Malware Analysis Report

2024-11-16 12:53

Sample ID 240813-n7t8lssclc
Target https://github.com/MalwareStudio
Tags
discovery evasion exploit persistence
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://github.com/MalwareStudio was found to be: Known bad.

Malicious Activity Summary

discovery evasion exploit persistence

Modifies WinLogon for persistence

Disables Task Manager via registry modification

Possible privilege escalation attempt

Executes dropped EXE

Modifies file permissions

Legitimate hosting services abused for malware hosting/C2

Drops file in System32 directory

Drops file in Windows directory

Drops file in Program Files directory

Enumerates physical storage devices

Browser Information Discovery

Suspicious behavior: EnumeratesProcesses

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of SendNotifyMessage

Suspicious use of WriteProcessMemory

Suspicious use of AdjustPrivilegeToken

Modifies registry class

Modifies data under HKEY_USERS

NTFS ADS

Enumerates system info in registry

Suspicious use of FindShellTrayWindow

Suspicious use of SetWindowsHookEx

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-13 12:02

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-13 12:02

Reported

2024-08-13 12:20

Platform

win11-20240802-en

Max time kernel

1050s

Max time network

965s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/MalwareStudio

Signatures

Modifies WinLogon for persistence

persistence
Description Indicator Process Target
Set value (str) \REGISTRY\MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell = "empty" C:\Windows\System32\WormLocker2.0.exe N/A

Disables Task Manager via registry modification

evasion

Possible privilege escalation attempt

exploit
Description Indicator Process Target
N/A N/A C:\Windows\system32\icacls.exe N/A
N/A N/A C:\Windows\system32\takeown.exe N/A

Executes dropped EXE

Description Indicator Process Target
N/A N/A C:\Windows\System32\WormLocker2.0.exe N/A

Modifies file permissions

discovery
Description Indicator Process Target
N/A N/A C:\Windows\system32\takeown.exe N/A
N/A N/A C:\Windows\system32\icacls.exe N/A

Legitimate hosting services abused for malware hosting/C2

Description Indicator Process Target
N/A raw.githubusercontent.com N/A N/A
N/A raw.githubusercontent.com N/A N/A

Drops file in System32 directory

Description Indicator Process Target
File opened for modification C:\Windows\System32\ransom_voice.vbs C:\Users\Admin\AppData\Local\Temp\Temp1_Worm Locker2.0(ransomware).zip\Automatic_converter_rff_to_mp4.exe N/A
File opened for modification C:\Windows\System32\WormLocker2.0.exe C:\Users\Admin\AppData\Local\Temp\Temp1_Worm Locker2.0(ransomware).zip\Automatic_converter_rff_to_mp4.exe N/A
File created C:\Windows\System32\LogonUItrue.exe C:\Users\Admin\AppData\Local\Temp\Temp1_Worm Locker2.0(ransomware).zip\Automatic_converter_rff_to_mp4.exe N/A
File opened for modification C:\Windows\System32\LogonUItrue.exe C:\Users\Admin\AppData\Local\Temp\Temp1_Worm Locker2.0(ransomware).zip\Automatic_converter_rff_to_mp4.exe N/A
File created C:\Windows\System32\LogonUI.exe C:\Users\Admin\AppData\Local\Temp\Temp1_Worm Locker2.0(ransomware).zip\Automatic_converter_rff_to_mp4.exe N/A
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_01cf530faf2f1752\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Windows\System32\LogonUIinf.exe C:\Users\Admin\AppData\Local\Temp\Temp1_Worm Locker2.0(ransomware).zip\Automatic_converter_rff_to_mp4.exe N/A

Drops file in Program Files directory

Description Indicator Process Target
File created C:\Program Files\System32\Ransomware2.0.exe C:\Users\Admin\Downloads\Ransomware2.0\DCQPKX.exe N/A
File opened for modification C:\Program Files\System32\README.txt C:\Users\Admin\Downloads\Ransomware2.0\DCQPKX.exe N/A
File created C:\Program Files\System32\Ransomware2.0.exe C:\Users\Admin\Downloads\Ransomware2.0\DCQPKX.exe N/A
File created C:\Program Files\System32\README.txt C:\Users\Admin\Downloads\Ransomware2.0\DCQPKX.exe N/A

Drops file in Windows directory

Description Indicator Process Target
File opened for modification C:\Windows\SystemTemp C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133680241784049268" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings C:\Windows\system32\OpenWith.exe N/A
Key created \REGISTRY\USER\S-1-5-21-2227988167-2813779459-4240799794-1000_Classes\Local Settings C:\Windows\System32\WormLocker2.0.exe N/A

NTFS ADS

Description Indicator Process Target
File opened for modification C:\Users\Admin\Downloads\Ransomware2.0.zip:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\Virus_Destructive_open_source.zip:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File opened for modification C:\Users\Admin\Downloads\Worm Locker2.0(ransomware).zip:Zone.Identifier C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SetWindowsHookEx

Description Indicator Process Target
N/A N/A C:\Windows\system32\OpenWith.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 4532 wrote to memory of 1096 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1096 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1724 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1036 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1036 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 4532 wrote to memory of 1148 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/MalwareStudio

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xfc,0x100,0x104,0xd8,0x108,0x7fff8f52cc40,0x7fff8f52cc4c,0x7fff8f52cc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1888,i,15147806352046031431,12379906896813044970,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1884 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=1812,i,15147806352046031431,12379906896813044970,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=1952 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2184,i,15147806352046031431,12379906896813044970,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=2200 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3068,i,15147806352046031431,12379906896813044970,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3104 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3076,i,15147806352046031431,12379906896813044970,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=3252 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4532,i,15147806352046031431,12379906896813044970,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4544 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4844,i,15147806352046031431,12379906896813044970,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5000 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\Ransomware2.0\DCQPKX.exe

"C:\Users\Admin\Downloads\Ransomware2.0\DCQPKX.exe"

C:\Users\Admin\Downloads\Ransomware2.0\DCQPKX.exe

"C:\Users\Admin\Downloads\Ransomware2.0\DCQPKX.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=736,i,15147806352046031431,12379906896813044970,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=4948 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.22000.1 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=5300,i,15147806352046031431,12379906896813044970,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5060 /prefetch:8

C:\Windows\system32\OpenWith.exe

C:\Windows\system32\OpenWith.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5452,i,15147806352046031431,12379906896813044970,262144 --variations-seed-version=20240801-180145.014000 --mojo-platform-channel-handle=5356 /prefetch:8

C:\Users\Admin\AppData\Local\Temp\Temp1_Worm Locker2.0(ransomware).zip\Automatic_converter_rff_to_mp4.exe

"C:\Users\Admin\AppData\Local\Temp\Temp1_Worm Locker2.0(ransomware).zip\Automatic_converter_rff_to_mp4.exe"

C:\Windows\System32\cmd.exe

"C:\Windows\System32\cmd.exe" /k takeown /f C:\Windows\System32 && icacls C:\Windows\System32 /grant "%username%:F"

C:\Windows\system32\takeown.exe

takeown /f C:\Windows\System32

C:\Windows\system32\icacls.exe

icacls C:\Windows\System32 /grant "Admin:F"

C:\Windows\System32\WormLocker2.0.exe

"C:\Windows\System32\WormLocker2.0.exe"

C:\Windows\System32\WScript.exe

"C:\Windows\System32\WScript.exe" "C:\Windows\System32\ransom_voice.vbs"

C:\Windows\system32\AUDIODG.EXE

C:\Windows\system32\AUDIODG.EXE 0x00000000000004CC 0x00000000000004C8

Network

Country Destination Domain Proto
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.111.133:443 raw.githubusercontent.com tcp
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 69.31.126.40.in-addr.arpa udp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
US 185.199.108.154:443 github.githubassets.com tcp
NL 216.58.214.10:443 content-autofill.googleapis.com tcp
US 140.82.113.22:443 collector.github.com tcp
US 140.82.113.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
N/A 224.0.0.251:5353 udp
NL 216.58.214.10:443 content-autofill.googleapis.com udp
US 185.199.109.133:443 raw.githubusercontent.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.215:443 github.com tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
US 150.171.27.10:443 tse1.mm.bing.net tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.210:443 api.github.com tcp
GB 20.26.156.215:443 github.com tcp
GB 20.26.156.210:443 api.github.com tcp

Files

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 5aa4e0d8e56c025f8243f8855d83f4b1
SHA1 93b80f17d0112aa3ffea6304692f77f31b44b21f
SHA256 899f05780afbe4537487910e6dcdb15fc6a5f02fa558b83496ec7cb727b06011
SHA512 59279d1380a46abb2204890d308d597d2479969f5b39e3280c4af68c1626891346cd66883327c040fa65fab0190cff69e6ddcaa9747fb9695085689f86099e50

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 f056634ddc57a1c6347059aab7ae1360
SHA1 b2be65656bdf52758c495cfbb9a0c03bb4250dc8
SHA256 689b046baea667de0ad0df182a2fd3fed92511954e37e7be2aa53f794b651379
SHA512 4f770e3686004f907e5be1098a44d313ec167d33b4ca5d8db41000a0be0d11c36ffe493bf17544427636d18d3ad2906a76f19f2a0aa006c6c7bed7b5f26f6f9c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7bde1887458ca5853ff3f3425692fc6e
SHA1 f6cb76f00085721666ef615473960e28e8573fcb
SHA256 8fd500f9806b7d6c8ace63890d1bd7d41fe26998fef00e0f782eaa3143490d67
SHA512 16d0bcd8c6b378c256eab9ab8715f7c3ac3c0acf8e5ca6d184d4e2f0360423bd248a584c5a6d74a47e3f04dc75fb83e4f8e5c0d112856a778440ea213e35c298

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 50b89dad686a85184108a92a71e21954
SHA1 2983ef27933ff805d8a26a4f42d1918a44b5e8ac
SHA256 8c7a3674efe2253c1b1fa9e42f205ab1795d8e930f14a6a7abc50cd49780fdcf
SHA512 29b896a6d14aa6c735fe6ed3910a7cae091007b659b9267a8dc746e194e63d88d9b85ec584164da44ea779065b52fb00d3c52e20327151d611b5bfa801dff1cc

C:\Users\Admin\Downloads\Ransomware2.0.zip

MD5 484a07e6fa1edb341aa6730f5f2fad8a
SHA1 91a51ec6b74322753471f6f72f8cf289efcd26e8
SHA256 5642a45e5e4218d53bdd8bf0bd8f9526cb35b898cc1d7d28f0cf41d36e465661
SHA512 2eadcf62cec77b66b5b83ade20a4b308389f18dcc9b2450b777db089b59bfa4d83750bd4e72f563f6a74a411555c1fb20c4a75e81d47f42d893236a2340ccdff

C:\Users\Admin\Downloads\Ransomware2.0.zip:Zone.Identifier

MD5 0f98a5550abe0fb880568b1480c96a1c
SHA1 d2ce9f7057b201d31f79f3aee2225d89f36be07d
SHA256 2dfb5f4b33e4cf8237b732c02b1f2b1192ffe4b83114bcf821f489bbf48c6aa1
SHA512 dbc1150d831950684ab37407defac0177b7583da0fe13ee8f8eeb65e8b05d23b357722246888189b4681b97507a4262ece96a1c458c4427a9a41d8ea8d11a2f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 d3991430c3c93756611aba220bbe958b
SHA1 9bc401de9a206e404680c2f997aeab549c6ff9d1
SHA256 548bff7ac382ec30629cd4c88ba475c6d43afbb8b8196c4410ea874a384435ee
SHA512 e3f96ab8dfd5c9e8e066b431597cd34a24c028cbd96fb29b207c86f8d56c540d13ef0224d9e27e8c2daf9a6a7f462355f04f24bc8d788235f86975f4fd0251c1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b112a031fd2210075bb38a6f0df899ae
SHA1 f177398acb9afe269d4aa831d7949127cfeac8d2
SHA256 4b0626a0fd1360ab74fc8e7af9074c46f4bf3e085f41ed1200390508308ae688
SHA512 890a355fb2a0cd75c5032bcac3d5b77ce8abfb028b42e676ee50fe3b9efe538afd16079c50807ca659e2b0bc2d2127733930902999c00b82844b9d21bfd3ba42

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 3aefa6e2193bab53e563d62b7b04e0df
SHA1 243cd52daf6d43ab732cc177f6825f1eef3ce584
SHA256 d0ac10244b37471065040c96830b34ad5e491a35a1a29cbdf4e21310b319502c
SHA512 74a659b7b5e931d0e653ab70c89ebbcaed40447b6fd6af51f1542f21679d1146ba2f1b6650298abcfccc7a38d18d4fb5a8084528ad63f1d619dd44680a6e498d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 0e3ac5d2ddaffa578695a1cf3f2296ac
SHA1 c4909fc873453e7b254b0b091db9e731fad4acda
SHA256 3e4b574cab4b9894c76b1a5efaa8c6d90e0f0cfb94000e4b03e34baa54c5189b
SHA512 81e2eb2c39adcc618399de508081c0a1a6c96c9a7ab29298819020da3e6be90dc846587444d2c79b239cd2349d4a57fe8d5168fe645e1a4edc8f40a850634ed2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 502300374938e22a40835d5cc0ff11bd
SHA1 9386fd72994d257c339a291ba7f35b4a3d9818dd
SHA256 366368d69b38bbe9db28309339b83b1b6c849af3528266992417306723ef5729
SHA512 ad7ebf46c2e4f7c3c27e7f503701cb26cdec1f31b26538636a4833b480304dfc9341b339c9f95f8ca8ab511338d556b9667231a261bd9b686e95e466749af075

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 196cd8f69e95adf31e51ac384ae8067d
SHA1 fc4e36abed071a4f68747f61f549c57680a745dc
SHA256 dd28860d2f1b02dcbe21860f896425084266d4633b6aebe689ee80f13a55777b
SHA512 895f269443b40daac00b614c50aae247f4ef82e1f6b6a8bd815db50c9528e0b0db76ded670d56c6ce3be546756e7e49eeaf372f4547e50a277c3936356458a39

memory/1912-374-0x00000000007B0000-0x00000000007D2000-memory.dmp

memory/1912-373-0x00007FFF78E23000-0x00007FFF78E25000-memory.dmp

memory/1912-375-0x00007FFF78E20000-0x00007FFF798E2000-memory.dmp

memory/1912-380-0x00007FFF78E20000-0x00007FFF798E2000-memory.dmp

C:\Users\Admin\AppData\Local\Microsoft\CLR_v4.0\UsageLogs\DCQPKX.exe.log

MD5 b4e91d2e5f40d5e2586a86cf3bb4df24
SHA1 31920b3a41aa4400d4a0230a7622848789b38672
SHA256 5d8af3c7519874ed42a0d74ee559ae30d9cc6930aef213079347e2b47092c210
SHA512 968751b79a98961f145de48d425ea820fd1875bae79a725adf35fc8f4706c103ee0c7babd4838166d8a0dda9fbce3728c0265a04c4b37f335ec4eaa110a2b319

C:\Users\Admin\Desktop\RANSOMWARE2.0.txt

MD5 35e9b0d52f6c44e51fc721dd8c48d19b
SHA1 bd2dbf5e8c9b8394eab5b70e920465dcfd99472d
SHA256 55aff57e7d5a533ccaade52f02d791d1a5f422a9fc4bc5d41b418739aded8b0a
SHA512 13859c79427ba01d8f66a9d6306fddd0e660ea06909ab6223ccb0539bfbac2722544add360336d4ace7832948f9703ebf4eb6ecd9c0060588e70cd64d344c1fa

C:\Program Files\System32\README.txt

MD5 abd3a90c6f6420abc00e36f207ce01ee
SHA1 5082b5bac5f9da9e8caa75da95bdd880e2dde2d9
SHA256 7f3a1ef4bd62101beabc0e3e00ede9072b72b4c531a5393ab9be72948ce06238
SHA512 70ab9272024482dabc8bba672e2bc1d17456788cdcceb0d2347786094608330d14a9ca7e4ba6760375849ed2e60c89406ec689b824baf7ecfe208ce03ae22de2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 50b4184883ba29e50386f262e7a916a2
SHA1 a92f7a4bafa61f296624e80be9c69492cba80679
SHA256 33f0f455de50130516c5fe6ae2cd6a68c483ba720454cab8da19a454452f49da
SHA512 a0a40781fecee6e3bd1a3c3140386af1dc7f62a7cb910737e567b039a20f2922a3cc07043d03cd07d8aa19a53cddf80544bdc4417191488e6729dba472b7e915

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d8ce3572adf192f146d616c2134c6485
SHA1 0cd752596e958d4456671929827cade5cf430d8a
SHA256 54d21feb07db9f3509ffb1b4b8f9cbdd4b2ae1d9e68dc5dee8f20e54492669ea
SHA512 1bdabd09d38e1aaae4fbee4efb1993ae11c7320bf3284cad0597f68f91dfd51d01771c5deb53056ef7166c2e4a8ec2170e8c434da83fd0f4a288486477caa5ed

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b40aac938a836fa1620fdde698cf6732
SHA1 d027306f6f308549562e3230c668de7551196ac3
SHA256 74560710f584c7e56ff8b119c51661d16044437f0d752dbc851c4f6bde7deebc
SHA512 4f4c0bc360d5c166f3efcdd4c134ddd422964c55c79c277af79b49fc4731e09407632eb1eed0bcdc4d73845626573b2f2aea744aefce084a840d43dd2b9d2814

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ca8229973c8bb99123db160a322ced8
SHA1 d376c8522e1ddc5cd30494835e03f137e8bfdd76
SHA256 a34328c7108b302dc352a349bdf9a8d6220bfa47927e35d8c187dcd44e8806bc
SHA512 ec9054d58d61177cf8d2f2b4964437194cb9b3b384a495fca0c7284a5dbfbbe537d8e78fb5ab1b3c39de7557911b25407e075069c2d9b8295ae61c20c9b9d4ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 b561042ada45190565df5f2c19bcfccc
SHA1 df2505385e8e5d49271176b640b54a8cac406498
SHA256 09598da02b41c8f3599279bbfa9a17334abf09adf7002c8a08969488e8d4f394
SHA512 446e3c4b2efcc8e605889d7a8ba3aab512aec07ac7aac5b6fe4fe8c6721cbfa17595ad1ebe03ac3466798a40a97f890dc55648417f4729ba5aae080d5c338b86

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 623bfb625af4c9a478df5aecbc9d07af
SHA1 e030369d8f9e1e9feca93a7eef7fe142b93daff6
SHA256 9a0257f5f777bf12faefb26c01ba5ea6807ad48c9a3b93cf8e0569a9eacf2829
SHA512 c749bc2621aa0a3c245c2243c266a46aa8e2c7d25188ce4b07c84dee58190717905dd18e8fb20dd94c102887370ff3228bdf57e8e1c43dda8ed51c5c92492049

C:\Users\Admin\Downloads\Virus_Destructive_open_source.zip

MD5 0592f326bdc30a76214b2a145f6ef04e
SHA1 3d7f82338a8ec90d3effb7d3f123c4e05a3b6178
SHA256 bc4e2e5e6b47482339f33f041636fc1b03f7ae31c7aaf575ebc3a090fdd51d32
SHA512 161646245dec8cb4f9a6195968eba8fb721c613b4ed6736ecfa6198e67fa894ac49247d026d814e19ecd5b9b03ef86a8d63b1b510b81b3329269434c1104b122

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a0b9ddd3d025dfd124fd641322a65701
SHA1 d0b8a020e5456b4e12a36fc076767ee02e3bb06a
SHA256 c8b6053c477cb923c597d4fc179a29f053da6e557cd96d0901734d1d5df220e4
SHA512 4b981aaf7e34beb95bf1568aa21df5f7db75a8636e724b027e106d52d6d0367d96d928446bf1a50b460199981d5561139d9ec602bc00c74b8fb259dac3d5d1b6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 281fef9379b7225086adfdf55c32deb1
SHA1 624bbadefc0bb0d8c009acfd2ac778cee1633095
SHA256 14d8f935ddf3e7caabe0df28ec16225e95531df0f2900ec996875327cba6daf0
SHA512 3e9895345adf84fac75ed41df9d25adbccab7cd5a2b674026ee4b4ef2528b77a554955c0e6bcd9483eb6ef9ffa740295c247a3fed29d622336c587334d835a91

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 bb7dde54ce475a2020aa6ff9286a7aee
SHA1 051c6fe7c5d02ae444175cfc441f7c5865f70bef
SHA256 a8f5b6a05415a0eaeadc035c9fce310ac2dd433f38e48f7b46b6a84d305298b2
SHA512 5d28466e390fdd149360758fdcb10b05ddca7659b2f81caad3ed066cf5a399a134f0db223e2726241aa4617ed5723e0f72d5889fe683c55f2027df561f1bab43

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 648d62625b36be36a066f74a9797ec8d
SHA1 de894ea88aa2bfefaf795756d61fa337f82e2cae
SHA256 2e00dd26c0ee4f8e06e2ecc24773ad195ebcf9ce36a99a6bb4a96d6f8a0d020c
SHA512 b2585ade24c007b5ab60ee1d950f54e1b106710aaedb9110a4eafdd5e218da7d13544898f51282488e92f7484556857714975395ee01be16d3599721e7ddd03a

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.lock

MD5 f49655f856acb8884cc0ace29216f511
SHA1 cb0f1f87ec0455ec349aaa950c600475ac7b7b6b
SHA256 7852fce59c67ddf1d6b8b997eaa1adfac004a9f3a91c37295de9223674011fba
SHA512 599e93d25b174524495ed29653052b3590133096404873318f05fd68f4c9a5c9a3b30574551141fbb73d7329d6be342699a17f3ae84554bab784776dfda2d5f8

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.idx

MD5 b5ad5caaaee00cb8cf445427975ae66c
SHA1 dcde6527290a326e048f9c3a85280d3fa71e1e22
SHA256 b6409b9d55ce242ff022f7a2d86ae8eff873daabf3a0506031712b8baa6197b8
SHA512 92f7fbbcbbea769b1af6dd7e75577be3eb8bb4a4a6f8a9288d6da4014e1ea309ee649a7b089be09ba27866e175ab6f6a912413256d7e13eaf60f6f30e492ce7f

C:\Users\Admin\AppData\Local\D3DSCache\cb00da9ba77862e\F4EB2D6C-ED2B-4BDD-AD9D-F913287E6768.val

MD5 d222b77a61527f2c177b0869e7babc24
SHA1 3f23acb984307a4aeba41ebbb70439c97ad1f268
SHA256 80dc3ffa698e4ff2e916f97983b5eae79470203e91cb684c5ccd4ff1a465d747
SHA512 d17d836ea77aeaff4cd01f9c7523345167a4a6bc62528aac74acde12679f48079d75d159e9cea2e614da50e83c2dcd92c374c899ea6c4fe8e5513d9bf06c01ff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b9cb93b446cf81c0a26f4aaaf56f3dc8
SHA1 42e7234be736d81f5786ca2e7aee5f86a466f877
SHA256 3dea68f9e9d8207b05dc3dcfe0f6a57e1575c329f1895f81572a60867c5a938a
SHA512 f615ce24db0f538f8630bf82908758e26bb17b91922ba861e147543cb731af80c3241470621ccc0e1726ce4e327b389abef4a9b711de9935d53abc7ab6819957

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000007

MD5 7709e911992939f58fdd799cf6793162
SHA1 9557370e9ec49cce4f5aefa86d4578fae5287456
SHA256 e912eab369e14942b65c1abb99ee1cd8939965e0c4415a0fe18fce247d47f898
SHA512 e2f585b0815f7e5966ea13acc6125325a1a8c5b1205d6eac899f325d6b73f8d58c43593425f6cb40e100f4a9a2ced78a90adbdbd35ac4a45236a4dbe72d9b043

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000b

MD5 90ba18973af8726208e34d208d8cadbc
SHA1 a745da43de91aa11efaa7f0aac4bcc4f898c3509
SHA256 342ed8801b0d07de4c1c5194c2a88e4b6ea400bbecfcb05d61dc6f943180920c
SHA512 343dd793a259ff975e0569472358156f13c1ca8b9dfedcbd0be843a010fad797fe206113947433db011ce8dd5ffa0a45fece46ef89312f2345b41842d1fcba5c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00000c

MD5 bc715e42e60059c3ea36cd32bfb6ebc9
SHA1 b8961b23c29b9769100116ba0da44f13a24a3dd4
SHA256 110ccd760150c6ac29c987ee2b8f7c56772036f6fe74ff2fb56c094849912745
SHA512 5c0edd336a6d892f0163aa183e5482313dd86f9f5b2d624b3c4529692d70720f4823808f10ee7870fd9368b24de752b343570419fd244c33ad2d9cc86007bedc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 71bbb227831d8f52d6129c01bdf8cb52
SHA1 207d019b40061525356460fa4bdce67c4c3814fc
SHA256 683885f7ccd5c71654627f809e8ec647083e1465fbf23d91b1eb94c830451f21
SHA512 880171683767989fbe3cca36206ede8775cc7d482747352b8ecdad34ae02f99c0cf1173b56756e9d5f6df6028d98f279253d9bca7761b44e5c2bbd72a83530ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 98ce2d81d3d93da052969b9c7b3f8e59
SHA1 ce9bdffa2499718e84fbf7e2d62e39dbe878377c
SHA256 0e26ed049130fa141e1fb8fb45d191e72e9384f6bd5c8b15a889c3850f8b8c01
SHA512 24d931a6a5d9cc01a491426e0b97b43c1c369592257c16dca38110182d56dcadd750ae50ee8e6a5158aa10ed71b2f05b0121d38a4183c680998769250502013f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000014

MD5 9b4e11b90ab99e2ac1adbff97068e810
SHA1 f62012276ad8fd972bcc53f99d940aea066261e2
SHA256 89bddebdb86cfd667218334ccdafc9c47b9acbc59151b4c44563a7b24578d27c
SHA512 14c6764a8798abf883cf6573a4ab2917b4f1edac8633d408230c9a29c627276b3a707c48880538df5d5b0943c3ce72c14deb42fd06d4d3b26d8ec31ed871e77f

C:\Users\Admin\Downloads\Worm Locker2.0(ransomware).zip

MD5 883752fed229f8a2e871296d217fb6c5
SHA1 aa730ba4b3191cd935ea8d7d1fda9efb3d89c44f
SHA256 995df061cec051f1964775932be424ee3da5a4ee91e2b9a17f7a625894088dbf
SHA512 a8baeaebd568d363f95202fc9e5660b7b367284413f6383b6ed469203a06f2601d0573bda58e529c1d9a23e0ae154306ee9be8ce52e5d65fe5662e67b7a3a549

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 516c65470107bafa4b1043e927b9a3e0
SHA1 5364b594fde3e764cca3984086f1d275391b1f36
SHA256 a8e58cd14e035c056d5848ae686d90b64381b78ddbc4bb79cb7128db4e1d3fbc
SHA512 75b1678b3635c287d732c7e775742ae93267b1b8a015ba48e480ec69e9ca72a59c10f22b2c37becb5dbaa7bffa136e3f394d9fd03081aea3df164b60a05fc17a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 32c3501311eb5c1fd1fdf5b2892295d5
SHA1 12af4870bf7a89e32a7c97715d6cdf2976b82450
SHA256 3bf7702feb0c0b03b5b16ea9fa5d0e5ff90995c015e91ae5da818e12ad2da8d9
SHA512 4787ea12a36defc95af17ce56bb75a3ccd6db83574f4170d7e6463eb916cbb292ffbff71ffa7078a781bb83f33099a845267fee12cdf881e9f6b2b66fff056b5

memory/3288-696-0x0000000000DC0000-0x0000000000E16000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 d40da6c9d73daa240659ca909dbf53ad
SHA1 4528d9321481ac532692c1e3c88bb6a35102b301
SHA256 b0878bf99142a786dc51939453ae871d769ee6ae9aabb2ca469c23c53843e590
SHA512 7a3cfc8ef78633407d5f95536f3085f874f2db1fe3711ca2b366d08f4b0db906fc0d90b2a3e0f8f865dc650dce0ddcb5a5c51d0d2dd958f7c45629f2958c1224

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ce0595127992822c677ff77e1149f158
SHA1 a2373d9e9d6bd00a6a517099ccdd5d3e73e37c77
SHA256 fd8603a4b95b54ae924159aca3e94deae704f103a45f9bb448d69fab0bb0add3
SHA512 951c725c3f5e8a459deeb17eaa4f56f8c6c9200e1b2ff732055d6bb37efd9d6d802ada1eaf4fbef34c5c90831bba5e9d0c57f8c8360aafbce8e66413c3959621

C:\Windows\System32\WormLocker2.0.exe

MD5 041aa5e99ae545dac5f9306bb20d869e
SHA1 88ea126645bfd418abba44cca4a16adf12084d2f
SHA256 830c271c8aca775457a090a51c93ad08f9665361eeeaa3fda3f9ae032202ad73
SHA512 4b8007dddd519c77bb596f6d17f270da62b236894b6fd7f1c528e553b1aac3a7f9c0df4bb40b678461f70bde3c5a8ac4b5e97e5372dd127a8184862c7f6f4c7c

memory/1920-733-0x00000000003F0000-0x0000000000412000-memory.dmp

C:\Windows\System32\ransom_voice.vbs

MD5 c1f9613622f740c2f00c2fa8881ba7ba
SHA1 bf3271720634bebb3c41ef2b33af525b62f931bc
SHA256 d200a1e942b8cfdcd8190d1ad59f92e27e39b919ba230f2dd88d70c3df428c7b
SHA512 49e00bb3c76f7e69818a889f045f3d3c43badf2116facccbbf69c61de19f91a42aee891b9a5b72a256453e2fc5c637adac1e354cf88e6782679afa886ad1c615

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 91cc99947ea34918025d2782f40332bc
SHA1 d2139a0c6e222411014a1a43adbf9217013e443a
SHA256 f85a57d065f46ccf25d51fa5cc25e05ab2f4515e5f89bb961583694b9b1ed9de
SHA512 bd4c4be9055cf0557e2c24856126af811e1930f9e2e2f2b94bd849e855485ae764ce91252a383d4bd56b9498a002afe18f7558674e981011a04c78010f897d2b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fee59899b6c56161e60b3ce874e8b4b7
SHA1 442606c2a78c1a5f1c5ac91067a8d1b6adeedfd6
SHA256 e1168f35ced03df0c4de94f00d82be46fb732bfc67c6b639e843648a8dc292a9
SHA512 d026d6bfe8da27b344c3f055a0ac76fb022cb9eab275fb8d63ff960ebe0c1cf01e74db670a34ea2d9f7bf5397fe302ba8937bc44e60d4dfdc7e61ba9dbc2f9fc

C:\Users\Admin\AppData\Roaming\Microsoft\Speech\Files\UserLexicons\SP_83EBAB096A52466FB0EC42177789BD22.dat

MD5 c0b0db1ee509dab31de3ce55d6a3e79f
SHA1 3a7ebec07188b2d604cea986336a77d23cce846c
SHA256 c84b8d9f6a4f4d10f7dd2ef0e63fb843897281d635e04d5720fce0f71895351c
SHA512 b69be2825a2c262287d7c683d4a7b1530e19274b96bd236d8cfc0bfc8eb41f4cc6080ec8226c078782513dab05dbf62d374d095eaffaae3de16d857d9cf32efe

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 750dd94e3450ba55811bb5ab040c67a3
SHA1 43b650c9b8903847bffc423217554dc9b79d0361
SHA256 5d9a9e2865487fa8a3e54d45f61da0161b650265d0883c84facb93c24d2992d3
SHA512 9aa3110004e8d30fb362723a3acaf30d034a7275eb5b029a76c0457dff7a03fb7c4c5dc6ea8a9bb5086b92a16e18fa90b5541808595eb12ef27659d4bdc76fdc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 92b71b04600d87ca18378b4d46862a8b
SHA1 d7c997e06b5764ee1977545bece4fd682d352797
SHA256 8d0362d3b0aaee6e874318662798dc0182798df03d12cb1edf9fd46bbc248d6e
SHA512 14d153eff434b39629ef145e2381897f765a24a7364d4fe162867bfa48095a2839febd44a257f38a4263abd4a817cb0d47515e19f972ebacffc65155e0d73471

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 eea0ffb1b08fa2b7abc55699f1e8f26f
SHA1 9e2f175daef1e72a9e6479586be9f28a11e7bba2
SHA256 40985a147f816e3d6ec5ee3653b7f59bb77713ef9fc6d392ef66cec6e7267030
SHA512 9fe8d77378d20a09843d04f0a2b5cb4ce1e9d172f94775c9a7da9048f20b634ddb69045ec34e5f0fb5ea732eff061151b0695a81c6b90dab330d455fd2be5265

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1b5de6c31aa78e132b9527c5b325e728
SHA1 ea5bac67e17736affd67c4da6cae114e04066421
SHA256 604fb07f927a64d95b43d6920e951d7c1784c593e0e84bb5028537efcddb14f0
SHA512 591b151860f45ace3288c700e4664cf0ad658a09f685cd855eaaca07d7cc5127c005506fee2fee7e3576c61a10f46fcdfefdc4f7f9ef3260e09cabaaa2d534cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 fbd2cf9b31d41e3f3de10846a0e1f9d8
SHA1 2f76bd89d801f1700ae1462813eb2b35008a194c
SHA256 5f1b1e3c4d0ac79a898d64f2e142b03e15a1d537bc9c55b6c0a6a05df22d1d94
SHA512 3d5f1750a0942882a3cb32d3d0cb839dec7026fbba8bb49548fcf9793362f6a02f28e8a7918909f13086278009a6c3a192c52254efa40826145149def3db639d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 55888d8b2f59013895763dfdac84729a
SHA1 b7b278de414d38094de2dffb2c37f1ad2de9df39
SHA256 a87bf1263c671894cefc4a6c00e563b73c9e66cc9a169bf0c33811eaee3aefad
SHA512 59988ef6e4a3e7646267b17ce5232e973455c9743f35bc3722af829fab6030cc4ae61f6090a11531c1b3e7f5d4e80a6f3963d35bf918d86a9630c9668153d022

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 966944a29ed9e8d90db4c9359896e08b
SHA1 0de8a6495bc44774ded582af1bb1fb338e17ec31
SHA256 f42596afd2d25a21b7beb04dd587b5cf5ffb26cebf6452e373ec6d8296cc88a3
SHA512 2224f931db33aebf37f5651f02472b3dd1f20231a3bda92cf6bfc4fd2d432ef4957ba04f6cfc0df686d8362875cfd42af1d01e3a645cbe8d9d768d9390243442

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 308e7f987ecb90defb08a5690ab131dd
SHA1 a8d6f0c19a0f180bdd4ece14ff119f5528179b79
SHA256 8138cb2c04821359d959d4b68de86ac39ae0ca708c4ff94eb2f59a9805a8fe83
SHA512 933752df45047b10256d4cc7334113563e624d89f6387963698ce18c419b57f94778bc11603ba95579ffe3961f73066e74971abaaa9af32089505dd621b241be

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7ad43394505a7785041f35b21ee623ce
SHA1 b9f05553d51225f766bb305a6ca1440208b4c43f
SHA256 46337b0ebbb39a15982b27bbe4a82aa59820a5df90ef17b24bd7a7d5f23440c2
SHA512 5700c9e8a2370b36040d3d4e5410d90855310dfb117f0a591ba2e862243e3b76bb28ecad95106763c258f259f5618eee7502869ba376d1444131917d32594314

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 796fe627a1a3705f67cbc5f2aea8b908
SHA1 05a02150fbeb8b4298e286ec2624d94696b4e2ea
SHA256 b78e2c1f6d322336a66ce94d013542f9e0649f6d1da85fa67e1ac9eacc820248
SHA512 b293f776bab18eb9383208e9a7e3846fde76d52b9c916aa892fba271c611e84dd9f411aa59737beaa33edc62ef817305613df37f37397ef7c9d35665fc5c8a37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 5ad5d6ce17f458d4fd4e924b67f24925
SHA1 f3386b44c8b53e44089f06d0d0a00f0eff3dff4c
SHA256 18d5165c1185a3564314e6e9551c22a7aa3ca2f566f34d81f8184d94a6d227f6
SHA512 6b9e63c7999d576a8c0c810710eb54ce4710237e2871a319285ef0f3b37f030f09625e7c5569bfbe0c55e02c997e462de285d083e4431012d052e9462052a2d8

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ea48f4e0ff258e671f24b3a577c8d4c7
SHA1 5ae462177ac55743f78caaa5673ca9171d6b7e73
SHA256 eb20dfad977351844162595ecdd1e18c6fb4d87ff1a21085139aaf4b52e67c71
SHA512 0653793ba737cc6e347fd98c9132587f17a47617cad7e1d69eb2890312600134216d9b11b93f8eb2ce07780f0570a7ac1096705198863d9179c2ef826dbc9018

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e0ffa515d2f3cd0f1b522221d5412bdf
SHA1 661cbe1773b2fdc762fc7bbc27f392f463b9d9c0
SHA256 f815debbf1fa3059b99df828e7081ef30545fae27fdfb9c2298caeca5c9e1198
SHA512 9cbf995d91c6b4f871b25b52c0f405d085884442bad8ab24c808c1c856850b73c11b5e30506408a5632aca5fee61f3f0999057072abc4aceeec390af6c7edc60

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ef8b1f8fd49ee7f2d28cea2c6860b88b
SHA1 363a6d5da3e3ec79d78b371ddbde0278657b6bfe
SHA256 16a9e1ba9ba1dd9e0e587431919aacd10e2ed6323d42cc01dcb720ab32ea5934
SHA512 e36c008bb10f5cf1bf66d572e4a9690d6971f419ad52175f8a48cb2b23a49f12819dc15266ef456ee3dea2b633744c19b7f0ebe141e2b9b02ea7ee4adfe50ae6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6e2acd31e44dd31371fc02fe210be06b
SHA1 c4403ad4c18106b888eaa167b4ad44f2da19d6d1
SHA256 bd78b4b57f1465dc9f2736160cf151d68901592dc2a0795e51865a511840ae52
SHA512 dfcbad23099a5b4cf7644e125397885323849497ac7e2aa9daf74848fc6f9ead7b6bc5f91df769a63e914f61135f8d45c9270de789bcdcef527399c379c064da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 73b1d41404df4a370c22ee9eea078dbd
SHA1 ce0986ff2fdfd442a1a3723e1eedb689f3f0c703
SHA256 5dacf44a431c59506faed395aa13f6eb32ad39112e15b9ea9c65a9f02e7bdbdf
SHA512 8f31a9cd4c5e74b4ce24412e35b19ed27f0a5ba839738cac319001ae96d50a02721a9e8f70c67d706b148dc70da21c4727258d44bed2e432ae68440ecff25040

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d2e68836f6d53fab193247911809bd9d
SHA1 8a7c1dfa4337297c6f15edc436e1674e604a10fb
SHA256 e6e2010e173b790631dbd24ca15199b9875bbe94a882f456cf1d05365a725c39
SHA512 89641c25f01048fcd2a548db7d580c875e1768604cf2156a9b7cc29e6d41a48decac8f89d0b52abfe1bd83b9493c39dc3fa7a48296fd690be230f0519e292ed6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 1cedf2f0930c84daf7205312308f705b
SHA1 32b202a4e6743b4d59bfe167d0ba5ed1da8d2923
SHA256 b75c620ce50f4ae1ec562e13c5e4af53a55d0b0843c355af8ab518560f0a29e9
SHA512 fad3aa2b73c22f9e6f641554cf53940c4d0fc1be6dcccb7e9ba15dc54505e1cf0082b479d9a37f2d1b079962449049849aaf3fe884e63ca883fa2d979bae0507

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 718c9d7114894c446951cd04d18f8ce9
SHA1 324db8d3961d12aa9283fda59c317255afd657ab
SHA256 6f28bc3fc38ebb3f6bd237b2c4318fcaf7954290cb41531bc336597083d47f40
SHA512 f1e83648e79c17c0a3e42a3d7f08d9f89d49ee9fbcfc4f079d516710763c49b74cd467da1f08fd90a6fb4c781b1d8ddac52fd29bbf6c9d6f18f668bbd6457d9f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7a4fa9019bd22ffe8b8917d4ab62bcd3
SHA1 13860f05b9b75932e116a0353268f4c59da5d2f8
SHA256 99441c3f5c39b10aa58a0ce084bd6f3885c95e5d171a2732a936085cff877969
SHA512 8d34dbe629b7f09bc160dbeb3f8bd58e099f0b881549582a6e38a2054a5fc0d7506c1a66de8401bd987e2acf165dabff541906387fc18b39c109985dacdf236d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ff9ea60e147965b97d85878b24aeb108
SHA1 de03166ab7e6743921d1dd2e8e544c951792c6c8
SHA256 f165a73f360e4dff5ffdb02808703a7a0f129d32c6365b90c9f0318013c5ec19
SHA512 24c23f27f9c465e0a9f464098febc5c92b1a0aff2f2ac9109c4fb800b50b58c1eda5daac94919621f696e948c447d3eea2d23f93ac774efa79aaa739036f4302

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7098ea27db9efdf23a10ce7938a2b148
SHA1 48a11f54e1730c8230e5adae52bdac1ef3a72d38
SHA256 1092c0ddafe35ae60a361d46a492053efe04a11a1cfdfd2cbf94bbb8de8c4179
SHA512 afe538d733359780404b3c1923c3e8e24cda80798dc5b73cb7635fbd21abfc82808608ef90d23c40f3cf464383fa7023efc11ece7e2ec0865763633568cf34cb

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e245accc55ed900a70fea0494430203a
SHA1 4665cd33b2e179492d0a3b0658d0d3c4b2e2a5ef
SHA256 2ee3a0226f21b8aa6599a1009ecf7c5f00ca78c4faceb94024a090105d02ff95
SHA512 b4222e6275dbe18bd50a0db63feb020ca72c6a0ff07ab554e74dc14298397177374d16728da52f5990d282deaef716dc473939776beb0994127eb8f8989047a5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9152640c55aca6fe5eadae7e529c0137
SHA1 194919bc4c9aab492d285e1f77add1e5c5726a0c
SHA256 859bae585b6d8f7b2be5f48062f5ff6fe6b4c9d5d725359cac2d813b9fa93e61
SHA512 4fff4724b829b11c83d48731cada5ac51994027742602a6695afa67f2f2ac3a5eb0363eea28248b377ff7d33e819cb4137d9ef0fc05f18798de7b9c4bb78eb18

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e43fe67a3a39e0ef433858211f3f091a
SHA1 1245e693ce1f278b360bfa3d3b066ce129eda44e
SHA256 add496f52a86bc662106cfab8cedbe67d9696aa31545245bd11ecaa4736c03b1
SHA512 68576797277b2d5cbd46f1b1d751ffc11864b7342dbe386add43e8617a572d95471e9fe4fcdf0cc09a69d5267bf359d845a411dbd0b6d8a414de4b4c330ba81b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 196690af54786914c0b28efd83a968e9
SHA1 e1b179040a5c90eef9743ec9ba9ea03e76250ed3
SHA256 a8fecf04841f62231e196097878da27d8e9fe5a3930f202df5ed825001d23cdc
SHA512 1bc56586b098cd8aa735afb9b7fdca871f684eeefaa73e2527ccb454eea345b029af37baffe50a7ad6313d25234b60e3fce2712e5c4e6160fc329cbc97247cf6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b685ba30cda4e147be7dbc6e1f106fae
SHA1 a79c21f736c5a22bda94c23ad06f805e9e0ea758
SHA256 a2c8030fb1306ed2408591abee9b7365e0eaa5dee4eb4264e2d501f0a92b752f
SHA512 efcdd8185d23ff68d1e0b882b3167d851b5218eb2e28f64a8577ac691e65d7587a0d551cea64c34d31a19b98e4b4c909ab955ab5a54273810e10b5f02e477373

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ba84b50ed550996a6cb49f49f71313c
SHA1 631e325de5cc3927acb57c97b03d7508bec570d7
SHA256 e626d3b980d4387de0854bb72bd5d1bc0874d6d32bff4ce889879fb655e6492f
SHA512 9c76a45ef3871527423eccc39f127294fad1e04c784382d04b329aeb0ebb42ef896bb99bbc2e13742013068ee9548988b2847f10059bf69a333e35156a0a2dfc

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f064df8cad4a7ccec48b43b471e18882
SHA1 e85022f6ae511affd5208634884215ebdde23c96
SHA256 17ce17a443f529d96ddfbb5f865a009b7747695e1531cd7fc3a3e4bf4a4f2be3
SHA512 d7d47e541552717f577f00c30e949fd1bc6faa19db82a7eae8711a8cd22004bd420a10f91c782f838336cc4546009541e22344a23657d0575a6f9212369c6a6d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 52962bcb268bea0fa11dcc56163cf1f3
SHA1 39e69702b54b1a1db24bf4941e691179f9e4511c
SHA256 a20a28139303363b7b955d4832c52e46dd126cc59c5598df568583b0bfdd8a23
SHA512 da1141a1f39a8bcb82f1251168be9383bea9f1829f3d83b7cf612e197ae2cd00c4ddd8631b95d3953219fe574bc8b5d88a249618ca23276b6bbaf3be69a4494f

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 3ea26b13ece79b0eab9826621bb4b732
SHA1 4f587300c38c0ce5b8157ea0726300b5b630e48f
SHA256 14c17a02f85a5faa70f62444d12caf24ee346b17e75b94c7a5cb1aa9e6e2146e
SHA512 b9b275c838331fb46720e7a02844868a868ce4136b46f830406df82727129b157028ec43146f4543cff54775f75673703002b53c1e8632569ba067a4841bc761

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 ebf3f8f6a23fa12c61b383e966ff1b32
SHA1 687871f9b73438364202e9feab1c6d2556f8be11
SHA256 206099a22e8b39f3cfd92f7568f0a42a58386beddeed00015d00e4a8222f771b
SHA512 176ef3adcc964183ded9bda54a884a4ae0c382843dcb512470204b26c123de2604c1c59fc4854689793944705b47cc4264436fff2337a83d313f84d90a867dde

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 557c2a6d2e961c3a8ce17a01d4b09863
SHA1 c970a451478090b6bb9c84d4220986b3954bee1d
SHA256 6187e2dda33d76d3cfd3dd299dcb75973187fa9957b8fae889dfd814c205e88c
SHA512 ac72cac9c60a604cc62ce6b508a4ee16cf1499ed2078b8a3708cf483edc8a704f8ca96af6ebe7bf4f540ed8fddb0e634a2deec135cb3acf2277594801bae0edd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7aca1f6da5c04ddce05bef80add9d949
SHA1 953d912fdb19514eb2185b98c41e3181b47bce82
SHA256 73bb4b11437cd5f002d245ef294fef3d5306b2c1662297d4389ed49a07e0d3a9
SHA512 bac7c388f7b015c07d23e4ed68e0d80bc86b79a430b4b86384db159bb920a15f241688c3d84d823ca60e0259286526293cc20be552bbaa3845c6d3e546e80e82

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a13d0019bec8a8b96ba5cd5269ee9c9b
SHA1 65cda11019a0aea2056d3ea5e164b408dcb8e428
SHA256 1b20106c4764e7a06b95905f0f13d82fea8e60f801a5bfa3784581a50f1cc806
SHA512 4c792a573877b07ff47e7dce0d0b361543e57090ba69f667ab14b490be5d12a86c9129a4fec91356bd6854146744d62b9334f60dad34a3ca69b3a3097b3353bd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9890188228f92db6a6dab1fe772c3082
SHA1 35c4493e3074f1227f9489d76020832ff2de6e0c
SHA256 6241e7a04de0a27e51eae4b4d02ea069a57e714f9a036b4efff5483f332edd5f
SHA512 b96ee7199680086dc95be9fc66fce33ef1593a467b98df7e3a3491c9f17864d43498f4ad1ca81b5a7b2d5875d22682bf03e40e7f496dfb62a9f71448255eba78

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 f20e1bf0c0cbd359d51c14d67ff8f7e5
SHA1 4e24f6f762b0f2f3f8d6d54c950e0976df4f7271
SHA256 0a3d30351c5eaad1c31e0b14e2c03614d8125170371fb2719473c4b1df32ff8f
SHA512 4be75ab8bcc1c8ab10fe1e2774c88edc6ae8773fd875979ee565718de884552023cd4129de5e8f1f1f95116458189598caaec13e316107cf48cae2cd6a7b3905

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7b68d8fc11e8bfe621243839063a0dde
SHA1 2270ddc32829c800a7269e52365f20d8dfac061c
SHA256 4201946e1a616e17150da80cce763c32b90c905b6f96fac8207a19da0207d055
SHA512 88e166342c1bf6e8341528f084aeabc940e64f483e494c9d03114ba37efb87340e24aeb29e0338126754b1306df7612041f73f4096711c38fe3f089f3d6b5ec6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 16cf98a2584528290fe80e3202b643da
SHA1 76b772e8edc2bb35a6cff9b9e9f4841428ee1492
SHA256 4ea54f5676cdf97e5f5c9eb9c2200485dd289b59bdc61b2147847981b1e2d67b
SHA512 1606a9b99885d72e3af30dcdd2a74ced20b2e8fde5d15f7329cc1b8ffaee6d73ec899c46a0dc4e5f100977b5a9b2cf757e4fa46bdc2d87582ac0c309b5fc21f1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 22e09c57553625c05eaedc0d56000020
SHA1 93cb31b7eaf406577d8f2363ae64bcf57d2cff10
SHA256 7352431f2983b47a230221b62cfd72d4dc870e42770224ea69222d2c28905a1d
SHA512 b518bcb36674bdbae9f575e76652ae62e8885701dd12eb98c171a7d3db01e842f6c6c20fe35d68d278523e4e3141ffe31be3766f39ba28a2603734b279d46a20

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4dc0c12a5a31a4b69bee39ece1de1f3d
SHA1 81ebaab2b2be6c4ac3fcb9d0020316235d885ea1
SHA256 b970d36cd00485a154bcaa4347ad7e3747a3a0fb759e376ac34f275844e05f32
SHA512 607d0344a362fb0d3183996ac426ed87b62cf183e68f7ab30ba51b066e83f8c284fe1f48a763df32b2c5e404e085f5e1a5b8ae8d92724bb3c903e2a997457961

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 cb90265451ad460745d950f958f8a63d
SHA1 95c1c2505a689fe49688cf85d9e02d19ae8447ad
SHA256 6aefbd8c686630e8e8864451c8839f14debeb02d0e607b7160fbbf795be0236e
SHA512 ea926ac1b45117af49d40ccb931603a0fd941374c6a257a3e98cec8b3950a0d59c085497093cc409287d5d17c94dc9344622848792348ef6db72f841be5d6251

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2b37442126f898154bad3df6f3070ed5
SHA1 c1faa632eb90dee518b327393fb5cfd8af6bb5c9
SHA256 413411b7fb2ae6903ab776b13eb805b5b5c376a488fba9d3a9d3b15dd988f956
SHA512 8bb42dfbf45f36a2cf40cbb1921022f5edeae0e210d3bc36dda4004219383e91a41a2996e598b7391e941b306ccbf7b4b9acc31cbd20288483ac1962b6facdb5

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 e84cd66b82c3c73ee40bf0f55fe36cbe
SHA1 bd9315905d8f173a12e5067e3e8f3e44ce4962a3
SHA256 ba896b7bc1b86ab22224f7ed06c780cd5c81ce4cdb4aa0fd58f6cd3396e1772f
SHA512 bad0cb2b36c488fdf727316f1ffd5948074e47a1596001d11f83d1f61e98993edc4a8ef723f8ea6bded37b4f3cebe24ca903057f6166957e1f9f90d926a27e14

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c2500bcd17fc4e7ae4eb8e6316d68dc8
SHA1 e14a89b78481f8345c7e89ab1668df759af4f3bc
SHA256 08fbe81da20bf7a8e757b7ca2d58da6fff046392c93d85b0b5eb4b046a51db5d
SHA512 3231bcaef9a297d1dbf0509f6ac74bf6438e61b042c2614a3cfed58289267d9cb91591a3c70af5b29e1e57ed178a713fbc9a82fcedd7af821cb8bf71c10f9278

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 143e661bc9b73a8ef6644a96aede8f86
SHA1 eaa326a128d5920df342c85482eb1fdc01750fe7
SHA256 794fb53a6dbdd047417a18ff496a0d874daeaf9471898de1629b654a36a1b1d2
SHA512 975618a872c8673bd2ff78fec77cf6fbbc29c611f280f18045ea5587294c8ff2cb088c8c47ef7c9b46a646b2e962c4f70e8b937b812d77bc24f75097b10d4ec1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b8021a1e5d154a622a0db33378dc1d65
SHA1 e6473932cf713d2bbf6e2199acbb19764ee9f87b
SHA256 857e1c54398061c8ad6fee5879638edf5c5bf4e78d843b9dbb740665e88dc61d
SHA512 0a94938c7ef8fffbc0d900b3db58105fd537c491b84d828262f64d4e749982e26613fe113afec72706ce6de7b90e37d5125bfde5c97ca046c0fd9a33ad8c896e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9fa241814e8a8898bde2304e53e059e7
SHA1 87e8c6179e14e15bd6ac17051f5f1d760abc6da9
SHA256 ba3aa0e1a8add9f5330feb50770264780e3f8bf9f2c1823306b9c54d65775db7
SHA512 da4ad13a63649550fac88574e1a9d80ce932c98cc9954172d3b038f37ad14c5c42c22e9fd7578accc7a66579d5bf59b75426507b99ee6f513cb369fa4485b1da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2d36b07f674331309f228a068d3c29ac
SHA1 a47399f22106bd448f9567133d11f1196132baa2
SHA256 5ebd8debaf8aefa0c663ef5c2a2c611739fbf7d07c66ecc75168a3990b7813b7
SHA512 69a17aefc587bbfea52c30ee4ddc7d390a253c07266085ec29d0484edea2b797c2ff6834e89f95c9eac5b564faf45d48a2d57494123b520b0d9ca9546b8e1057

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 767e883f9503ebb15bf0e99a833b4b48
SHA1 b2f7f38fe79916d27ce8f58108ea6af19c0211b1
SHA256 044b875751c82161746186c7e102a988ca64478fd7d8e01d2b1b55d499ed6412
SHA512 18af258f15e8fcd98ddf212fc96833ead18cdf964c0a12c2d939b79721c9c2fd8923f8d5f6fcc93558bd5e41f6d5f29eee49ce0cd0e7e3ca80dfb7578d093aec

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 75c6de7795ebb5ad81a0b3b6b84ef9ee
SHA1 be88ccaa996c40d606e95eb7ae7a2ab1894bc763
SHA256 0c1eaf7a595fb063583b3b5a7946428a5850a245eac956688fb9870e27fc947b
SHA512 d1aa559c6ef3f6696aec1ef134d42454b79c7c126ee0f6cea4926ae2b37cc3b469846c7da180eb1ad22fa6b75674cbe3e13ef764c5797f0e0d2b6f0136f925ad

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 27e0342b7d0421722ca1e89bd8713e81
SHA1 1d25deba8f0a30d39efdd4c33e0d611234880af0
SHA256 44168bbbc0df4d4b9cafdb27c3f3cb72fcf36dedaecd89dd65deeb090b28c857
SHA512 bdf409b3f427ae2e6875441249ef5053745c4da3e41c8028949c0edfd4b3a9cb33ad138e70c16c40c7c245203b9dac75a4ff920c0cf9a999855fd5a6afd70022

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b4cc80e2344f6cea9c7f1ba3dc7ccf70
SHA1 1c014ad79262c13983e21c180b7f4b49d4965bb4
SHA256 ada172433e884db25090fe0fd933593da2a08087628fa13ba6dd95f72f29a2f8
SHA512 da7778bee80ca52b6e246ad013aedefb1bd1ec9b6f810c00c9ea3cb6e3b626563358cc6dc4b7f9d106cf90e34017670592193a161303189fb4f571b13c01854d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0a41e50e45bf97b0c4b9720819874c16
SHA1 98c1fb0b7de8294b9fcc35ffde5455e079ac82a1
SHA256 332dcd8de8cb5cb73f2988b57dd0948baca7a7627d5c13f5b3f5ed9c303af0d9
SHA512 68c298231228db65ed6de975a4c2f21ccdde7219d6a14aa439f4876d64d00490d9dbfe282f72c942c48d5afb86acdd4613d2eb0e8081e9fa3d7cb0979b9d591e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 701de56779a1533838fa3f42dc9aff64
SHA1 6905b01b5de90d3818d261463fc419f2195fbe86
SHA256 69cf68d8c1aa784da9066ccb0f4ff2d0484fa176a92ab8270649c612983eeca3
SHA512 e9ea5e07d5a712f1a9bc43ce3b1e14b1621b64ddecdffe05e4487f3dd6656565be1dab55da79942cb838ec094f637fc1966e72ea0f23fe857ddfcd16ac0ad8f6

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\0d2b6d64-d9ce-45c1-a709-17bf2e190426.tmp

MD5 fee004ce5d3d33a4ac6440ecb0bfea19
SHA1 37c2a24444e34780915e8e7696a75a66e97aaf2d
SHA256 b9f8b9671589bd4f6d307ef0aa1fa79e30f3138847e044d2407dfba29b59128e
SHA512 53f98adb7a024f70049af0a321f3b822166f857493833c9a515570a4cfe5f7ac4f29d217915cbf4a91f67092bc3c665138eb02ab875ec1701348f308cb588ecc