050507030306082b0601050507030406082b0601050507030106082b06010505070308530000000100000040000000303e301f06096086480186fd6c020130123010060a2b0601040182373c0101030200c0301b060567810c010330123010060a2b0601040182373c0101030200c00f00000001000000300000004ea1b34b10b982a96a38915843507820ad632c6aad8343e337b34d660cd8366fa154544ae80668ae1fdf3931d57e19962000000001000000940500003082059030820378a0030201020210059b1b579e8e2132e23907bda777755c300d06092a864886f70d01010c05003062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f74204734301e170d3133303830313132303030305a170d3338303131353132303030305a3062310b300906035504061302555331153013060355040a130c446967694365727420496e6331193017060355040b13107777772e64696769636572742e636f6d3121301f060355040313184469676943657274205472757374656420526f6f7420473430820222300d06092a864886f70d01010105000382020f003082020a0282020100bfe6907368debbe45d4a3c3022306933ecc2a7252ec9213df28ad859c2e129a73d58ab769acdae7b1b840dc4301ff31ba43816eb56c6976d1dabb279f2ca11d2e45fd6053c520f521fc69e15a57ebe9fa95716595572af689370c2b2ba75996a733294d11044102edf82f30784e6743b6d71e22d0c1bee20d5c9201d63292dceec5e4ec893f821619b34eb05c65eec5b1abcebc9cfcdac34405fb17a66ee77c848a86657579f54588e0c2bb74fa730d956eeca7b5de3adc94f5ee535e731cbda935edc8e8f80dab69198409079c378c7b6b1c4b56a183803108dd8d437a42e057d88f5823e109170ab55824132d7db04732a6e91017c214cd4bcae1b03755d7866d93a31449a3340bf08d75a49a4c2e6a9a067dda427bca14f39b5115817f7245c468f64f7c169887698763d595d4276878997697a48f0e0a2121b669a74cade4b1ee70e63aee6d4ef92923a9e3ddc00e4452589b69a44192b7ec094b4d2616deb33d9c5df4b0400cc7d1c95c38ff721b2b211b7bb7ff2d58c702c4160aab1631844951a76627ef680b0fbe864a633d18907e1bdb7e643a418b8a67701e10f940c211db2542925896ce50e52514774be26acb64175de7aac5f8d3fc9bcd34111125be51050eb31c5ca72162209df7c4c753f63ec215fc420516b6fb1ab868b4fc2d6455f9d20fca11ec5c08fa2b17e0a2699f5e4692f981d2df5d9a9b21de51b0203010001a3423040300f0603551d130101ff040530030101ff300e0603551d0f0101ff040403020186301d0603551d0e04160414ecd7e382d2715d644cdf2e673fe7ba98ae1c0f4f300d06092a864886f70d01010c05000382020100bb61d97da96cbe17c4911bc3a1a2008de364680f56cf77ae70f9fd9a4a99b9c9785c0c0c5fe4e61429560b36495d4463e0ad9c9618661b230d3d79e96d6bd654f8d23cc14340ae1d50f552fc903bbb9899696bc7c1a7a868a427dc9df927ae3085b9f6674d3a3e8f5939225344ebc85d03caed507a7d62210a80c87366d1a005605fe8a5b4a7afa8f76d359c7c5a8ad6a23899f3788bf44dd2200bde04ee8c9b4781720dc01432ef30592eaee071f256e46a976f92506d968d687a9ab236147a06f224b9091150d708b1b8897a8423614229e5a3cda22041d7d19c64d9ea26a18b14d74c19b25041713d3f4d7023860c4adc81d2cc3294840d0809971c4fc0ee6b207430d2e03934108521150108e85532de7149d92817504de6be4dd175acd0cafb41b843a5aad3c305444f2c369be2fae245b823536c066f67557f46b54c3f6e285a7926d2a4a86297d21ee2ed4a8bbc1bfd474a0ddf67667eb25b41d03be4f43bf40463e9efc2540051a08a2ac9ce78ccd5ea870418b3ceaf4988aff39299b6b3e6610fd28500e7501ae41b959d19a1b99cb19bb1001eefd00f4f426cc90abcee43fa3a71a5c84d26a535fd895dbc85621d32d2a02b54ed9a57c1dbfa10cf19b78b4a1b8f01b6279553e8b6896d5bbc68d423e88b51a256f9f0a680a0d61eb3bc0f0f537529aaea1377e4de8c8121ad07104711ad873d07d175bccff3667e	setup.exe
Key created	\REGISTRY\MACHINE\SOFTWARE\Microsoft\SystemCertificates\AuthRoot\Certificates\5FB7EE0633E259DBAD0C4C9AE6D38F1A61C7DC25	setup.exe

Suspicious behavior: EnumeratesProcesses 64 IoCs

pid	Process
2512	chrome.exe
2512	chrome.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
2100	chrome.exe
2100	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
4976	chrome.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe
1020	taskmgr.exe

Suspicious behavior: GetForegroundWindowSpam 2 IoCs

pid	Process
752	DesktopBoom.exe
1020	taskmgr.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 25 IoCs

pid	Process
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe
Token: SeShutdownPrivilege	2512	chrome.exe
Token: SeCreatePagefilePrivilege	2512	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe

Suspicious use of SendNotifyMessage 64 IoCs

pid	Process
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
2512	chrome.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
4212	taskmgr.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe
2100	chrome.exe

Suspicious use of SetWindowsHookEx 3 IoCs

pid	Process
2328	setup.exe
2328	setup.exe
2112	SearchApp.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2512 wrote to memory of 2752	2512	chrome.exe	95
PID 2512 wrote to memory of 2752	2512	chrome.exe	95
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 4064	2512	chrome.exe	96
PID 2512 wrote to memory of 3352	2512	chrome.exe	97
PID 2512 wrote to memory of 3352	2512	chrome.exe	97
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98
PID 2512 wrote to memory of 4164	2512	chrome.exe	98

C:\Windows\system32\cmd.exe
cmd /c "C:\Users\Admin\AppData\Local\Temp\OIP (1).jpg"
1⤵
PID:3892

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2512
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff89ed9cc40,0x7ff89ed9cc4c,0x7ff89ed9cc58
  2⤵
  PID:2752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1924,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1916 /prefetch:2
  2⤵
  PID:4064
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2152,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2184 /prefetch:3
  2⤵
  PID:3352
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2248,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2468 /prefetch:8
  2⤵
  PID:4164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3152,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3172 /prefetch:1
  2⤵
  PID:2664
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3180,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3220 /prefetch:1
  2⤵
  PID:3584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=4464,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4540 /prefetch:1
  2⤵
  PID:5028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --field-trial-handle=4388,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4372 /prefetch:1
  2⤵
  PID:2232
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3424,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4908 /prefetch:8
  2⤵
  PID:3000
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=3216,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4516 /prefetch:8
  2⤵
  PID:4520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3864,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3444 /prefetch:1
  2⤵
  PID:3840
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=4544,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4732 /prefetch:1
  2⤵
  PID:388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=5160,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5164 /prefetch:1
  2⤵
  PID:1448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4808,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3792 /prefetch:8
  2⤵
  PID:2084
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4812,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4580 /prefetch:8
  2⤵
  PID:2028
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5296,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4872 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=3232,i,16904183056971888285,4397998929388619451,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5480 /prefetch:8
  2⤵
  PID:1176
- C:\Users\Admin\Downloads\OperaGXSetup.exe
  "C:\Users\Admin\Downloads\OperaGXSetup.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:4896
- - C:\Users\Admin\AppData\Local\Temp\7zS02395608\setup.exe
    C:\Users\Admin\AppData\Local\Temp\7zS02395608\setup.exe --server-tracking-blob=ZjEyOWQ0OWNhNjA1ZWFjMDI4YjE5Zjk3N2U5MzllMjQ5ZjcwMTFhMjY2M2ZhOWQ2NGVkODc3YmEzNTRlZTlkNDp7ImNvdW50cnkiOiJHQiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6Im9wZXJhX2d4IiwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/dXRtX3NvdXJjZT0lMjhkaXJlY3QlMjkmdXRtX21lZGl1bT1kb2MmdXRtX2NhbXBhaWduPSUyOGRpcmVjdCUyOSZodHRwX3JlZmVycmVyPW1pc3NpbmcmdXRtX3NpdGU9b3BlcmFfY29tJnV0bV9sYXN0cGFnZT1vcGVyYS5jb20lMkYmZGxfdG9rZW49NjI2NTA3NzUiLCJ0aW1lc3RhbXAiOiIxNzIzNDQ2ODgzLjUxMjUiLCJ1c2VyYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTIzLjAuMC4wIFNhZmFyaS81MzcuMzYiLCJ1dG0iOnsiY2FtcGFpZ24iOiIoZGlyZWN0KSIsImxhc3RwYWdlIjoib3BlcmEuY29tLyIsIm1lZGl1bSI6ImRvYyIsInNpdGUiOiJvcGVyYV9jb20iLCJzb3VyY2UiOiIoZGlyZWN0KSJ9LCJ1dWlkIjoiN2YyYzAwYzItZWFlYS00ZjRkLWEwNzUtYzE1MmRjYTRmZTg2In0=
    3⤵
    - Executes dropped EXE
    - Loads dropped DLL
    - Enumerates connected drives
    - System Location Discovery: System Language Discovery
    - Modifies system certificate store
    - Suspicious use of SetWindowsHookEx
    PID:2328
  - - C:\Users\Admin\AppData\Local\Temp\7zS02395608\setup.exe
      C:\Users\Admin\AppData\Local\Temp\7zS02395608\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=112.0.5197.60 --initial-client-data=0x330,0x334,0x338,0x32c,0x33c,0x74af1b54,0x74af1b60,0x74af1b6c
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      System Location Discovery: System Language Discovery
      PID:2188
  - - C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe
      "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\setup.exe" --version
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      System Location Discovery: System Language Discovery
      PID:3580
  - - C:\Users\Admin\AppData\Local\Temp\7zS02395608\setup.exe
      "C:\Users\Admin\AppData\Local\Temp\7zS02395608\setup.exe" --backend --install --import-browser-data=0 --enable-stats=1 --enable-installer-stats=1 --consent-given=1 --general-interests=1 --general-location=1 --personalized-content=1 --personalized-ads=1 --vought_browser=0 --launchopera=1 --installfolder="C:\Users\Admin\AppData\Local\Programs\Opera GX" --profile-folder --language=en --singleprofile=0 --copyonly=0 --allusers=0 --setdefaultbrowser=0 --pintotaskbar=1 --pintostartmenu=1 --run-at-startup=1 --server-tracking-data=server_tracking_data --initial-pid=2328 --package-dir-prefix="C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_20240812071452" --session-guid=2d5b0142-10d8-490c-ac46-5652d0e28453 --server-tracking-blob=MThmZDU3MTNlMGQxYTk5OWM2M2JjMDc1YTA3N2VlNzMzYjNmZDM4MGE4Nzg3YzNmMWIxNDc1YzFiMjU4Y2U3Mzp7ImNvdW50cnkiOiJHQiIsImh0dHBfcmVmZXJyZXIiOiJodHRwczovL3d3dy5vcGVyYS5jb20vIiwiaW5zdGFsbGVyX25hbWUiOiJPcGVyYUdYU2V0dXAuZXhlIiwicHJvZHVjdCI6eyJuYW1lIjoib3BlcmFfZ3gifSwicXVlcnkiOiIvb3BlcmFfZ3gvc3RhYmxlL3dpbmRvd3M/dXRtX3NvdXJjZT0lMjhkaXJlY3QlMjkmdXRtX21lZGl1bT1kb2MmdXRtX2NhbXBhaWduPSUyOGRpcmVjdCUyOSZodHRwX3JlZmVycmVyPW1pc3NpbmcmdXRtX3NpdGU9b3BlcmFfY29tJnV0bV9sYXN0cGFnZT1vcGVyYS5jb20lMkYmZGxfdG9rZW49NjI2NTA3NzUiLCJzeXN0ZW0iOnsicGxhdGZvcm0iOnsiYXJjaCI6Ing4Nl82NCIsIm9wc3lzIjoiV2luZG93cyIsIm9wc3lzLXZlcnNpb24iOiIxMCIsInBhY2thZ2UiOiJFWEUifX0sInRpbWVzdGFtcCI6IjE3MjM0NDY4ODMuNTEyNSIsInVzZXJhZ2VudCI6Ik1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS8xMjMuMC4wLjAgU2FmYXJpLzUzNy4zNiIsInV0bSI6eyJjYW1wYWlnbiI6IihkaXJlY3QpIiwibGFzdHBhZ2UiOiJvcGVyYS5jb20vIiwibWVkaXVtIjoiZG9jIiwic2l0ZSI6Im9wZXJhX2NvbSIsInNvdXJjZSI6IihkaXJlY3QpIn0sInV1aWQiOiI3ZjJjMDBjMi1lYWVhLTRmNGQtYTA3NS1jMTUyZGNhNGZlODYifQ== --desktopshortcut=1 --wait-for-package --initial-proc-handle=0809000000000000
      4⤵
      Executes dropped EXE
      Loads dropped DLL
      Enumerates connected drives
      System Location Discovery: System Language Discovery
      PID:1132
    - - C:\Users\Admin\AppData\Local\Temp\7zS02395608\setup.exe
        
        C:\Users\Admin\AppData\Local\Temp\7zS02395608\setup.exe --type=crashpad-handler /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=112.0.5197.60 --initial-client-data=0x320,0x324,0x328,0x2fc,0x32c,0x72361b54,0x72361b60,0x72361b6c
        5⤵
        Executes dropped EXE
        Loads dropped DLL
        System Location Discovery: System Language Discovery
        
        PID:1432
  - - C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202408120714521\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe
      "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202408120714521\assistant\Opera_GX_assistant_73.0.3856.382_Setup.exe_sfx.exe"
      4⤵
      Executes dropped EXE
      System Location Discovery: System Language Discovery
      PID:3272
  - - C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202408120714521\assistant\assistant_installer.exe
      "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202408120714521\assistant\assistant_installer.exe" --version
      4⤵
      Executes dropped EXE
      System Location Discovery: System Language Discovery
      PID:1712
    - - C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202408120714521\assistant\assistant_installer.exe
        
        "C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202408120714521\assistant\assistant_installer.exe" --type=crashpad-handler /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports" "--crash-count-file=C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\crash_count.txt" --url=https://crashstats-collector.opera.com/collector/submit --annotation=channel=Stable --annotation=plat=Win32 --annotation=prod=OperaDesktopGX --annotation=ver=73.0.3856.382 --initial-client-data=0x26c,0x270,0x274,0x248,0x278,0x7d4f48,0x7d4f58,0x7d4f64
        5⤵
        Executes dropped EXE
        System Location Discovery: System Language Discovery
        
        PID:1988

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:1520

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:3056

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Checks SCSI registry key(s)
- Suspicious behavior: EnumeratesProcesses
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
PID:4212

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe"
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of SendNotifyMessage
PID:2100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xdc,0x104,0x7ff89ed9cc40,0x7ff89ed9cc4c,0x7ff89ed9cc58
  2⤵
  PID:2976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1916,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=1896 /prefetch:2
  2⤵
  PID:1148
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2160,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=2180 /prefetch:3
  2⤵
  PID:5048
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2240,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=2440 /prefetch:8
  2⤵
  PID:4652
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3144,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=3168 /prefetch:1
  2⤵
  PID:2924
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3176,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=3204 /prefetch:1
  2⤵
  PID:5036
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --field-trial-handle=3704,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=4072 /prefetch:1
  2⤵
  PID:3736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4728,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=4800 /prefetch:8
  2⤵
  PID:1184
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4456,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=3800 /prefetch:8
  2⤵
  PID:3320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --field-trial-handle=4832,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=5244 /prefetch:1
  2⤵
  PID:4376
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=11 --field-trial-handle=3320,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=3192 /prefetch:1
  2⤵
  PID:1128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=12 --field-trial-handle=5164,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=3332 /prefetch:1
  2⤵
  PID:4124
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --field-trial-handle=3364,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=4444 /prefetch:1
  2⤵
  PID:2136
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --field-trial-handle=5208,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=4024 /prefetch:1
  2⤵
  PID:2448
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --field-trial-handle=3172,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=3400 /prefetch:1
  2⤵
  PID:3276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --field-trial-handle=5300,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=5324 /prefetch:1
  2⤵
  PID:3412
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --field-trial-handle=5348,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=5032 /prefetch:1
  2⤵
  PID:1648
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --field-trial-handle=216,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=4028 /prefetch:1
  2⤵
  PID:680
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --field-trial-handle=5568,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=5560 /prefetch:1
  2⤵
  PID:1388
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --field-trial-handle=3304,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=3420 /prefetch:1
  2⤵
  PID:3316
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --field-trial-handle=4616,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=5456 /prefetch:1
  2⤵
  PID:1960
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --field-trial-handle=4452,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=5288 /prefetch:1
  2⤵
  PID:4964
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=data_decoder.mojom.DataDecoderService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=4792,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=1072 /prefetch:8
  2⤵
  PID:3984
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=4828,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=5552 /prefetch:8
  2⤵
  - Drops file in System32 directory
  - Suspicious behavior: EnumeratesProcesses
  PID:4976
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --field-trial-handle=4532,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=3212 /prefetch:1
  2⤵
  PID:1268
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=836,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=5904 /prefetch:8
  2⤵
  PID:2112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5900,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=5400 /prefetch:8
  2⤵
  PID:3684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5792,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=4620 /prefetch:8
  2⤵
  PID:3320
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=6052,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=5760 /prefetch:8
  2⤵
  PID:4416
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6084,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=3396 /prefetch:8
  2⤵
  PID:2416
- C:\Users\Admin\Downloads\DesktopBoom.exe
  "C:\Users\Admin\Downloads\DesktopBoom.exe"
  2⤵
  - Executes dropped EXE
  - Suspicious behavior: GetForegroundWindowSpam
  PID:752
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6000,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=5708 /prefetch:8
  2⤵
  PID:5676
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5988,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=4448 /prefetch:8
  2⤵
  PID:5684
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4036,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=3232 /prefetch:8
  2⤵
  PID:5696
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4428,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=3368 /prefetch:8
  2⤵
  PID:6084
- C:\Users\Admin\Downloads\Avoid.exe
  "C:\Users\Admin\Downloads\Avoid.exe"
  2⤵
  - Executes dropped EXE
  - System Location Discovery: System Language Discovery
  PID:2336
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4652,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=5784 /prefetch:8
  2⤵
  PID:3132
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=352,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=3228 /prefetch:8
  2⤵
  PID:788
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5496,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=5536 /prefetch:8
  2⤵
  PID:4128
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5304,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=6008 /prefetch:8
  2⤵
  PID:1424
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=6028,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=5580 /prefetch:8
  2⤵
  PID:5196
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5616,i,10149236582821201915,2203288368788442344,262144 --variations-seed-version=20240811-180142.528000 --mojo-platform-channel-handle=6100 /prefetch:8
  2⤵
  PID:5132
- C:\Users\Admin\Downloads\ChilledWindows.exe
  "C:\Users\Admin\Downloads\ChilledWindows.exe"
  2⤵
  - Executes dropped EXE
  - Enumerates connected drives
  - Modifies registry class
  PID:3564

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
1⤵
PID:3212

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
1⤵
PID:1272

C:\Windows\system32\taskmgr.exe
"C:\Windows\system32\taskmgr.exe" /4
1⤵
- Suspicious use of NtCreateProcessExOtherParentProcess
- Checks SCSI registry key(s)
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: GetForegroundWindowSpam
PID:1020

C:\Windows\SysWOW64\werfault.exe
werfault.exe /h /shared Global\5a5bc2cb87ba4d07a71d6032e43babae /t 3336 /p 2328
1⤵
PID:3948

C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe
"C:\Windows\SystemApps\Microsoft.Windows.Search_cw5n1h2txyewy\SearchApp.exe" -ServerName:CortanaUI.AppX8z9r6jm96hw4bsbneegw0kyxx296wr9t.mca
1⤵
- Modifies Internet Explorer settings
- Modifies registry class
- Suspicious use of SetWindowsHookEx
PID:2112

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault38010b97h6065h48c3h86a4h5ff70592ee0e
1⤵
PID:4156
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff8a10046f8,0x7ff8a1004708,0x7ff8a1004718
  2⤵
  PID:3924
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2148,3324545296963664793,6709015246411912121,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2164 /prefetch:2
  2⤵
  PID:724
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2148,3324545296963664793,6709015246411912121,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2300 /prefetch:3
  2⤵
  PID:2780
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2148,3324545296963664793,6709015246411912121,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2664 /prefetch:8
  2⤵
  PID:1080

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:4348

C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
1⤵
PID:936

C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
1⤵
PID:1132

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault8cc963dah6549h4506h9b2fh54fba625a4e5
1⤵
PID:5044
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x120,0x124,0x128,0xfc,0x12c,0x7ff8a10046f8,0x7ff8a1004708,0x7ff8a1004718
  2⤵
  PID:2168
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2164,2664112773822643530,15828772227026668812,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2184 /prefetch:2
  2⤵
  PID:4024
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2164,2664112773822643530,15828772227026668812,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
  2⤵
  PID:1080
- C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
  "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2164,2664112773822643530,15828772227026668812,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
  2⤵
  PID:5100

C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\AUDIODG.EXE 0x490 0x510
1⤵
PID:4320

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

T1112

Subvert Trust Controls

T1553

Install Root Certificate

T1553.004

Credential Access

Unsecured Credentials

T1552

Credentials In Files

T1552.001

Discovery

Browser Information Discovery

T1217

Peripheral Device Discovery

T1120

Query Registry

T1012

System Information Discovery

T1082

System Location Discovery

T1614

System Language Discovery

T1614.001

Lateral Movement

Collection

Data from Local System

T1005

Command and Control

Web Service

T1102

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\D3DSCache\e8010882af4f153f\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

Filesize
4B

MD5
f49655f856acb8884cc0ace29216f511

SHA1
cb0f1f87ec0455ec349aaa950c600475ac7b7b6b

SHA256
7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba

SHA512
599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
cf137ad729382b29b1e47bab1c151ef7

SHA1
c1bff88b8fead59f47b49b3d04edfc60d3a9f590

SHA256
497da56b03451a32726f37161b190a358fb2b0f8203c93526cbc59daf77f6088

SHA512
cd5591b4e6890b3b50bfba86065017fa0a072aea5cb70f32aebdd48f54f4edea6035fb9b11be012466fae93bdcd052efec88926fa3f6e5147d6ace88204749bb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

Filesize
649B

MD5
644435a37f5fea7c9a4fce7b4a91b532

SHA1
0ee72b999bb991cced94f29f193eacc2eb43a0fe

SHA256
216e14041514c383162f75a23068975ab8eaaa827a629cd4acc920711a728272

SHA512
6b950ee34266cfec32872b644a8cf88b4ac304dec273c0208a9e255d9b775769e3fa444ba9251e1c6542a39eec58baa5c3008de168eb398a77e3e64e22100d25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_0

Filesize
44KB

MD5
71b78baa500920a05a44bc6300c49a86

SHA1
9928857c7dfddd4aad806f01a70bd6dba82c8ce1

SHA256
8b18b3b24d9b9984af346848ca8f3fe7c8e7441f9f96cc4a373c11de4ccc4218

SHA512
0f0355b237b52109cf4c4fa527855a679078e582be2ad330508e973dec836e4981edf49e3d4d80e9c8d933763b4c059daee5378002172ceadb0162b43843e87d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_1

Filesize
264KB

MD5
cc5f794f11da53f215acac701759f543

SHA1
7364c964c95be3cbacad6c87a0347b8e4f9d101d

SHA256
8c722daf207d9fe9d223dc8ef57d281aed0a2b234ba74923a4c610557febab37

SHA512
380489dc5f1b6dc8c37be47f845e1ebefad2ab9d0b797f773e6a6455acfc7faf04b04be02c5468f635c9332c53dc005b509da51bf327f2b3d91f30501a829aa0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_2

Filesize
1.0MB

MD5
9c563bb6efa4dfa3054ceb902d69fb7f

SHA1
65a58fbeec261e5b1960b5cac5ef128b01c54a51

SHA256
1729f7a8cdd0184982be07fd04bdfd431d9948ee832c1651fbbcdcb1b137553b

SHA512
2cdac862a54cd9ea1c441deadc82e08d0de86161f1f9d5ec51dc848e79dd0f3446cda5ee4a278bc828f6c222e7af56d86002cccac274de2196f5707d5f259166

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\data_3

Filesize
4.0MB

MD5
337b352e82088ba50c4db834528defed

SHA1
d79b90ec1a6dd03914c7260f6d80d8aa9fbccb9f

SHA256
db9405407ebebc1f7a0c6d74c073a2ba404812719e9999dc91bd43ebce07e542

SHA512
6a0c1118d5dfe28796c6e54ac1674a4be56a2e48ae943db1c6c5a18eb147c9c44b9063e02819320febef041872c305d76e5c00dd578f26e2082aac328cf09c16

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000001

Filesize
210KB

MD5
48d2860dd3168b6f06a4f27c6791bcaa

SHA1
f5f803efed91cd45a36c3d6acdffaaf0e863bf8c

SHA256
04d7bf7a6586ef00516bdb3f7b96c65e0b9c6b940f4b145121ed00f6116bbb77

SHA512
172da615b5b97a0c17f80ddd8d7406e278cd26afd1eb45a052cde0cb55b92febe49773b1e02cf9e9adca2f34abbaa6d7b83eaad4e08c828ef4bf26f23b95584e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000002

Filesize
24KB

MD5
c594a826934b9505d591d0f7a7df80b7

SHA1
c04b8637e686f71f3fc46a29a86346ba9b04ae18

SHA256
e664eef3d68ac6336a28be033165d4780e8a5ab28f0d90df1b148ef86babb610

SHA512
04a1dfdb8ee2f5fefa101d5e3ff36e87659fd774e96aa8c5941d3353ccc268a125822cf01533c74839e5f1c54725da9cc437d3d69b88e5bf3f99caccd4d75961

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000003

Filesize
26KB

MD5
f13cd1084d7126caab16fadc82b7e827

SHA1
9d7fe9c33f74b65e958f3948947ea11d7deb0d56

SHA256
5a994adb2026146b9023d4e7132835b48e48453bf94c44ba070c2afc179ec45a

SHA512
7fda1de0bdd6808964040a5342a68243b4a67ddf0df910348d8f4cc97becdee313525b15a320cc34b21a2414ca2a6e79c09f66bb0a5cc086f4454682200f304f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
19KB

MD5
f5df48de453d785308da5b8e8946a58e

SHA1
fb0bd929b125d0b62e1609ec3072df6cd26e724a

SHA256
73e6700705f34bcf790e939cd82c1363cd5b483c77546a026d13bcd5c8e0cb67

SHA512
f1608baaa8d4b2aa1c94e74de2a450f4c207955604972be6f2c9e23de20a5a3bdf05d6e81665fbd1e403c4e4e13354d78aeaa4ca3434abb1d08ceb169c334198

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000005

Filesize
29KB

MD5
11d6a02cb64cdcecc633cad761c6dedb

SHA1
7a9cd7a2423b3a650fe1ffc05d72b1336dec4284

SHA256
8de2322113b2a4cd1d50236a2fcd14ae7510a0d42bf27cc0270a87eeea54832a

SHA512
4c7a404bf34db313a5a5d74f6c63dfa72327008c30fab5264a7bdcaf0ea1569916eced1248549305d2a9ec298194fdb1e5c3872c72d6defed2a383a30868108e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
66KB

MD5
db0df169239903f3d05d70a62124cee7

SHA1
aa99f5b50ea9d3184a1d37ec600c2cef3a0d951f

SHA256
d3244f22cd248b17e23a220b784fc8767ab75d4237f30a563efe2050dc3d708a

SHA512
46068433b2d8e379e6732fa9bad425dc3f4b89ed47e81a1009305ba19de03e8d5f833c98c444f028fa266d5fb63ab6dbf11cd4a61752b9c6c4022935d2dadcf8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

Filesize
135KB

MD5
34d998b1b76e49cd55098b9596f4a06d

SHA1
89ae79d1c147da897edd43ab8fba030711b24de2

SHA256
b187780e0492be65fd50e601a85f3bea3e5edf0e15a8563b0fcd95c66e3e4cab

SHA512
9c734490da2f67609d09e35d271a212f1ab3b5ff8cd0d0b5dcdf6ff3363943be150bb0034ad61fd0e190e0137aa10b727ed31181abb9582831ecc3ccf17dc93b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000008

Filesize
149KB

MD5
5a647a245a5dd27775e8b96f194d1536

SHA1
29f7b2e9b0f6f7103cded844e24b9c0276e1bef9

SHA256
8463e57c3b598ce66e87abdabbfa04ebd0c8e30bf2812d03ade7c2f1d25f67fe

SHA512
c6e869b245f3a15e29d45d07f623d754ab2ea36127a80899547ed472be39d7b7d90659d83dd9305036b84779062941d2a5b72202addbc5c1686922577fe01ed8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
81KB

MD5
869048e32015b6cd10d298c95c642285

SHA1
006b7f8aeaf3221e284188e5a27990a7dba60807

SHA256
9e7ca957cac9312282a92950ff571b8a8302073d0f1b2e7d674a863f683b5532

SHA512
694aca9efc7817732fae3ed9406637799abc3e1cfb8047d2f2b7326646d9cf277f027a6882a58168b5ed4dfa86f0f40360b291aa4649529f9895d80be0cac84f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000a

Filesize
42KB

MD5
80530ba21263b5e0f581b6392aebcf63

SHA1
dd2c36c5be2306b6a66a372fea390a854e1aa1fa

SHA256
6ef50659893f0b984668c684837c2d1c403565f1febccbc1734937407a71f7de

SHA512
740d12f6c6751ed3e9c00dfd5eced413753c69644acdc7f71ca607b28855bf90b397ae249124c0650c332d0a2f1cc5cb50c790d344ed9669e518fe22af9cb10d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000023

Filesize
21KB

MD5
a6d2a865e9f16ea305950181afef4fcf

SHA1
082145d33593f3a47d29c552276c88cf51beae8e

SHA256
2e5d94863281987de0afa1cfd58c86fde38fd3677c695268585161bc2d0448a2

SHA512
6aa871d6b2b0d1af0bda0297d164e2d685bc53f09983e5a4e1205f4eb972a2017323c99c3cc627c3fb01381b66816e570f61d013d3775cddad285ac1b604cdc9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000025

Filesize
37KB

MD5
a2ade5db01e80467e87b512193e46838

SHA1
40b35ee60d5d0388a097f53a1d39261e4e94616d

SHA256
154a7cfc19fb8827601d1f8eda3788b74e2018c96779884b13da73f6b1853a15

SHA512
1c728558e68ed5c0a7d19d8f264ad3e3c83b173b3e3cd5f53f5f3b216ed243a16944dbe6b2159cfe40ee4a3813ca95a834f162073a296b72bbdedc15546be8f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

Filesize
37KB

MD5
93acf02790e375a1148c9490557b3a1d

SHA1
78a367c8a8b672dd66a19eb823631e8990f78b48

SHA256
4f2513f353c2cdd3177e3890f216ea666e4eb99477a56a97ff490f69a9833423

SHA512
e6354f4e4d35e9b936a7ddaebdd6527c37e6248c3f2d450c428903a32d77439cab78020a45834379cf814a79149c3dddf4e1280b9d06a7f972e5f8e61c463d6e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000032

Filesize
23KB

MD5
bc715e42e60059c3ea36cd32bfb6ebc9

SHA1
b8961b23c29b9769100116ba0da44f13a24a3dd4

SHA256
110ccd760150c6ac29c987ee2b8f7c56772036f6fe74ff2fb56c094849912745

SHA512
5c0edd336a6d892f0163aa183e5482313dd86f9f5b2d624b3c4529692d70720f4823808f10ee7870fd9368b24de752b343570419fd244c33ad2d9cc86007bedc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000037

Filesize
17KB

MD5
109a8cceba33695698297e575e56bfad

SHA1
2b8c6dce1ccd21a6eea2dd9aef2a8a6bde389053

SHA256
dd82d9ac034f0a06524fc1d5ef884c29a7e4d586a1e7db66e339dc54fac3636d

SHA512
6d51ed30c45560838df921212370a0044640a8e3c0433922106225cb6fec8cc115ac6191c753da13def21c4e0db4deb5782fb7a75ada822ced1db7c7d13beaf3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000038

Filesize
19KB

MD5
f5b631335f170065edf1b148e10b34d4

SHA1
ca34f82af577fec763ed38f0436d20f1cf766f62

SHA256
99be964ed51ca453ccfaa264a1ea9490da11e32b53765919172b6d3749a9f846

SHA512
c66791cbdc7c0d12e7295eb26eb583b26e03692c8986ab7d5dac0e6a561b8b68a8a9e33814121efc700ff6b472aa4f685162b0c75439b144f12286c9e28c7cc7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000039

Filesize
23KB

MD5
de8c6574e9057e4b6ea7b9437db4b9d5

SHA1
265d520b6a04b434f5c3fc8c28debac183898db2

SHA256
51f281fe367854904b3db4b6f4cd70ccf90414335716482aceef382c536ae746

SHA512
cc8791772d03ee3f4b13654d2bd3354ab1ec28322ae3522187603bde00b1a5d940e99e62dda0fd3a7faf0ba9c3cd42425d0e64196f954bdb93c979f5e990e7dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\4a9cda1121219915_0

Filesize
1KB

MD5
6c5d4ccb5ebf0f8e9c00f29a0d33f6b9

SHA1
3c0aa7fcae485e3140c4461479f9f1c62ea60cab

SHA256
6612c83efc06c50a8415ab74dfd60f8f259bcd2cdbbd9e1ff8fbcd65a4f3131a

SHA512
7229352bf2c61b6183369bed4d2886a0771855091e50c489d75908197f6d1b4088b44b7ff152d17fedaaab6321b4d7685b5f5730827f310304198e1a92dea53d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
216B

MD5
d43ad8d5242b44f486bb51ad60f5e516

SHA1
16e233ae49dbdf1bc745046c1bbc8eacb62fadb2

SHA256
3873142b00f812ae38d909ada78fbbae71289526e1d1fad9c14d73464f77392d

SHA512
aa9f91456c99ae85b157053ee1c4a5b45518b27b4a8b7c87d5c4055cf2c013ad350920d017cd15651f5b0444e1ffe416835aef6ddc7a69db1368b15e215cfe63

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
936B

MD5
d3f235f333425b2cc6e42ab0136f8017

SHA1
35b4d104460a5bd5bb6bdbbf17f08aaa9e531d31

SHA256
c30a29d467a1110f7bf1eaea314bbca8af40af5c9b06ea50c61588aa264b9df4

SHA512
0e65bc8a32f5f8dacd551ef338e202fe216876b774e90040897de8619efb5aab42ea0baafc65fd10eed7aec1c76ac77fe38c26fe380490ebcd6bf5942216403b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
3da188f1fdab863b39dd2423c37f28b3

SHA1
7e5b80467ff9d8cbb7fddcf1fa0e885df2ed483b

SHA256
42c3aa68cd0d820a59a00af1bba20ca01b472c50f6983eecab6fc9df427ac8bf

SHA512
364f57e219699c1478ee075a01755243baee4c5dea56290c39b145c374ef2be531f9c9efc98b1e3be001ed56eb11ae6cee7ac3d6d7ec5a02c1cc487684e99841

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
1244b964db1f308490bc7817728716af

SHA1
08a0aaa45514d28c4ed9239b217925f4f70ad8f3

SHA256
dbdcbd393cd2ae43806051d7da0811ed91fad7263701b9d0af36adb673932f89

SHA512
78724f233a67231d90c4eefd3abcc9d38169404a98dc60481fbe4d902c04fff01f4c61a1af60aca079afca131f8e7cfccc18832442d0c0c1a939aff66606d2c5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
984B

MD5
40ed7e7eafef14b97918ac8c90e11a60

SHA1
6b084f285121b1a142ca57e82d0b3a26e4b605df

SHA256
71bf436d0a3104956dff4fc5fd470348a08bd7946b47842d55f4b12432c50e25

SHA512
53309b26d04edffaab60709b7ae7fe8741e2a207e2e8c058ea54b16af5a1d64c851052dbd5c4c78950f54ad99413be55a04f5551f277968553996211b4249dee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\DawnCache\data_1

Filesize
264KB

MD5
1228b440eda0334ceeff8ba74e7a397a

SHA1
beede2c466ad4d9a1131825a80af150a682de34d

SHA256
d15360b64b114f59eec6b9e63ff0d07578e1ff44daaa874697646521acc6d982

SHA512
fde9289748f5805ce2b4e4a3cef3d6f9f5bfe76f8722dd906cf6089511800d31e6060aa127957fe735af99179b861b366d2f7ba9fae33afeb7007cf317eb9892

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\History

Filesize
160KB

MD5
2b6e2dda2f791ffd435b54159f00a2c9

SHA1
913af512686bc61b0009fe8a4a27eac259d59993

SHA256
055e88ae59f18f7f315759fc61a3eadff99980eb28dbe8220e8813a796bf9389

SHA512
a508b075c4a7b795c88901e41f3a8885153f562ed5bd228457d906730b1f1b9830cbc01b6d67446c01a38bb54a767a718d055b0eb7ed318c48c612485179a1da

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
7KB

MD5
4ccb4cd39ccc71e7d5ca2a7d0f762980

SHA1
6f9062e18381ff800953bfb43447914f87a595d7

SHA256
cf52bd67bcd050c54d4c2701b9e05a4e09cf43df9a3e6213560277d55479936a

SHA512
95b891ed820d399f7ea954fdb45bac133cb23ca3eedf629fb148b2c4e45f5cafc41ed76fcb77d6cde4f833ed90bda9f518bc4d7ff9b29027749ad854b7a345a3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
10KB

MD5
1865af985bec3d653c71e3db8fd307b2

SHA1
1546961773e69f363f02318343a2f7a4e6f3452c

SHA256
dcf6f1874b49ca536e3bd831f9628fbe2f04935e4c20e6e263c6d8fcde1041e0

SHA512
47e0370125e897bbdc9183b82ae57279bed59b2a7cb42686bd837e04ff7bd44cc6248ca3914b1f6c5c36d613198d48515a980da95afaef8f5af5dcb3c0b121e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

Filesize
2B

MD5
d751713988987e9331980363e24189ce

SHA1
97d170e1550eee4afc0af065b78cda302a97674c

SHA256
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

SHA512
b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
9092d0373dfbd0983200940fa77ece10

SHA1
b2e9a2753c0b1a33e9e667d115c8cd5e2e93c532

SHA256
f39c705119b0362de33072a1582643aa033d145785431e6e4b1f877ab7fc1cc7

SHA512
a1896c3ab2aea2dd608f6941e7118dffa18219c58d833b38fe61e42051d25f8ae4476d7c8df820ef878ece2e7e3309d5cd5e23e37f0f77ce1139a944ca9fd0e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
eead827e0e6596d3558dd00029e9bc6b

SHA1
895008f845f8b3db58c080dbea784c5e46a3cb5f

SHA256
57ad48e4ca464fd32bc955d8ca36e57f79131be37c61c0aeb0078571244c2341

SHA512
1a83fcafce3767454cb7d732401514c3997c4d36f22dd0b76d3773603fecac97ef32f76353356fc83c4608a7d32aed6aeb110f2d97de296dd6576b38b2f3b51b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
2a469d4af191ce41d2210c0ff9fd8461

SHA1
eb1f28403976542b05f1d4d54ca6bb407b24741b

SHA256
8df6b9a95de445c99183ba7352a71bc54d9c0bf4ddb6508449285788c5d137cf

SHA512
75c34d371ea7e88ea3a0aa725f8601198827a977876c0f02e9af8c7567a7b25644ba467c1b1037a212f5811091ee79b94a522e2444a76dda9dd3c17be9355b24

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
96831e95d362dabf717a9a6c50864a4c

SHA1
d6d358ed9f7deb08906b8f1c1bc2e8247cf6d1f1

SHA256
ab0120537794f60653e52b60359d835445e11ee67481ffbdcd1a825059b26830

SHA512
161f0073d89312f76302750670d9d873f227444a96ab81820b8cd4f127fc6adb74c26a29d25abc45bd1c8771a0ef9e742ca8a535caf418f730477a00066e9066

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
ccc6c49fa35b98179831395ea53af338

SHA1
4f51f1174e16cf78ccc998a140112dd56a946240

SHA256
6bbe8a17b1c467eb911f9c979ac42716d1a1892a37223f3c8bf929750515315f

SHA512
abb1b72c37b0c9f162949fd45bada9d82e5ecf9ea63ee1ec73a78686003af15ecb20b4e91cac3fc98c7f06f2c29de233160884241f083187939df7eedac56c7e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
2ed412d650cec904398ea95076d8cd34

SHA1
0ffd73cefaf01e26150cb589d95e7602ce031705

SHA256
cb5454177c09467fb6aae8cf2bdfac3b53cc9eb9030aa14b2e17dff6ef95cea3

SHA512
74054885b99ff8a91a3bc00af94a8842d4d80ac69b017faca769069fb8ef45e4d23af7924e6f2e47baa4f437ebd936abcc1ec9cf0c4beeadcd7f04d0459c70e4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
356B

MD5
9e38248d18252e4458beb1c6c5a16191

SHA1
114e52058dbf1c344f67625d3c3d9bea5b1ff0e9

SHA256
9ee8eb3cac3db1df19d4f30e4c4e53cad9910de5ececb496669e4f797706ad72

SHA512
7e18977cb8c9bdb17c684e8ddd95332eb75b3bef11ddcc6ba74e165d5d25beb11293f3db7a8a5132c9c50d5a08ec2b855d3379f05a36987ebb5ed195dbfb3b90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
cbb044ee6172f6d6b65d4825fdf87d6e

SHA1
3167e4ddcc6917d900468b05c96a803b03f24c49

SHA256
bf139b369c9ce8688c6b696e1d2666d9edbddf3e89fe1243cfce062e77ebed56

SHA512
09f128cd215dd5cf135198d09b3d931c8d84030cad2e9209907e3a55482232f6685ab9d6436559a69e8c70185b4e1893324fc07190dc95ea126ce3e70a60d2d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
c1b8f9579cc9b4c0190680d693fa164b

SHA1
c43260c530bd4be1803183623d83c1b1afaf5f19

SHA256
856a30c83bb08f68d56fd465486c7a66c0b1e7acc0a98c9e53e3025a9510bef6

SHA512
1d5db04ad40113aeb46ab99ff99be3cb71843cd56458640a205a9e78b2214ca73892d7c7a5e3ad88d3027e1a31363e6a58611892c459bb9ce5365417ac468a41

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
7deb9b0fd90433be48e8caa17ced4fa3

SHA1
dc2cb81414d8330e4d2b72a586e9bd95d2ebb10d

SHA256
3779d9d04c526b29276f41a1c334b97c18be4cc13af0a95efe5df44205eabb84

SHA512
2cc29d55c453e569b5b575c256c162fa0d3d370517c435bb7ec250ca523ebcfd9ab3a086ec69cf99ada5c7023d564656a1e49cccb9001c8bff8498dafc44a950

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
79134fb6d636cfec7e1105842814f57a

SHA1
7e5b034b0e5b3b1e4dded012c280207ea06892be

SHA256
92ed733b1f22a48f9f9ea721bf8a323c8f90fed8323b3dad8aa60fed60554159

SHA512
1a7f81aed526251612649fb8b7d8c2b563446a594f8c3158b8579167d036c355f3a0127f1172df0ca8b9a26c91450d1c14e867e76fd128387fde5ab7e2111aae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
bfb4a61703da0b1ec72628f5882649d6

SHA1
2b6c819aea3175b861738e45ab0fc95238ac4e4c

SHA256
9982b9f35861535343de385f03b38eefc3c93855981581c44e2db8afe8e0f7df

SHA512
aa61464e1696d15ec7dc58cad7934c3f3d033981c7fc09054933aa4f93edda2c61865eb5f3ded008cf8b1a057e798f0b3bb6432ffa88acc665862e9e277e25e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
b78ac7592c9070ccb54abfecfd612b8c

SHA1
8b1243b9c9fa14f15639855017a21421d7f7259d

SHA256
cd3d7ad7ab6631f0b50eeb13c69594f332d8e4791bcdf2a54af8673aca0b998b

SHA512
d2bc6aa5cf02d7a7e5f83a70c2a8830c708b6b229512eec59b63726e35b112334c9d51ff041f3f610aa225238a309b3355a0aca78c1525f03809925c410be58f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
05d7f66a339de31b9b7f51475ce2abca

SHA1
05cb42313381f1bffa0a251c809b9b1133541a82

SHA256
de344447cd44b731bf67510ed62d5cad4fa92de05497b234f26f3b5307c32060

SHA512
8412a055a81d80eb74bbe208eaada2cb466fd070be561b51842bb2e0173782ba8375cc450852835cb4589d61c0ac67f516b330ed3d63c08562d8773de3b709f8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\a990e367-4f18-4c1f-8f3e-02867a047e6b.tmp

Filesize
1KB

MD5
67f584858875e8187afa7cae817088af

SHA1
d7a23a3678a2476c502e5cfadabc71748b5a6370

SHA256
74e6dc80d2d87375badf24ce7da7c8f586b019010231277c22aac35cd83068c0

SHA512
369706663497d8091f7acc25e167c670f2a9c9ee2388b65a9e681b7934e678df6c7a61b6624258f63526f15c523aaf59e15a0b3a45705223b5d8fee98c82df5e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
2ff634bcc934bb0a3398300337ed4ea7

SHA1
8049b62bc4623fd00503aaaf0898623769e93771

SHA256
216328c5ba091d8886931b764bbf571929749833b2911592eb1dd461c3b8159f

SHA512
05652704ffc910931f767d60d02e7d876ef8629dfc8cc5840a15836a985c8541fee6ee50098dbc2e0a761040fc67bca6a4238c5ba6983ffef8690ae2a5d3d28a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
67148ac137a16613b5a9342e27c93823

SHA1
62a9ab98ba9434e41834d6051e46d5440022f176

SHA256
cd05e320717954a5f6fce896c9699a9033b4b776cd75eda5172122e717b6c73a

SHA512
24be812bc654b57f44b16c5ef7a0ec97d8213c924a8efe6ad9c1e4e11212549a85afb6625c342e6fd95375b530f802a00db3e1eacdbd5134a3e737122f6135ad

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
16320e8064cad30507acca1ed01738a1

SHA1
99e137fdcaf524db12716d947c99aac6e900805c

SHA256
29d39123af3c2ee5ffafdb04499d8fea4b1bec86d075237369c267f2efa71e0f

SHA512
73e2e37ce445ba0306db90f62403a24a520b246e731ed3cdd34da813c55b2fb42069eb658964ad952a38b585ac1d89319d48be22c751fdaa04971cf67f0a20de

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
d03fbddc514f9de0545f8a97d752d5e1

SHA1
cbf510ce41ae992bba4a92253d9606a43fb52f1c

SHA256
ed559d642d4f6b5ecb1f69bb45e62591365e8817687b625d5fab01d2ddc95f9b

SHA512
db6934087c85e241161a404b7bb921f8f1ac24f7abe20bd0a15a03531f696c9abe41b6c6075808fdd99859f72713248aff2a770ab762bce5ad58b9a184fffc3b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
538c353cd14522d81c5428801a07e228

SHA1
3cf5826f85928114658313bc499de717bb91aaf0

SHA256
0877683bbde43e8788fa555ef2678d0cbecadd22971aa7309072b0836048ff65

SHA512
d139128a389463215605bb2b81e86c9fb9b6ca0de505ed77294d5579d9aa4cff291ce710f4ad427375afacc8fbc8d0c9abfacb195c29afb2e8f79df58387797b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
824cd77eaf37904af6c089ee4528b49a

SHA1
706004fae27e9a4ad26c8f746eff8024f164efda

SHA256
829b8f5f79eb3be657cb8a63e41665fc27d59b3366f6144f1f79bb3ca5ceabdd

SHA512
c9b338e1dabe601bbe102e1a209e537a8666da242879a9ed029ba8634d01e607e64d033f7776da7aa03cbb251965166ca8812769e61133bcaf67350cfab0a86f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
69f9e2f285583548fde8836d28507d6b

SHA1
1b89fe559897385c083dd0e4f39913ce85ceea2f

SHA256
8c24d457e8e215180716ae42b24a3d6f6f4350e827b51e456dbc46bcbe5c9115

SHA512
2699d3a3ce2f3db0f7e71c87a7f165ed05942280c134a66b427921a33ee6560da6230ff059136d2b08e099f7e05cbfc1c5ad8d822e84b13dae7b8224d4583225

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
6c8b0544f2a252395bcef270503ebb43

SHA1
3c5fd7b2adcec0293ea4d9896ec89ff5e29f2c57

SHA256
263ee48382da1c06b0f26e213f440dd9c590b27c72964ebbe694e32db239ed4a

SHA512
0606132955cf73827af5d358e8974bd7f47aa94893b5f020e910c844501191d753be677c1cd940a781b16690198052347a3426dea156504a9eef35b6d6b7e4ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
88f619b75326405fc1cd8be1c80cba02

SHA1
a9ee7acc67fa6ad90d36e6c3325c304ecdbf4489

SHA256
ed0a35fb66c847bebb1a144a0365a1437f0381a0b4434a0cb52bab0b9f36e1ae

SHA512
6ec85d88f693db635fe06829e6e8e3142cd95b7efa1bc24c8a6dc949a077b4cf5eb245263e742833dce519a684f7bb9ff37082fe75c0c0252f549dfd7251efc4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
3f70066d37b81d13ba6a38e360deee73

SHA1
f4105371877b439fd95d6ab5c541f276e4cec9e9

SHA256
e45863291c79fe9ea560e95be2044910e0aa8d16769b5b9104b58936d7ab927d

SHA512
3817b22523253248b572ae51954dff2b33d129ae74cb5e97f2ac85fe46cc5d45fdc913ad7d66f0d0aee2407e0ded207a8e3d646028e46b716fbaad9017f1fed5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
6bd17efe3ebe6aede6e0f2d95ae07aee

SHA1
2e43c6803996660271ae88f8a04cef6ee58a449f

SHA256
912828a41ce161fe70246892becc112c06268ded23db546e753973adbfa3608d

SHA512
bc4733b4e3153db22209b289f3a36825f46ecaa275253f6e664d7526b38f88ae373ddea32be4599ecf08ac85c69eb1ad8ee56a9b26ff51a62e5657e975210559

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
31af3e0771d957593fcd7f4bdd83f2b9

SHA1
e9d8a5f337ba6381be08f66b23435fe63567b101

SHA256
c53e1040ba84d1bb6ff07490fb9a4f7117e791a756275dae115f8ec30478b43e

SHA512
e2b8b512f2afcd6e630af3d8be49d5a6d52ca23700f23bd9c94e7538deb8e018e2d603145b31d34dd9005b8f2a1ba2979432ecbc39f7e629780bd4a09b1a38ff

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
ec41eb42d9c437e9a9a20912f4c3d97e

SHA1
e891ad3907493768aa53c0f8767a7bc5419bba3a

SHA256
d4e50b675fd66a6e75ed8c9f41d7239b3248d38ab7a941cb649a63659b465f31

SHA512
8d76e3ee43f11a3af7ffd71e06538a4569ba23f9fcd212d182870a226c9a7d2494c6c7889b9b8217eb1633f4caf2560b99d23be9b377b46f8f659a2657af072f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
50af4dad01bb795857d6cc2ea55b4445

SHA1
3efe2bf5453f6720837b6af4898cced719d30996

SHA256
b27fa860aee9e701ff05f8274dbc1af8d832f075cd6b5d1cff355b7bcd3a5a8d

SHA512
2fd42bcca37e7cfa197c5e906bd2e547d05318fbc94a18ac1cc71a6bd0dc9f013b9737d36a459aaef41c0a363f27fee70ab730a33048557f23818cda470d761b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
31f993014774eac61666ca9a8fb0c73f

SHA1
7e0b69f57b4232be5ed18702790784f89001eccb

SHA256
d8dc0dd0d11afc1b07f6cccb7f5d6ded07da62092601d65533f7af8167d3eca7

SHA512
cf88600bc03023a0417acae942f2da815bedbe785d358624618287d956aa26820f6831864593a361141b68feaa74f899e4b0b914a2f12eae0572b66fbca21901

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
9KB

MD5
65ac23de9478c298b110982eb1de55cf

SHA1
735162be9683c0b648117d89ae6e1de0fe0dc269

SHA256
2b22a9885c5645a5db411d8b4c113e3163bbdd4cd768f0c211e34202b7130849

SHA512
8bd9de90f8f23fb98db1153b4e3134e8f77334ffc73ae81f9179e3def9e554d977dca8603bf2a3b14475a8e721d158d6b0ecb61d690edfe75d452efef5d0d323

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
393ad008027cf690257bc1c36b0d7549

SHA1
648091743c765b40ffb554e6e1b10ef68e30b516

SHA256
20e31c15c8602d9d479bda073570dac8dd4ba4594db2bd9ebfedf0b6cad30280

SHA512
bacd4dadb3ef4c813275e89dc6f24669e3e9d700d6b7d48657d3aaa84f682a9393631be4daf0f1fa734ebddd154505849b6ed44499b9a75add79c8e6b78b219e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
2e39b04cb773f75b84935dadd3071b52

SHA1
746ee7ae47cd8d284efa857fa76f69879c1862f1

SHA256
a767c972e58f9434ed6e363f97d25bffd8e607fdd1169f61aa94ed6913974ead

SHA512
937722c3542938713ac6ad490593bb3da419e7c4f39d5c12a96211aa51bd52ac36b3520d2610f064731e7dcd3d98a4b2992640b38bc8c02afcf427e7cc2338d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
747cd0541f83288a60614051c871d706

SHA1
73816ad0c4c3e87e5d511cf9ddeac51155508eb7

SHA256
04a48a9615aeb95056ad36fc7179d751dc00ff9d1010f96c082e3d8a7038692b

SHA512
3504337ac8168a847e8f74b8a04e6d05e1c9eed99b43424021781b62d43c012b218977f4da72db285696c810aab9b695d2cc39fe5dc9137c105139cdabdb957c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
ffd50f1b342d06ffe8d6b306f1929da9

SHA1
159276b0a0d87abc2968144eb0bff9bcd9784ebd

SHA256
85e4ca8f761e182f1231591be0a63d4c535fdf805921167be4ba247a20cfa049

SHA512
df3cda691da58922e12fdc5bbc7e6cf9bac283f3471a3b872022be654d92c68db62d16a4c6e0b591aad1532acfdd3ed3a01a22b0ab590928a57cf9be12b6728a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
e26afa8a2ab28e2347cc467de702e894

SHA1
adda98abfa747c1568f17fc8d27c7b6233e322a3

SHA256
da430dd9a94a83fc7cea88aad135744b06f47a1d89661d47e0826c5889eec848

SHA512
c924bc0d859c231bcf10c9dc989da5efc1803abd24098c1a86a3873f2c869e05986d07ef01d746ddaeb8a6bae2ac0ec784350cff2d62ed0634bcf4ec4b8df25d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
dc615cbbab9f9fad368d15eba00925d7

SHA1
27f71e147eaf78dcf9d126a8a81a42f4119357ca

SHA256
1e2b9c7b7c1af9ce7f574e360f629ddaf22a2f2883b65b94f73d6e87e9e3f8b9

SHA512
d09df148ef2d978651c6f647ae23592e98fd3ee1ed92fc2055fd1a158fee47e74483542f92235b11e42e707b465ae14d0eb7c2876c41f1cefbdf828d1f7fd5e3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
60ddc98dad6dd9e590895ae64f82ff2e

SHA1
5e0411c46b809503835196f966b89049755b3b71

SHA256
026c110f5492014784f2ed6c576b7c19dd337f723d8be54d3eba9f6d13b08757

SHA512
fbc400c26a46b669af3c2d9553ef0c8c48906a1490521dac9ad4dcf42eb4f65777d81435671da9aac29f8c3aab2e19ad06f93262971057e9fe315b7608a1d462

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
3be3f3ea5396b17dec1bde3d2e390d1e

SHA1
6868a2b851226ad78ce6d76490826d448a89ab22

SHA256
dd490acb56b389c5f2c9dd48f387db152af80013266efa5dc98a66d7b0f9e58b

SHA512
4c8863e5b4e68c952082137f9068c5cb1222b2c9636fc1d6fd7b554cc29e98dacbf8f299af0605591d60eb65f643dbbf709fbe870b67672b13562060efabf858

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
86ab1cf86d9a9706bdd2081c0f584215

SHA1
ac8994930fa57538d4a3f7ec85bc8c5882b03994

SHA256
a29d6d23229cc6813b76eda4579b7e119b38405da76303399044f0349fc9005b

SHA512
36ad9f081ee8d8ca8e78f7f9c361a78d31c26de2837e109d356183de2c55816d34f8f33ee1e0b159d231c5942d2dba002c2e7f74cd37a1eae64dfb07f4f763b5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
fcaf8298d252b5b926996bf99b4b8296

SHA1
a5f8d69d80900fbc419c8158e035ea5f5577921e

SHA256
0cc083b7c6e41732f28fd36209c5ccc1f525e959f51d323f2b3e143e89e5b1c0

SHA512
31a85fe542e3c7bd2e4cbad274f6583f9136de1ef0204d971bf28c3d36b633b5ccf97dbb9cc0063e0e3b168fb316870344f22dc842d2ea4d31b8ddeab70bc369

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
830e991ce1e88daa5da6e43a814c202b

SHA1
1cec5a8d106a2cec0fd8e11a88e2c9c14960cef9

SHA256
4440c17afcf6f701bec755f5544288277ff1f3558f8179d5319946fa1190fc97

SHA512
ecc7bb41c7a39584d7d02c177649694985fb6bc1a184743ba339f955b01ec9049b84461c05ba1d7b38b30432da241ec5003646ae051e7cd0d2e19c1d537f2d21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
cad5c17acb6e06a30a10b049cf5fa88b

SHA1
4fd9e79211c3f8772e8a4dc6380beb86050b5afa

SHA256
7d5bc11323bf655f158ad892449bf28e80b406a57b3f3ac93dc13293a6be7bf2

SHA512
8491f94ad94be1a5858deca06e8f35703a960fed88af7aa2d935352656f787fb360ddbad6f667bd475d16628239a5b551b0ff3b3bf813e7f62ddaa27f6277239

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
895dc5ce1e85fda0c2b3aa17c6072eb6

SHA1
02d7e611ffb4eab56bfe9b221de4cb05a6082cf0

SHA256
8409dbf6d0fe38edd7adfb9c739f2b9d0f5bc6ea25a567fdb574f81e9d8a368f

SHA512
dd5d7712322020a1d11fc3595131a7364ff30c22e19d47bd483333c21de96cbb8d6be63e474e1fd1b799472ea0794d5a8371097b351d4767e824e81fa3fdbdb3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
605c8e7580eb5d26f9b4933d9dfc8774

SHA1
34ea1e17a994b96f34a293cf1aee2c5851f6a6e5

SHA256
44d48f54860199808b9dd0c95f0104bae9fdded1e217b797782ca047c22cba78

SHA512
a6e19be2bb4f6c5d7fb31d19b7c587681a96d57aae51312d15b520f7b5b3b9ecf817cdea18700524a52a3fa671c4163f60b9fff64a17b8f99384110e1c194873

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
882a7b08d42ab3f4d23916cf973d0617

SHA1
891d1566ea97640af0e68d85617da163598213a5

SHA256
d6a491ee6f8cb5a8b6db7101dbbf13f6257f637f20522f86614b3d6fabb2d49a

SHA512
964d5cba4695129569eba445ef9daee20dd6d0cc011118883737bf65967898ec21f2666b881a63ab2119b6d0a11bf3ff8364b119982e56989488947506b32ac5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
af3655a5b885da16ff52ca1ebd014b7f

SHA1
73e8c33da641ca00b0392a8b01cad281f418490b

SHA256
968b2218b2f8dd41b7e06c447350945480030b67b4f5f3943828d56004e558be

SHA512
c2097b672eedb4730c23928f101a282b73525e445d0475705c4fb50befd7cb0e913e24e8b03e5cd696a0e15ae8c8c0eb2caadb7bba892bc066c4b22cc7175dbe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
474f595c6b6d7c8c2e8e79d9218d4b82

SHA1
08666c11f3c7fb1672fd585b861142169ad5c983

SHA256
72273a9b239f37abf72a727da00a182d804ccca2424fbd26b2ad914993014a21

SHA512
5655cb9d8900c96950082e03b582aa24d46b973cedfc892ff6e8355903abd6341a7bcddb8183c86b6944f2e906ecc725f92a155020427650f3d2d4e4e1f212cd

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
67dde277abfd0c5d8e07dbd89e0db1fe

SHA1
69ddd045a75e68c0d5d4afb3da9468cdb299483e

SHA256
360528d006e3156e00382f1dec26794fa98e7995eb0f5f036756d6161d1a4bf7

SHA512
51e46320b78a3b3b2668c7b1bd6e2b3438bf8de859ec3dde663dfdba9a40d203b5a7d51f8773bf442db96720698aeb4cd23baa40297688f041228e9d238bfd15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
446f49346b84a729d7a8ba90190b3c11

SHA1
c276713cf8a045a9af512b92d27f69cd330ef5ff

SHA256
f9d6342f6a0a12e4eee761268cc59a4c2a5adb1dd19b9fde7058a4f6c379a517

SHA512
f527aa9f89741f82882ec90eb2156264743c6e2ab9159a15179253cfc976deceb1b657b7ce0d54f6c993bb805578694fa9672b29126f1f9b2d7df7ba29464e3a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
0cfe7b7db461eb496a301ad48c73e43b

SHA1
88139d022d7291e7cc2f8ec742f5217432dc1580

SHA256
f2f2afa3d11f2fd04cf70fa2d82efaaea4e3c6b6913a0544639289f3946cfa1d

SHA512
56a588dd753b5edb6b0c6844a333f28cbe74bfd2b8d75482d66eaacd2b0689de7c825dec1275c2855762015ff3dec9b17d60bd69cb8d645342772e25c3b7752a

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
e0e9889ef0fba27d23b638adc304dbda

SHA1
8181c949d8f1879954d6c7848db68a06fd40ec61

SHA256
49df5e89f7cc37c315d478a04cea2816750c1050185229ef30af4903c3fb9135

SHA512
7c7fc1f7767c6e947740c65eff42e409882da0cffa0b8e13c86435bb2bf084156c7688274386bc1b4ab44d6c0d2e52f0d902f8be62af48958698f204362832ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
b440dccae68ceb44d3682ac063652c8c

SHA1
8b0c7f50e28ebef63893579befe47e466d38560e

SHA256
9d567a93e83522a664a72eaaafdf40305ed06ba8dc8be94cabff15c40ce12297

SHA512
af3f6bc1f43f4965730bbcc15f025174c14f6c4aa079a4197c05fe1709ae0df322bc0051936dd260f2480bf72877e3cc78e79564a02630acab0eec5f52f0cdbe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
38e62ee333ace976644fdf3247ca8b86

SHA1
99a6d7f4cf13c7ea33b6034d42d5938afc0fee69

SHA256
7c64777f6d34d70a82f54bda93799320fea4233fdf2e32f59f40dfe2785a4d54

SHA512
02958093efb339986410cd7d69b4288aa285fb2908181a2b91485560dfa6335c7e0624e63ea9ce3359e041ba081a961c7de35f5dd8482fc1528976b646b14ee3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
4736449551763bd25f3fd4fbc0e1ed7c

SHA1
f60d361e0b65a67a573a95a38323103a6251b8ba

SHA256
e66df50931cec61735016bae9919bca4737f3f94a0a6ac128bd754a2b18aa315

SHA512
9dafdcb933353619c45cb1cb75777b7f61474a7c16086c05f059f6992e4a53f735b6d03048b5b861fe382d2c0b825dde2acae0f800a92efedc5d9ffe6bac82ac

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
72fe0ecf426c05c05980f86321fcbd66

SHA1
98da9155d559ad81dbabafb544a999bcf975947b

SHA256
2d5fff717f181bd7510ed237b9905f9394c0da75a822826e347bb974aa0fa319

SHA512
6c3785f9726de4a820f6eb1fdfab0ae9b04c8e2ff6e4b3b857ee5b4c83cd8f6cf67a7518f9d4f94b3825f4ef72f3768e1b24f3f1effd7267e4d20894bd483576

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
11KB

MD5
d386b2bd9c5c7fdf5aa599eca89e861f

SHA1
25ed863cac5cae06b99cdf9fd158d64ebdcf4004

SHA256
8e5f3adacf37142f7ea697d6d2a9b2317dbe568b1a8f20a04aea5fb89827a6eb

SHA512
3c2ac7088356f906dc577fe00799b7832d3227e467f10e8f14c1951215cb3b248cbe07909c011f0247b500d69a33ca60fd2d502145a4cadce541a1273b06dcd0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
79508be4aa4725a4394dc1d285d4b459

SHA1
391da5c9ed114481fd2840106ae981e6ffc41fe5

SHA256
3a1570f25c00e747a6675ea3b99ed8c3dcd11d2f3e5f522094dc42b5aaae6c01

SHA512
b61340bd26c19cdb46b2ce5bdfefd57b9a25b1283bea5c6daf58f1bdd6165f1fc0186062aba4064b3a6e2c07def7afb0b65e5257b5a3bc79d9bacb0a7ead7402

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
b94bd30867128c5b1a3fe9c36ed9113d

SHA1
251567e50e249e9073f2d4ce9ad245a0089ddfa1

SHA256
33d1ee92412920fb8dad07d7b60069ed5692631bd084d0500d44876f922fecb2

SHA512
a92840da27be1eafeb4f57326ba8760c723f1e6fe30fcbce05ba8f4673ec0947922b059d6efc0a773a9da75ada677eca2bea4b2efc50c1efa7b3d0e8364370f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
c636ca8af978978c94f27b0ee52ec441

SHA1
e7460e418c9191fba409552da534b30c8a029341

SHA256
8fd08d57a2fb934c078605c0c074eddb5ce04f33d0bcfe6745d3567004a909c0

SHA512
c32cff0a222792aaa4113d6c42e5cc8b7faecacf2889c68bdbe83d84974fb2697453c446d8628889916c57673169b1922d6e067f838444888744398256e3890f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
43e96926053a9c5a2a0f5c54111cdcab

SHA1
079ee82e3613a03ef1c59f1c5514e5e84e7451dd

SHA256
6779b94ffd152a6fba8ddfe477916de524e1a83b8ad4947549f1b90414eaf896

SHA512
015ecb5ebd49713a6718a3169aec015e7e770b2858fbe0307dde70691e01d15426cd025c653737d48a635d54d92473bad433239fd8f87029677f4ab67e750b12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
a0d419e5d966deea539433aa14946ffd

SHA1
da0467fbc048b1bedcd14c9d70f3cee474e30221

SHA256
fdd62a609f49140d64186803afe47e3b34340ec1fa269a366c19e7fad4033da6

SHA512
1d267bceb33c4141d2127e809b546df60dc6f56277b4a0346fc56863a26326970d5e0f252787646a2219dd6d046d68d86d6ae69bb7861eb0f5b4910aca91f30d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
e9290cb3f30d6cb67ba91bc87b8f0b03

SHA1
3a6f79863bf034294a7e9c2b3d4d94fa51371067

SHA256
b9011f104e3ef0fcd41e8d073585c69ada18dc07d777cf56a729c04b993ac755

SHA512
4c0ba2b1d235abceb37c7c7b1531ba37e158a66abb433e1d3083af3c9634ba45c552853a0d3845d4415267b0c10f8e22e29d8c9d26708e37ffebaab5fac03bc4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
362aee1aa8336cd4ed3acd5f21c98c10

SHA1
2a7c540ad73b238f811988729c9518851eaf392d

SHA256
d079d0ea9fdf272644847684784edeec7193685536fa5ee81b91bfbde0e0adb9

SHA512
f14f324d2811e946e3215f8e94d8b59afde7056e26c22b47f2ba476adb74937cff6d306aa456f1462c07b97e8a51c1451647de90d4038f5b8d67ccd572596f4d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
05223a707ee6726ead1e2d0a86dfe904

SHA1
bca1f5ac4e92ab753969aa313ba45ce8d2b988d7

SHA256
2e5b88dc7d3512ee7d3bce40d8d08be13025bc11d1cc2e4f0a00693a8ee8fb41

SHA512
252dc93adb767b565f2b7119fb90f8687bb1b3fbfb41515b51a69abfddf94dc0e0b07f5e2b2e0cae0282ef81b1be750230861892db892444a2c523ad563d3076

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
17e5e61bacd915cc87b5af02a2f38c29

SHA1
650f1cffa4c05dc12ea3799e1388181efeec1b26

SHA256
565c0d8cc3ddadac6a0751218caf44a418cdb0ced1b44bf2c50261f5dc920731

SHA512
409d6ce7a57b82b9221cc82c35de9757be850d37406246e9979564e5bae5c8bb5d7dd128242457e1fd31ca343125816da88269dcbd81fa8001369af5491b69a9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
0f026006c4530b178f33ccb71cb5dacf

SHA1
ebcfd73aa981934899f3b9fcc904e01cfd038d4b

SHA256
9b0ffa12271c48865960fb7406f20e0612e57ee0a4eabcc3b469294873d365a7

SHA512
4c0c0b565a975d91d126e1cd0e95c88d88dcbb71440f3bdeba3f050682c0ba209b545a2602497b7908725dfc30493e4c997e57540ff9815abf5124676a3a196e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
e59209f4ccc184574aab2f15da8146b5

SHA1
b61007f949f2abbb04efd9c4f31d146b44df1665

SHA256
c7e195af6f93a23d2433595b2d592bcdcf6def6f137c6e4693356a9a442976f3

SHA512
df2bc14c5b935bf2e77f6bf1c2b5e469d6b21402d8dba442e6cc05b752ef4c4fbe92a9a61d642fb63a408105425ed1052c34cb7687a452b1c964673535f86db0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
10KB

MD5
f9f4706bf43ea7c1c49b1ac2b39fd933

SHA1
ade730ee34bb7a4ed822b8fec25dcb6a52520f69

SHA256
02ffed2a1204870bdc0d4575db4fcfd96cc362b179c593561a20a27a25b1d3ec

SHA512
230db90f85aee1988957c2e72249a123cc2c19f67649744dd3281cc89e9d5950c8fcbec1fd5d307c027497d7fb6b41f0cae11bac5e1582fcc58da6b67fd6377b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
cd2548bd01b5aa20ec67d6fe36170464

SHA1
84c9c9744656219f695108f2beb679111d6c5df2

SHA256
32ca2db244cc9316b46b7672d20943be1336df45e20d50788228fec59df2d109

SHA512
c9d5a1d73005851fd572ce48391915395ab40aede40678fa8486f9489a68106c3da7d90dc4ce53e6aae11e5f870f5c6e7d829344f4b4a5f3f116b283ae204b5b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
fe2dbcfd1977fa692c861a95190b5477

SHA1
4fe8d6bbd4fe2c947e3304ec61be6efd42401e71

SHA256
1bcdd693171055260257407c9b420a71d4f602ce4a4baaa852a41a714bbf6e98

SHA512
3b24d8531b4de9dbf35e98c450391e5a44faff5dafb3666794cbad93f4b42b380b7f87be93d7502823b5ecb0ea3d545897a7355e834c8543418bad0c9feca8f0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
ad3210a0aaf5ab6c2a8c929ac35c6481

SHA1
df6f352822113d3bb9bc3349c8f88b3e9e29d398

SHA256
97beee50482f74548785cd6a5ef3514497b0162aff7a5ecb31083b3ea488615c

SHA512
2ab49bbaa5439637078a7e4ef9ce7a35930df239b0bd3b40b4a111d79added81d572247a0c1ab5c2785c0061357ceb02911bd3dc908d10e20a4933d849f00170

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
c4ad0ceb9f3b43d080589330355a5c9c

SHA1
018556d7e13873c64dfd80be4f272fa6506d528b

SHA256
b4a200b0bc9ca744059c2d73a5f8de7e25608d62caca97f5c142347e920b1eae

SHA512
d9b2bb732a37f4f37316e7a51e9ea9c1f8d2777f57a38ea2930ad72d81c8d97fe4a6ca66b559104b5556655500fc569db6060f8c40d8dfe6751cc2be9b4970ce

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
0133ae049eb7986b0cc652ae5ec4ec4d

SHA1
f168e9ec71e66614a2c36a7fa1ba42647045096a

SHA256
d0b87581c80b78d4c38645cabd85150e39da0ff030c02937b92597edd16bb73a

SHA512
da1688977fa70c58d35f71dac05c433e237e2aa6eae648e759eea0fcbc0b4fc2ceb49ede3536c580402b4de8e7a2aaccac89d823eeee382654f01fb47b1a7a99

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
85bdf66f256175a0537ca50112e71e2b

SHA1
8fc5f253ea6a64aee5ddad4939340bc23039e32c

SHA256
c340aa5ab97b847e1787aabd4ce8ea0eb02e980be456cfa9425ff35f47990c00

SHA512
8ff901b894b26b5f25756ec180490528f5920ce7b6286c2b23ebe7310065e6bb11af148d4c398292ed67ffa96b63b8d3a79994d4537510f6b096640ca4395ce6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
2379edf8fe4c30ba1ec1f78b0e76775f

SHA1
991750d14e4e95ef1fcc5d1506249c9f10733154

SHA256
7ad23d9daeb46bdcdc5461f56503fe610c546e1d9aa8624f90e521f3755ca685

SHA512
f5d252bd9bb97d7ab4c118fe4d20fa6c1469a8ce911f7fc2569dd3e1ebe5d29c6161c3d55720cb2b52661843d9ec57b72f28a689053192e4093d790fb4ba1234

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
44ab56cd2904bbcaf2b52757267e6066

SHA1
1f3321e3e574704fb8494dd6f181f1aa631fa721

SHA256
520705b7d87acfbf642e4251fc6eb51722ae26a35797f50c6da0380d3c132136

SHA512
45cc6858d986840258d45b51e7fbb12a5798aee9ca55112bf2f37c2264f7de70daf77e7fd50c9b3a7276f5f338437fadc5b203d3d7124ea300a64d29df46eb67

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
64dc9ac427d5934ad6c1de3804888b8f

SHA1
9cb384cd4aba22b17f8364b970e630d4f72ca7aa

SHA256
0f20fa2e7017f5e465df69b58056749fecff77225cf2c2bb0ae6177e4f5c01aa

SHA512
f548c7b3e6b0623169cb79dfc269b2af64ef9a3b095fbbcd0aa0e59f05a6600d861cc371c46500179820d4fdd3412fd8da735bf26e37463cd08ec1f4a5e4b349

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
5d7d7af77edf5b29278ffb91c8c54957

SHA1
fc6c0f4ea3ed0b15fe20d517cbf06a050e3fb16d

SHA256
4f5f344f90981f8893e909f5e1e04aa7ccd08c98437a62f7787ea2a901b431e5

SHA512
beaf95042e551917197bf7d3678705b3e17f564aa8abacf3f7c0f83fa443b425ef0bd9f6db04d5fdd1d3ef1429e2d5d96a941c94b5782b26f8ff5cb1215ee82f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
47051b3b6123a8cf4806013556902373

SHA1
86b79a5244506880371c0d0b4c8b1e884333c721

SHA256
556379f0555362b08c1edd14adcd95e0463e6560c508e0e969896b67a21ee31c

SHA512
83d0c0f8ea2a36d529bf9c200152225dabd6f416761a23f866366b92a218277fe8509454f008a480db68be99bdcbc38c0b8455cea86c0e552c1c6f607d4fe50f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
b98712479ddfab385250a0edd917aae8

SHA1
6082af7f0c2a657e36f1735ba97b7add59b393d2

SHA256
b61d99c29a705539408033ffde99ec202ce36a3c061cecd6b5c1c752e48f01e2

SHA512
f0aaf4c443b30e82464a78d06a196ce474b34d486836cc9ab9809421e67815ac37e704f2ec89e1f6a09c4f1dc57c41e99d06b09170279568f87e8158da14de25

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
f47195a547fea2eaf874b4e6aed9fd02

SHA1
f557c82ea20165d6be7f2d063c855c3643203320

SHA256
46593cbe15d5716ced598b85bba66726a3e951ae44836559aa0489d38b7afc1f

SHA512
9a74626d5d0bcf7bba5bbee1c84b5c2e73d5e98cfe7b6e644d01cf02a87b5bcd5a53ba9484812cf3786a3233c0b90ca4eb38cc1752dace91179c90ed20eb0ce9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
9ec2df3494259f7a12325263dc083952

SHA1
996457e775f368bd08bda4b19eb40004d5c223bc

SHA256
320c41e267c67ee0942458ba387c2b09bddce688417fc4c10a96db150fa3ebca

SHA512
e0581e877545f0dd02d22f08a717aaa65863f4c248d3edfebc49845b6a4659bb4bbccce0d474825d0a067dcc1c46341e1c6b6db4e5c52d29fcaf01fc7b9629d8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
060831705bfae9e9a052b44d359597e7

SHA1
8677d4ec95552a1e9b7f68c3123088bd40eabb93

SHA256
8b8968f4a0c12f8c0a16362b66635ba46764595a4faf9e44a84b2b39e5404116

SHA512
2ebeb8ef9b4f52070336336fde74c7a0225935675cac300c58869ebc9c128a7c44b26c631b363b8ab42b95e29e4dbe6b33e91cdc9b1a6b1df1da7153b187d11b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
da3acaa41e8a182e81723a2db02bc667

SHA1
09b41451f28a03ffe041cd1e9bbe05b9ef6963d2

SHA256
ffd40bb965172c23e45436e545611d310017c4af42c9e7eb5b4e37d01d695f16

SHA512
5cd7c23df3cd9a500b35a0c01e1a368e63c953c4a2a82569d0fe637a67e9bdc846b4a965d7fdf2b6cddbf8467cb6563a748867aaebe49f96d7d063dc064f1bfe

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
5bfef8198754dd20c74671bd64abb8cc

SHA1
01e604bffde625a74a250f6c1a25ea93e06b936f

SHA256
f53231f3eef5cd01bbc27276bb0c1dbd012a8b61ecd8f678d8a7fd0b840715da

SHA512
97f15e2e76baa68c6d5a9abdbaf6b5bd630425355a891027cf0378a4602705835111f92fbdd2223b5564d708604f0d42c4e556b0cbaf9e994133033c51990586

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
863028c9c88c5665c778977f52883330

SHA1
3ffda83a4388d4f43881a62924e6fd5f5f06a116

SHA256
aaed02a6e91be317a8272c7710046fe78c4c367172e1df67c8925c32d969e1a4

SHA512
6566bab2c5a00e07ba53257bd5c66b655c0dfa89d73ff1c4befa3ab5aec45ec49f6366e5d43c493742181e85db19a8b95e8799ac478405dba452bdfce3a071e7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
881d8629c530e91d54e9a35d482a54f9

SHA1
a2b06e3cc91f4c7b354b8644af0482ae3bed61c6

SHA256
88fc0ac0c4471fe57baa78fe0e2838e3e2ad33eb2e77785b37bb2d6568e152f5

SHA512
10b50b865bad437991a6fb98a8f961172985fb308c2e540320ccce3e8d8512228e73a10f876429e3b4336ba20eeaaf716de2ce2eb17e843ede2241de7597ca8d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
5ead46052aaec5dbff912ebc132551e4

SHA1
32f27e1e5b877ec2dd3642e7377fc00a7ba358a4

SHA256
4fdb5706f0b2d5c2e18f6e78fb12848844883c0f80104bdb00b4554b8268c769

SHA512
eea1e50263b5a56f332dbff6a9f4ded126c6590787d84f2d3df0d7592be3951dd8e0f70ace07f5b12703af2865b4703541a36ecec4f6eb8d9c658a1f99213c1d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
6414d00692df0c3147a872a1ae1f4d69

SHA1
8a02c596fbad6cc42ffec270aabe0f3c8b176a8f

SHA256
b170be902bfab0407e20f933ad83a94bf0c597b0e740667c3e4b7b963b4cc403

SHA512
66a963b709bf228ddae122a4ed5884bd8f8cc5544a6931ece9fbc8770b0fa4c63ac0d9024bcd79a3c10978b0ac3568108b447539778b55ce605d10bc285114e2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
a4076d290336e408449bee20e3f74f6c

SHA1
fb458509ae1f81c1a856d73d45947061c27f20b3

SHA256
7ebbe456dfdf5030e0e2c8ae1c0b782f6e6574a2077b33f6606aac633cae8477

SHA512
d1f571b5a4a3d97cf66581f5d4ba5b56cb88976452b976c6a0a9021b85952e0c2abceb7f91a8aeaf7e2502ec4bfe06cfb168275a986651f1942fdd3ba49932ea

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
09d269f9908b43bdcd301aca70b5505d

SHA1
c8eb8b0e944b6c99b6b0e2b6474311117a966fb0

SHA256
45f5dd2fed04c0f066ce30c326368b2c837154bc698b2d0adfaf6ace4c61a2ee

SHA512
b3ad91326f0d45693f15f184257dccccf8763402cc905b8d600f8c314c9cb0286f5b4176c239badec0c2c4be542e480fadc253f92084e363bc5383965fec2a46

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
12KB

MD5
035c091cd4d1f1bd8052df68e90c6cf7

SHA1
46537e6f5e44b2d1ef0f38ca81cc3683ecdd9942

SHA256
1e401a9273166e58fc7782bc6fd5a0af3f135f0195d52c8378e0b6ee024fa0db

SHA512
ec9cabf4fb5aeaeffd04c0c51a36a974058f6bc9f39cec813ec3081b7d6e4aaaf2a1f2d5cb4d0828cfb87f895bbffdb5741c6f225734b5e0eea1ce82c0dd84d4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences

Filesize
15KB

MD5
40c8aa935c1203c5caf3736ad612afec

SHA1
5690c5f0aeae56db82eefcd4439b8ebd0db239ec

SHA256
aaf2733bea1d8ba9a6d90de238b995af4871d8bdb3ef0842d8bbd26b034f3f7f

SHA512
1a049ac8cd40efba80d28578625da7dfa61f811ffb98937abf54c93ab2b27f64f4e14129f97c12b518a18c770be1ec2f8146ef67f4de4c63e1228b61bb4530dc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\Database\LOG

Filesize
336B

MD5
19fe9909b7340ac9fa36793c7d34c746

SHA1
7e440f566993b6cb191a3ae4b79bf5659f8a1ba1

SHA256
455649f26f7c1c3676f18b8d223dc44a4d7f9ae962eebe5d78fc3756ac03e3a4

SHA512
208a0aab245c8ec9e3be75fa523e0a3fecc09aa47280a5da2b055213aaa34ed57b778da7a62e9581f2254c2aa90fd0716be3072f78d8b8dc425db6fabbc1304f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG

Filesize
324B

MD5
5e8d6032ef1fcf177b3d9e3f0189ded7

SHA1
a17a8d9f5ec378bc03b9fb3836a86fe795279e4d

SHA256
941f009e6baf5fbfb428f297da11690da0feb7a7030f3afa63fbcf8b86cc020f

SHA512
38bc21ebdea2461308373e50d3537d24c6c68cf8e7407c03a6ceaddadfeb59a42a740736f2d5687d2172bf5d5124af7c018164fe446053fd933b71e685e86f0e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Visited Links

Filesize
128KB

MD5
a027ac31db2bf7bc46489d8b4c88ec6d

SHA1
c1301c86a17a756322d7993755cdaf2c558da611

SHA256
4e0863dd88031eb85c9409e02de1abecced6d8f8833eca0b14e431d31df9fb5a

SHA512
abf6c1b3de07c93982d76784d407e2949a1763cc249118e4b09cec0cf6e9cc5b5842e8c4664093335b6989d1227c1c6d9aea18f044ee42bb784b55ede970be12

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Last Version

Filesize
14B

MD5
ef48733031b712ca7027624fff3ab208

SHA1
da4f3812e6afc4b90d2185f4709dfbb6b47714fa

SHA256
c9ce8dbbe51a4131073db3d6ceef1e11eaca6308ad88a86125f221102d2cee99

SHA512
ce3a5a429e3796977a8019f47806b8c0671b597ead642fcbfbe3144e2b8112d35a9f2250896b7f215d237d0d19c5966caf3fe674165a6d50e14cb2b88c892029

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
193KB

MD5
ea3c868a675156294aff6062944b6c3e

SHA1
0b5406e79c1c6e8d2fb9ada00d8d3ae8824ff346

SHA256
4bb52f3e74e6bf011e4769d96eb70215767f36e6ac124576937cc31ed76642ea

SHA512
e59b4a6b658077f0f92c08328295fde5136056dfad59f6a673edf44d9f59bfa0b57518d9dd994b82e787b25fe58f619a80d2703bea5b3cb55777e4455a4a05c3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
193KB

MD5
d78954c0501f87a6f245c2929ae3ab81

SHA1
a61afe2418d8294c17106b5e0254948857dfebf9

SHA256
0ba0792e78abdd27bd7e4cd75eeb9e6b12929857a09578a0d658a06a3b15c8bb

SHA512
55470c8562919387a9116a44c90c23af57cd2082678e7497e9bb9b26c364212898a404fd0abc5516972e4d56663d66776a3ff08e3d1929f4fc19895fea2c9f1e

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
193KB

MD5
d1d784401cb7d35edcc8c90f3beb9974

SHA1
7549a941ac87d5666a77b11b7f54c2e0e6aac8b7

SHA256
cdfe1df15d1cf904b31763946238978317c9d6723ddab1a27a6cba2ccd823778

SHA512
2d2f1a17bc3dcd294eaeb222d44e18d9c28e378272c7688f74155e4fdffcc9c085392af9be65a8f7c2c135b8b91062b73448027414f7f59efd907b27b62c18ae

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
97KB

MD5
bd3e1ad40a97602f02a4f6b9f8c73ca8

SHA1
da6e4a4b0fc87ba14b364acad6e63eb63bf7275a

SHA256
2bce83d4aebe1a08d13a132e867c4dc85537447cc81ca2620be4eb313ee40d96

SHA512
abc3554643f2a35e279a585e015ee94b82b1a94b51cd9293ac5e805224259217927c0eab2ea598be598ac7844fa9230266c19eace4df3bdc2fcb92010b39a928

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
193KB

MD5
336805efb43bdc6b7c590aab7fb6e5b9

SHA1
f679e2fe896f468097acdbdb1bd483d7f0064d9f

SHA256
d174eca811287389c8ef633f5db85fb8e680b4abd2f67be2045acfed94736bb9

SHA512
892666e78b59bb1959f01a29daa025d1fbd019bd3ec73accc6d44d126ac11d6eae127e1ef7a34dc9110c4c83ac1465415157673d7a115e5e9f99c79d657d0fc2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
97KB

MD5
203ee0951d8f4d624e1b6402515654f1

SHA1
f24edcec8861323158706027a45b17c22bb5d0ad

SHA256
0419ea6568e7298b5daeeed16f344a737a6fe4d51ee67f14fdd3001a2f8cda86

SHA512
7e701a9ec931f3ff2956e8bd607fe0764014821f1f48a6fa5f431b1135efbe82c0979b8e9a05f1ee770c4d551c1717e108d364c8b6c0c166d23388559b7ccc1c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
97KB

MD5
c36cef71704c1fc3f32b32dec76ea410

SHA1
f6fdd30eb826d2ac7948fe0c548d71c6c425e88f

SHA256
ef53724f75d3e0ec35cd532b02e534fdede2a2300f3d69819b291cb9d3515c65

SHA512
f0c20104d7ebb0e71add4e0baac61553aa0cb5537dea89ff38fefc6f36992d127efe977e53b542147c8f35fd3ddbf6810293739d7c21e0fcc475eca9a792e792

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\ShaderCache\data_1

Filesize
264KB

MD5
95c1b9597c5920ba71de52e7990f60f0

SHA1
238095d0d1730c3d48cf4125894bf47e6099024e

SHA256
6901a39a087b676fac093d85eae4740f9e204b0a2bebc48187c1fdd6a057d326

SHA512
3e733d6b1161212ae4ca1b44609a01ab3ac40dbce29e5a4cdbab54e8e08a4b4ed7eb89a4b95331b1ae4ca41d8f5b29b949b869c54f0c5385f4db654e74d20324

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db

Filesize
28KB

MD5
597ee4e62e31ac7c868bf32fa6b8d3e9

SHA1
ec140e9a895cae8b527933604f3aa08a7da7f6e2

SHA256
7b9512e27a098e7899954dee94794633c16a6adb6775df19ccf391ee7e776742

SHA512
9761e267851af6a2674d52d57216f77ceaf836fd0987957414c1442ba198d8ed15ef54757f486dbd27a4ab2a0aa55b91488ed340f5a7c10970d9a4b65cbf7449

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\segmentation_platform\ukm_db-journal

Filesize
24KB

MD5
a8ced9293ba5f34e580d7855110796c5

SHA1
fd32dc846ae698fb5c880a3f1c63034a0855caa1

SHA256
5b2bbeb63f967c97d7a379ea3b0959b47ae1a391c10799adfd80611a24a67c3d

SHA512
3722d328b43db28efb0e877b852d5ed94fc1521c52ff910a0226f136ae7e096820d90bd1df3001566056ce9bdeeb26d10d2cb48785beaaf5fe184dca66ef7ec4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
38f59a47b777f2fc52088e96ffb2baaf

SHA1
267224482588b41a96d813f6d9e9d924867062db

SHA256
13569c5681c71dc42ab57d34879f5a567d7b94afe0e8f6d7c6f6c1314fb0087b

SHA512
4657d13e1bb7cdd7e83f5f2562f5598cca12edf839626ae96da43e943b5550fab46a14b9018f1bec90de88cc714f637605531ccda99deb9e537908ddb826113b

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

Filesize
152B

MD5
ab8ce148cb7d44f709fb1c460d03e1b0

SHA1
44d15744015155f3e74580c93317e12d2cc0f859

SHA256
014006a90e43ea9a1903b08b843a5aab8ad3823d22e26e5b113fad5f9fa620ff

SHA512
f685423b1eaee18a2a06030b4b2977335f62499c0041c142a92f6e6f846c2b9ce54324b6ae94efbbb303282dcda70e2b1597c748fddc251c0b3122a412c2d7c4

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

Filesize
6KB

MD5
c6c8603f446859b30b664ea4eb215f27

SHA1
a35834c4252e4589f08394f15b55e0501747229e

SHA256
7b02eeea57a8a1625dc8203b92397e39740496f4be9d4eac2d5819804afccd2e

SHA512
39cd25d2b7e2c3831b5182d39ceb6cc79db4298ec85fe3c1767f7e17735238c6c698e94caf24c9e739ebda88dd6049e67e321536bffd384ba8963612b8586460

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\a1a1ce57-b58b-45d9-b0f1-b7ea0cfb8ecb.tmp

Filesize
1B

MD5
5058f1af8388633f609cadb75a75dc9d

SHA1
3a52ce780950d4d969792a2559cd519d7ee8c727

SHA256
cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8

SHA512
0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

Filesize
8KB

MD5
7a770960ac9f2c87603871fd4970de20

SHA1
45f9569d647420812a6f7d714e78a5d84474ff02

SHA256
541c241d8cbb1d20142224b9efbd9336caac85d5baf848c760f80fec97e69bc6

SHA512
56fb6094d27926935d292b1ac0bd8c86690c0b2bb5a3fc02dda608794f39cb42c89f72034b013c94de11a612197e33f39c2ea0ebae319ffc73836c938e61fde9

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Media Player\CurrentDatabase_400.wmdb

Filesize
64KB

MD5
987a07b978cfe12e4ce45e513ef86619

SHA1
22eec9a9b2e83ad33bedc59e3205f86590b7d40c

SHA256
f1a4a978ce1c4731df1594043135cf58d084fdf129dd1c8e4507c9e06eac5ea8

SHA512
39b86540e4d35c84609ef66537b5aa02058e3d4293f902127c7d4eac8ffc65920cb5c69a77552fc085687eed66e38367f83c177046d0ecb8e6d135463cc142aa

Download Submit
C:\Users\Admin\AppData\Local\Microsoft\Windows Media\12.0\WMSDKNS.XML

Filesize
9KB

MD5
7050d5ae8acfbe560fa11073fef8185d

SHA1
5bc38e77ff06785fe0aec5a345c4ccd15752560e

SHA256
cb87767c4a384c24e4a0f88455f59101b1ae7b4fb8de8a5adb4136c5f7ee545b

SHA512
a7a295ac8921bb3dde58d4bcde9372ed59def61d4b7699057274960fa8c1d1a1daff834a93f7a0698e9e5c16db43af05e9fd2d6d7c9232f7d26ffcff5fc5900b

Download Submit
C:\Users\Admin\AppData\Local\Packages\Microsoft.Windows.Search_cw5n1h2txyewy\LocalState\DeviceSearchCache\AppCache133679210819002823.txt

Filesize
75KB

MD5
98bbb51c2dc3f33f7e0062426bd3e260

SHA1
47de97817af652069c3f5dad7e505c2c2fe9303d

SHA256
2e3228246266f0e10d04c044ec80cc5ebf613d299c38bc549b38f39ed6e1059f

SHA512
62489eb5b1c16debc6ea7eb781117aa96373b3fcddf4b9a313d5c176081531676453642703ecce5d61191c6a45804e70fb8e4f71e4390e7e294cc39d99b3299d

Download Submit
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202408120714521\additional_file0.tmp

Filesize
1.4MB

MD5
e9a2209b61f4be34f25069a6e54affea

SHA1
6368b0a81608c701b06b97aeff194ce88fd0e3c0

SHA256
e950f17f4181009eeafa9f5306e8a9dfd26d88ca63b1838f44ff0efc738e7d1f

SHA512
59e46277ca79a43ed8b0a25b24eff013e251a75f90587e013b9c12851e5dd7283b6172f7d48583982f6a32069457778ee440025c1c754bf7bb6ce8ae1d2c3fc5

Download Submit
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202408120714521\assistant\assistant_installer.exe

Filesize
1.8MB

MD5
4c8fbed0044da34ad25f781c3d117a66

SHA1
8dd93340e3d09de993c3bc12db82680a8e69d653

SHA256
afe569ce9e4f71c23ba5f6e8fd32be62ac9538e397cde8f2ecbe46faa721242a

SHA512
a04e6fd052d2d63a0737c83702c66a9af834f9df8423666508c42b3e1d8384300239c9ddacdc31c1e85140eb1193bcfac209f218750b40342492ffce6e9da481

Download Submit
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202408120714521\installer_prefs_include.json

Filesize
423B

MD5
9009a134535ee50a164add2ef8cab601

SHA1
4bf0ad3a028ea572757e85d26caa18b7720a5aaf

SHA256
dde2993bb46cf3ca605813c1c18c42ed018c48b54b97489a0aa799585649815c

SHA512
c2ebb0706dc52fdba4dec0e14836ec2403f3c3223fbac24df295f8b7a495b3d76ff5ff3d270deeeb99ae614e89c81dada151b0472d09b3f84ac97033e854a0d9

Download Submit
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202408120714521\installer_prefs_include.json

Filesize
1KB

MD5
2479cca6a338349ce80a75e22e7c6a3f

SHA1
e2581956de484d1f7ab6c2bf495a312b47f15d43

SHA256
0a6dab9e691ed664d3037c2b8999b6f00a5f407e771fd40d55551cf4a947480a

SHA512
e24a7d020ab402e3809fe19f2e0d44099bbea9259b3d3e633f14c522a5d5c29ec2ce07f55e620c44acb548152b4a3f2f4cfa01fad64580c91b394646b7050ae8

Download Submit
C:\Users\Admin\AppData\Local\Temp\.opera\Opera GX Installer Temp\opera_package_202408120714521\installer_prefs_include.json.backup

Filesize
408B

MD5
a5ef054a6e5ee9380de94fc6c05cbd09

SHA1
052c5ae2cdb37fd90bc29b088989d459c8356606

SHA256
72f11b4a0db0612dda8f117d0e978b36f3207134f35d0af6b808f993926278c7

SHA512
e1861b68c660b5f6d9c24ecfbc021c88170a8f4fe63479fc25972c75f49baa7ad7e8cbb49690714a7fba9f33fdc1214694dc6b863a550eb3be1fea7c6cc3e39e

Download Submit
C:\Users\Admin\AppData\Local\Temp\7zS02395608\setup.exe

Filesize
6.4MB

MD5
607fb47ad9d20bb16f90e4a38c93bbfe

SHA1
578ea8b4bd0bbd32114bfd61910118c3d9cfc355

SHA256
8a82ae5c857123cc6972b93828f3a6202c0db4d325ea6d5b1e36dcfb290c1e09

SHA512
23470d0aa5989132efa1fcd4b1d183374384e3b75249910c08e22d2fedf315f084028b7299d6f6c0a5230b2ec78179485d0f187d0a87f710d25f1eac81939e47

Download Submit
C:\Users\Admin\AppData\Local\Temp\Opera_installer_2408120714504052328.dll

Filesize
5.9MB

MD5
1e6485e90130bb0cffd2ae2ca7fef2a2

SHA1
b9c01fddb3921b6f56d8d774eb0364f7024428e8

SHA256
907cb59383443ce62fdcd2eb90e4bf32cf3a0de6078e708f694dfc7bd7166b5b

SHA512
e28ec73e1465591827f092b71ab740a8de0b7ffcf5af0b3e4c1c8be37f16f1a87ae4fdfe23c25a305741a5aaf30fd2aab77f55061eb729f0dc5e64aef3dd6527

Download Submit
C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports\settings.dat

Filesize
40B

MD5
8aed0347bda98556b445defefaa0d9b5

SHA1
d2ef629515951522e40aa9b539861234c5fc3345

SHA256
4b9e2205be11b3092863bc48b330a95f8188c69dfd5f13334241cc9ec681e3be

SHA512
cbf3df453d323966127e24cae84cb14d757867295e523299bd35e4e04e84a08639d4165717f80af399b6208da44cc4043f375fe4a92b42497808776f8fbc235d

Download Submit
C:\Users\Admin\AppData\Roaming\Opera Software\Opera GX Stable\Crash Reports\settings.dat

Filesize
40B

MD5
f11342b7eace79853df3d461b5785ebc

SHA1
401be902bae9c54e78dcc091dec29bcc116de1c7

SHA256
e92f2d86c747e50232cb1e197de49cb6443bfc76af072ce23aed4f9e73b2f0ac

SHA512
34c6f28539c887b8d44b310af23d8af1622b311b1f2ffbc7fdabcc6c968faebfac1f74c42906d281568c8337559582da887b6ba3cdea2b2ead63bb01a7cb215f

Download Submit
C:\Users\Admin\Downloads\Avoid.exe

Filesize
248KB

MD5
20d2c71d6d9daf4499ffc4a5d164f1c3

SHA1
38e5dcd93f25386d05a34a5b26d3fba1bf02f7c8

SHA256
3ac8cc58dcbceaec3dab046aea050357e0e2248d30b0804c738c9a5b037c220d

SHA512
8ffd56fb3538eb60da2dde9e3d6eee0dac8419c61532e9127f47c4351b6e53e01143af92b2e26b521e23cdbbf15d7a358d3757431e572e37a1eede57c7d39704

Download Submit
C:\Users\Admin\Downloads\DesktopBoom.exe

Filesize
1.1MB

MD5
f0a661d33aac3a3ce0c38c89bec52f89

SHA1
709d6465793675208f22f779f9e070ed31d81e61

SHA256
c20e78ce9028299d566684d35b1230d055e5ea0e9b94d0aff58f650e0468778a

SHA512
57cdb3c38f2e90d03e6dc1f9d8d1131d40d3919f390bb1783343c82465461319e70483dc3cd3efdbd9a62dfc88d74fc706f05d760ffd8506b16fd7686e414443

Download Submit
C:\Users\Admin\Downloads\OperaGXSetup.exe

Filesize
3.1MB

MD5
909eb5a32dc91f57f6a4a3c4f23d5fee

SHA1
0fd0d292e0fcacb6fa89da9041822a3556bc9c49

SHA256
83dec5474b77900d1f65c72429616c7515a189fa5d7da9c384bb53c064b8e40b

SHA512
1ab8dccc4e12dd1608cae1f3cc1d78f34ae31765d544be5a65f7086297837f81b24e202eefb1982d3ed054febe08f14b2a51921284d3de54fb6f97c66b17d61e

Download Submit
C:\Users\Admin\Downloads\Unconfirmed 570886.crdownload

Filesize
4.4MB

MD5
6a4853cd0584dc90067e15afb43c4962

SHA1
ae59bbb123e98dc8379d08887f83d7e52b1b47fc

SHA256
ccb9502bf8ba5becf8b758ca04a5625c30b79e2d10d2677cc43ae4253e1288ec

SHA512
feb223e0de9bd64e32dc4f3227e175b58196b5e614bca8c2df0bbca2442a564e39d66bcd465154149dc7ebbd3e1ca644ed09d9a9174b52236c76e7388cb9d996

Download Submit
C:\Users\Admin\Downloads\chilledwindows.mp4

Filesize
3.6MB

MD5
698ddcaec1edcf1245807627884edf9c

SHA1
c7fcbeaa2aadffaf807c096c51fb14c47003ac20

SHA256
cde975f975d21edb2e5faa505205ab8a2c5a565ba1ff8585d1f0e372b2a1d78b

SHA512
a2c326f0c653edcd613a3cefc8d82006e843e69afc787c870aa1b9686a20d79e5ab4e9e60b04d1970f07d88318588c1305117810e73ac620afd1fb6511394155

Download Submit
memory/1020-1530-0x000001EE1FB40000-0x000001EE1FB41000-memory.dmp

Filesize
4KB

Download
memory/1020-1528-0x000001EE1FB40000-0x000001EE1FB41000-memory.dmp

Filesize
4KB

Download
memory/1020-1529-0x000001EE1FB40000-0x000001EE1FB41000-memory.dmp

Filesize
4KB

Download
memory/1020-1532-0x000001EE1FB40000-0x000001EE1FB41000-memory.dmp

Filesize
4KB

Download
memory/1020-1537-0x000001EE1FB40000-0x000001EE1FB41000-memory.dmp

Filesize
4KB

Download
memory/1020-1536-0x000001EE1FB40000-0x000001EE1FB41000-memory.dmp

Filesize
4KB

Download
memory/1020-1535-0x000001EE1FB40000-0x000001EE1FB41000-memory.dmp

Filesize
4KB

Download
memory/1020-1534-0x000001EE1FB40000-0x000001EE1FB41000-memory.dmp

Filesize
4KB

Download
memory/1020-1533-0x000001EE1FB40000-0x000001EE1FB41000-memory.dmp

Filesize
4KB

Download
memory/2112-1620-0x000002444FA10000-0x000002444FA30000-memory.dmp

Filesize
128KB

Download
memory/2112-1632-0x000002444F9D0000-0x000002444F9F0000-memory.dmp

Filesize
128KB

Download
memory/2112-1651-0x000002444FDE0000-0x000002444FE00000-memory.dmp

Filesize
128KB

Download
memory/2336-2012-0x0000000000400000-0x00000000004A6000-memory.dmp

Filesize
664KB

Download
memory/3564-2063-0x0000000000E80000-0x00000000012E4000-memory.dmp

Filesize
4.4MB

Download
memory/3564-2075-0x000000001D110000-0x000000001D118000-memory.dmp

Filesize
32KB

Download
memory/3564-2076-0x00000000219C0000-0x00000000219F8000-memory.dmp

Filesize
224KB

Download
memory/3564-2077-0x0000000021950000-0x000000002195E000-memory.dmp

Filesize
56KB

Download
memory/4212-517-0x000001C95ED50000-0x000001C95ED51000-memory.dmp

Filesize
4KB

Download
memory/4212-506-0x000001C95ED50000-0x000001C95ED51000-memory.dmp

Filesize
4KB

Download
memory/4212-512-0x000001C95ED50000-0x000001C95ED51000-memory.dmp

Filesize
4KB

Download
memory/4212-507-0x000001C95ED50000-0x000001C95ED51000-memory.dmp

Filesize
4KB

Download
memory/4212-508-0x000001C95ED50000-0x000001C95ED51000-memory.dmp

Filesize
4KB

Download
memory/4212-518-0x000001C95ED50000-0x000001C95ED51000-memory.dmp

Filesize
4KB

Download
memory/4212-513-0x000001C95ED50000-0x000001C95ED51000-memory.dmp

Filesize
4KB

Download
memory/4212-516-0x000001C95ED50000-0x000001C95ED51000-memory.dmp

Filesize
4KB

Download
memory/4212-515-0x000001C95ED50000-0x000001C95ED51000-memory.dmp

Filesize
4KB

Download
memory/4212-514-0x000001C95ED50000-0x000001C95ED51000-memory.dmp

Filesize
4KB

Download