Malware Analysis Report

2024-10-19 07:51

Sample ID 240813-pa86yasejg
Target https://github.com/Shehay/aimware-crack/releases
Tags
xenorat discovery rat trojan
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Enterprise Matrix V15

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

Threat Level: Known bad

The file https://github.com/Shehay/aimware-crack/releases was found to be: Known bad.

Malicious Activity Summary

xenorat discovery rat trojan

XenorRat

Downloads MZ/PE file

Checks computer location settings

Executes dropped EXE

Suspicious use of NtSetInformationThreadHideFromDebugger

Drops file in System32 directory

Browser Information Discovery

System Location Discovery: System Language Discovery

Enumerates physical storage devices

Suspicious behavior: EnumeratesProcesses

Suspicious use of SendNotifyMessage

Scheduled Task/Job: Scheduled Task

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Suspicious use of AdjustPrivilegeToken

Suspicious use of FindShellTrayWindow

Suspicious use of WriteProcessMemory

Suspicious use of SetWindowsHookEx

Modifies data under HKEY_USERS

Enumerates system info in registry

Modifies Internet Explorer settings

Modifies registry class

MITRE ATT&CK

Analysis: static1

Detonation Overview

Reported

2024-08-13 12:08

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-08-13 12:08

Reported

2024-08-13 12:15

Platform

win10v2004-20240802-en

Max time kernel

366s

Max time network

368s

Command Line

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Shehay/aimware-crack/releases

Signatures

XenorRat

trojan rat xenorat

Downloads MZ/PE file

Checks computer location settings

Description Indicator Process Target
Key value queried \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\Control Panel\International\Geo\Nation C:\Users\Admin\Downloads\aimware_external (1).exe N/A

Drops file in System32 directory

Description Indicator Process Target
File created C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A
File created \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of NtSetInformationThreadHideFromDebugger

Description Indicator Process Target
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe N/A
N/A N/A C:\Users\Admin\Downloads\aimware_external (1).exe N/A

Browser Information Discovery

discovery

Enumerates physical storage devices

System Location Discovery: System Language Discovery

discovery
Description Indicator Process Target
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\aimware_external (1).exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\schtasks.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\aimware_external (1).exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\schtasks.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\aimware_external (1).exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\DllHost.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\schtasks.exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Users\Admin\Downloads\aimware_external (1).exe N/A
Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language C:\Windows\SysWOW64\schtasks.exe N/A

Enumerates system info in registry

Description Indicator Process Target
Key opened \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key value queried \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies Internet Explorer settings

adware spyware
Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\Software\Microsoft\Internet Explorer\Toolbar C:\Windows\explorer.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" C:\Windows\explorer.exe N/A

Modifies data under HKEY_USERS

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Set value (int) \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133680245803478072" C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Modifies registry class

Description Indicator Process Target
Key created \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots C:\Windows\explorer.exe N/A
Set value (data) \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Key created \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings C:\Windows\explorer.exe N/A
Key created \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell C:\Windows\explorer.exe N/A

Scheduled Task/Job: Scheduled Task

persistence execution
Description Indicator Process Target
N/A N/A C:\Windows\SysWOW64\schtasks.exe N/A
N/A N/A C:\Windows\SysWOW64\schtasks.exe N/A
N/A N/A C:\Windows\SysWOW64\schtasks.exe N/A
N/A N/A C:\Windows\SysWOW64\schtasks.exe N/A

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of AdjustPrivilegeToken

Description Indicator Process Target
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeShutdownPrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
Token: SeCreatePagefilePrivilege N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of FindShellTrayWindow

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of SendNotifyMessage

Description Indicator Process Target
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A
N/A N/A C:\Program Files\Google\Chrome\Application\chrome.exe N/A

Suspicious use of WriteProcessMemory

Description Indicator Process Target
PID 2180 wrote to memory of 3028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3028 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 3016 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 2604 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 2604 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe
PID 2180 wrote to memory of 640 N/A C:\Program Files\Google\Chrome\Application\chrome.exe C:\Program Files\Google\Chrome\Application\chrome.exe

Processes

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Shehay/aimware-crack/releases

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8fc5acc40,0x7ff8fc5acc4c,0x7ff8fc5acc58

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1664,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1792 /prefetch:2

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2136,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2152 /prefetch:3

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2240,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2464 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3132,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3164 /prefetch:1

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3136,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3196 /prefetch:1

C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe

"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4656,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4668 /prefetch:8

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4992,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5128 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5116,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5276 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault6e439147h13f7h4a4ah85f1hdfa1038fe7f2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff8e9a346f8,0x7ff8e9a34708,0x7ff8e9a34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,5467563330015166913,16409877824712678447,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2028 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2024,5467563330015166913,16409877824712678447,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2520 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2024,5467563330015166913,16409877824712678447,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=724,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5144 /prefetch:8

C:\Windows\SysWOW64\DllHost.exe

C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}

C:\Windows\explorer.exe

C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultac30ad9dh602dh432dh9b79h249c3cdd4e5a

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff8e9a346f8,0x7ff8e9a34708,0x7ff8e9a34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,5213857146468942779,15512411490773732640,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,5213857146468942779,15512411490773732640,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,5213857146468942779,15512411490773732640,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3004 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultda548301h9fa1h40f6hbed5h0fdf19f118d5

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff8e9a346f8,0x7ff8e9a34708,0x7ff8e9a34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,5034081938322476287,6184860029829563602,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,5034081938322476287,6184860029829563602,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,5034081938322476287,6184860029829563602,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2944 /prefetch:8

C:\Windows\System32\CompPkgSrv.exe

C:\Windows\System32\CompPkgSrv.exe -Embedding

C:\Windows\system32\svchost.exe

C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault3607f1e9h3d81h4500ha6e2h9282477d9d13

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xbc,0x128,0x7ff8e9a346f8,0x7ff8e9a34708,0x7ff8e9a34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,15435578311263214154,3381359501180926417,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,15435578311263214154,3381359501180926417,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,15435578311263214154,3381359501180926417,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault807a8230hf85eh40a8h99d8h31fd7e6c8caf

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff8e9a346f8,0x7ff8e9a34708,0x7ff8e9a34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,9876138772229786197,9406976204659058797,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2228 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2216,9876138772229786197,9406976204659058797,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2216,9876138772229786197,9406976204659058797,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2876 /prefetch:8

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultb04aad53h011eh4ce2hb008hf0c582817261

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff8e9a346f8,0x7ff8e9a34708,0x7ff8e9a34718

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2180,13762230811355294598,10297319885611261193,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2180,13762230811355294598,10297319885611261193,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3

C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2180,13762230811355294598,10297319885611261193,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5220,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5192 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5084,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5168 /prefetch:8

C:\Program Files\Google\Chrome\Application\chrome.exe

"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5356,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5324 /prefetch:8

C:\Windows\System32\rundll32.exe

C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding

C:\Users\Admin\Downloads\aimware_external (1).exe

"C:\Users\Admin\Downloads\aimware_external (1).exe"

C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe

"C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe"

C:\Windows\SysWOW64\schtasks.exe

"schtasks.exe" /Create /TN "svchost.exe" /XML "C:\Users\Admin\AppData\Local\Temp\tmp1804.tmp" /F

C:\Users\Admin\Downloads\aimware_external (1).exe

"C:\Users\Admin\Downloads\aimware_external (1).exe"

C:\Windows\SysWOW64\schtasks.exe

"schtasks.exe" /Create /TN "svchost.exe" /XML "C:\Users\Admin\AppData\Local\Temp\tmp5C41.tmp" /F

C:\Users\Admin\Downloads\aimware_external (1).exe

"C:\Users\Admin\Downloads\aimware_external (1).exe"

C:\Windows\SysWOW64\schtasks.exe

"schtasks.exe" /Create /TN "svchost.exe" /XML "C:\Users\Admin\AppData\Local\Temp\tmp9A44.tmp" /F

C:\Users\Admin\Downloads\aimware_external (1).exe

"C:\Users\Admin\Downloads\aimware_external (1).exe"

C:\Windows\SysWOW64\schtasks.exe

"schtasks.exe" /Create /TN "svchost.exe" /XML "C:\Users\Admin\AppData\Local\Temp\tmpEB61.tmp" /F

Network

Country Destination Domain Proto
US 8.8.8.8:53 8.8.8.8.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 github.githubassets.com udp
US 8.8.8.8:53 avatars.githubusercontent.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 user-images.githubusercontent.com udp
US 185.199.109.133:443 user-images.githubusercontent.com tcp
US 8.8.8.8:53 github-cloud.s3.amazonaws.com udp
US 8.8.8.8:53 149.220.183.52.in-addr.arpa udp
US 8.8.8.8:53 215.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 42.36.251.142.in-addr.arpa udp
US 8.8.8.8:53 240.143.123.92.in-addr.arpa udp
US 8.8.8.8:53 154.110.199.185.in-addr.arpa udp
US 8.8.8.8:53 133.109.199.185.in-addr.arpa udp
US 8.8.8.8:53 g.bing.com udp
US 13.107.21.237:443 g.bing.com tcp
US 8.8.8.8:53 23.159.190.20.in-addr.arpa udp
US 8.8.8.8:53 content-autofill.googleapis.com udp
US 8.8.8.8:53 collector.github.com udp
US 185.199.110.154:443 github.githubassets.com tcp
US 8.8.8.8:53 api.github.com udp
US 140.82.113.22:443 collector.github.com tcp
US 140.82.113.22:443 collector.github.com tcp
GB 20.26.156.210:443 api.github.com tcp
US 8.8.8.8:53 237.21.107.13.in-addr.arpa udp
US 8.8.8.8:53 55.36.223.20.in-addr.arpa udp
NL 142.250.179.170:443 content-autofill.googleapis.com tcp
US 8.8.8.8:53 22.113.82.140.in-addr.arpa udp
US 8.8.8.8:53 210.156.26.20.in-addr.arpa udp
US 8.8.8.8:53 170.179.250.142.in-addr.arpa udp
N/A 224.0.0.251:5353 udp
US 8.8.8.8:53 objects.githubusercontent.com udp
US 185.199.109.133:443 objects.githubusercontent.com tcp
US 8.8.8.8:53 58.55.71.13.in-addr.arpa udp
US 8.8.8.8:53 183.59.114.20.in-addr.arpa udp
US 8.8.8.8:53 198.187.3.20.in-addr.arpa udp
US 8.8.8.8:53 147.142.123.92.in-addr.arpa udp
US 8.8.8.8:53 58.99.105.20.in-addr.arpa udp
US 8.8.8.8:53 172.210.232.199.in-addr.arpa udp
US 8.8.8.8:53 29.243.111.52.in-addr.arpa udp
US 8.8.8.8:53 tse1.mm.bing.net udp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 150.171.28.10:443 tse1.mm.bing.net tcp
US 8.8.8.8:53 84.65.42.20.in-addr.arpa udp
US 8.8.8.8:53 cxcs.microsoft.net udp
GB 23.52.177.198:443 cxcs.microsoft.net tcp
GB 2.16.153.222:443 www.bing.com tcp
US 8.8.8.8:53 198.177.52.23.in-addr.arpa udp
US 8.8.8.8:53 222.153.16.2.in-addr.arpa udp
US 8.8.8.8:53 github.com udp
GB 20.26.156.215:443 github.com tcp
US 8.8.8.8:53 collector.github.com udp
US 140.82.114.22:443 collector.github.com tcp
US 8.8.8.8:53 22.114.82.140.in-addr.arpa udp
US 147.185.221.21:6663 tcp
US 147.185.221.21:6663 tcp
US 147.185.221.21:6663 tcp
US 147.185.221.21:6663 tcp
US 147.185.221.21:6663 tcp
US 147.185.221.21:6663 tcp

Files

\??\pipe\crashpad_2180_UGTNFNYUIHMUBELM

MD5 d41d8cd98f00b204e9800998ecf8427e
SHA1 da39a3ee5e6b4b0d3255bfef95601890afd80709
SHA256 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
SHA512 cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports

MD5 d751713988987e9331980363e24189ce
SHA1 97d170e1550eee4afc0af065b78cda302a97674c
SHA256 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
SHA512 b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState

MD5 41e9b9e46868fbb4b61c3ba8b3911571
SHA1 27c9c0f713d7f2cfe0380d67ffb03f819f0c0d61
SHA256 3f0fbf2532c12a7234de079905163d40c6222afc484dfd722c022a1c5811e77c
SHA512 7bd3efe39191c44fe70cde19bde055342f64aeb4ea9e2611ab7b1e53f4116a665222c827cc672f654dc825ae43576a6f86cad9fec9d9e9bf344f9827ffcdf36a

C:\Users\Admin\Downloads\Unconfirmed 262777.crdownload

MD5 f3726ec3f03283f95e814d084a2769be
SHA1 44afeb86f4d8bfdd8cf49843fc79dc5c5f3d5cb8
SHA256 20f245865bcfc518bf44fa8b1bbfa3c91724ed003d65c5002f9823deddad6d6c
SHA512 93cb5e28494193f0bec93877bfbefda33b71a61fb3d113e20e3f3bf905bc7b530e057218d6ba52c03e13054471c9e8de00e24ecea4747550e209993562d9b29c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 8a9fb42ee99d5c2317c4f44c45b3c683
SHA1 050fd8b9f0573d009f3e3bca914407de97be470e
SHA256 82c1e784ec40ba21a798d0d41e294da68bdfb409e1d23781ab9bee40ce643280
SHA512 c1579696686aca37f2bdf7799488c3f548b05dee0a203bd582b0fa00578894e19f457f86317ba3dcaea6a390e00c24be1f4cb35f76f682f7961361bb8e603f93

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 be49692c59d9c9861f808b2c4b03559b
SHA1 5163a01eac5ef44cff7b214e754712b62981934c
SHA256 bab30f4475c9cc6e9ea0ba25c0c2a0e6e72fbfa8689bcd617a66b76c611793f0
SHA512 c5b9f303d75423e17f5fce3008c6586d661a100bf33945e321a200d98d6c34423a6f811c77bcf48c9869524b108a6bbf00ddac1366fc51f7218419132d8609ae

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 a7b5b6d56c99062abaab143f082394dd
SHA1 467ad33dcb1453f8caeaf96b695e31b5a7c122e8
SHA256 f812668879a3251be535147bef4bc2f9f1ff53e74157a935d003a3f4f47a380e
SHA512 8fddee049dad4829370caac261ed7579fe16a8102f0361a3e3db0b2b7d06c9b743d09063116f5eccbd6c96a9f3bc54062e3b911340e48e08b8fff87cdec23173

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 aa28d19907da794af490941c89b82d6f
SHA1 458ee6ee103c34afd86452c37f7ae3b857f4ec73
SHA256 a81ea0a6c61af0c1d306a32f7dbc93b41ecf6ff9897a7f480a64ce495d5ae533
SHA512 7c6cdde4a8ea9257feb0583ae31b58d2288a26b99a5035bdc817d2715a50e76c0e806ac4191cc9e086f59f57b6165e11b7bdd6467944852669159eb7c74b6d41

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 44b61f018b1f9ef6742ebd8a560e8e71
SHA1 de4d7d9b3813be21a6f94a72b4755fbcf7c83e1e
SHA256 fb846f2800a064fa1f51187559c0bca4d199483c35391074475a8cbc6d97202a
SHA512 063b75aefab6f7e2886217d285e0ecdba2a1a1bfa2b22043d0853d1207cbf1f66282ae6f5bde9f8e63cb5ec5dafad8e409c3a27fe9a559d99be0a4cb6f090db2

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 f8c0bd951c7305476c41c678e5b6b01f
SHA1 b9bc1c9a7511a2e3bcd37027168921f20e74ee23
SHA256 b9688aed1ff4a9712fb08ecbb8967e16e05413cf74460d67922e13cb55c84d2d
SHA512 50efbd4538bc20a019d7eda029d50b5f8e98e0f8f1e3df333a93c302bf7148ee804a8c5260a1f2ff6725501c2bc5da5df1416c90ed9c9fccde2da36c6cee8d99

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

MD5 2dc513b0c11397ac78bbc29901716c69
SHA1 da93cfedf7feb66314d4c7c659f928614ad4897f
SHA256 ddd1584f722bdb2211e7d47093debb31faa51c3a9b6d45b0d0abaafb2d01164e
SHA512 d7d57074e9893c17e9480da89f9c8e1a5efc48ba8670a6017c34db2f57784597cda04af8f771f91ebb412e98bc9fbf98c23d31752f619a00576cac0e8ba3ce67

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 b0dcf584232289e8dc5eb2c9d8ad0880
SHA1 b37212685fa11ff962f0dfa78fa562665ceb2a29
SHA256 9d2d73e2e0eae9ce2fed9f7afad77f1073a22be8ade6d73706d32a43112982d0
SHA512 c17ec7e5b6eb2bf0e2da247fe82e465fa377ceb8c048290bc0200c49377b06580e8d905c8ab022d3f4b44e088bd4b76819067c9f093a15c8b38eaf19041839bf

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

MD5 58416d57bf72519851b00d5b0f3ffc9a
SHA1 753d73d07875b32f0aff4f62a8eb39e8083e08a1
SHA256 3d129c21b127e72a0ff1bb2e4b360fa104134ada8e1d8029ec9d26604814db18
SHA512 0438b40c1f06d5159a408811f400af23e2b3e5fb3bdb0878ed0a7f606715e9fbc83832023bcf88ec6776df7053d8371ddd5efd3144426654de59728d7e307b1d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2859f306b4de09b5a0afaf3537c13523
SHA1 86ccd5def87c5a71d5baaa102604cb6023fe864f
SHA256 063ee8f7ca338eca39518266ae6cb242fe609f31d0684b4a7cb28ca682a32c5a
SHA512 74ded300629ac36929daa98bf96af808d710a0fa853ef7a62f38f3e653cee4ae39bff999eb9c7df4e15590d49ad308eaeb81dc7da0d0ef344b24773951abae37

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 474ec7710bc0bccf5bab0773e11f6445
SHA1 f674f98803712096e0af7cfad7049b7137ebf3f6
SHA256 e3e66a447ad33af88d923194a8f967e3abc4237bad1e42866ba48e10e9849177
SHA512 d726b0d849fd5c608f955fd3c3cfa120330b768305965f01f0630bc2a2d7e59c225d2fe434f53b5459d8cf370b9ce2d975f3146591fdac51ea7e27d8af361e64

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 b2e7404dbda576d809bca06c0f37ca14
SHA1 4aa947df21e195430cb4660d37d96beb78e8c790
SHA256 97419949573b68d4d30161ffd4063d8bf653d391b40d0906c53bcf9aa608f17e
SHA512 ba98422aaef31c1e64bd2e4d577260a6822bfe2ab3cddb1d5b138431b94bdba40a9d1c332183078f86173afece2b1a999b13d85f0322063a5263b832a6e21e38

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 27304926d60324abe74d7a4b571c35ea
SHA1 78b8f92fcaf4a09eaa786bbe33fd1b0222ef29c1
SHA256 7039ad5c2b40f4d97c8c2269f4942be13436d739b2e1f8feb7a0c9f9fdb931de
SHA512 f5b6181d3f432238c7365f64fc8a373299e23ba8178bcc419471916ef8b23e909787c7c0617ab22e4eb90909c02bd7b84f1386fbc61e2bdb5a0eb474175da4bd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 32e4ac4cc8415958cb8ab4bce1a62618
SHA1 566777c7193b1201bdf089b541648fa62b5fce09
SHA256 dba42fab5ae8b1935763311b72174780781c157e535a97ea3c3222153ca14546
SHA512 fab0de7c94d741d6a2679113a2d33b961aa7e11d00388d92edca35bfc7014f9315d511e3a056ba2eb61a2a8e317ceefc42102577450e57edf4710ea1c2b4f3db

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 40aadf679878ad623b9b5706e234046f
SHA1 2d44021a391eb03d295f521ef1867e90a36207b0
SHA256 18975465f95b8af8242145f367c37a19fd50268c340da11a64fbb41a2e603a9c
SHA512 701a8ec453ab6d5e6aaa64543aa3235ce24c22404ec63a1b4408992d32f5af74054d3b9d3004866e5b48b42ef4ecc5253ef68b8e7f3b2b9196a1946fb78ef2da

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 84c1ad41a0db890c6c9cc4c6236a5676
SHA1 28dca901f0db989dd0954e788b50ff0a99061c89
SHA256 099482f83fd0f83b0ab3da1c5c6a9828db13c032a6756b98bbabe559b2f08108
SHA512 b7d4f3d26756d082e1df3f4da7523f37a424ff63fd78de8e59d9da87fdc172ea4dfd565c284fe9db006bd3a9d4624d1789f5c28577156ef24b9716a848a5feff

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 20dbdf5994ae3c6b4b47ca65fe90c85b
SHA1 c63ea13b64bb8e039b5b20e0388eff9556baedd6
SHA256 033059d0d767adf2006b8b63e2025d5b7d8d52a4bef6decdfbc526f2f1a1b5d8
SHA512 b7f01b609a8dcca2b45b1f8474f208c65fe2ba1dee85853da999105a48336e8a8c4a594b5fc5932b50c718a23bfbaffedbcb7a53e1b3aefd3fef372b63c87271

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 18b0488da5e3f78aaa25e8912ab7bc31
SHA1 fea99dcb6ad31277af25d477ce8eb56c2715b05f
SHA256 45db948ef103cc214b1b826acd3bdfb28352c29e7321c1aa136ad065442d820b
SHA512 4da970ccecb4ce01bb4b5c50a21cf04a772c92310155e7ed6ea52a83d4bf03f43e31a180ab1536a8431cf92431b76273e89cdf42ad5a7c00c53d27a424b1f80c

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 239ac65762e34d743c3d9bb576c95093
SHA1 aba74ea31aecd8ec62169a765e01a94900ff9a94
SHA256 fd7600b21e37f6017c01ff3481b86a8487d792ee742281885a0b2023dccfa48b
SHA512 8b7708ab4ca0ad50eed6374aee6f4cd1773f8b8924794806a0480170cac0394c143a5313a19d7370773f0c1b9787d30a63da3ca4f7b02783e5973920b8bd9dc1

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 c311993e411bb9514da5494cad6d078f
SHA1 6662101e26688c1a17f2e1d7e8248235985b8a23
SHA256 5897229c5adcc2fe725de6ac633e07cc34ec7986cfb14cada44f8ae6b36d93a2
SHA512 65122de2b3727b3024cea67b012e29bae5258c4d9303c39993569e9cdc7b18c01abaf8bb8fe4ddb3ae8f770b666b78c0ccef9d6ffb75a36e2573b39959f4b920

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 a798658ca3bd2e2b739355d84179966e
SHA1 a48d55ef6866eda013fb61f232f27b0083c1db1a
SHA256 0a208f198050f046cf7d85a90bc49fb1b171a852301fd68924d10914c0cf8d6c
SHA512 bda6e2911e6849f8ab43442f8a6b97d774134e4c1ec04ce0e3b21bb1e2dc82e7f53b310f0f331b651fec156305a4b1b232dc1cc6667012dec7bf8eca1dab2713

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 9e3fc58a8fb86c93d19e1500b873ef6f
SHA1 c6aae5f4e26f5570db5e14bba8d5061867a33b56
SHA256 828f4eacac1c40b790fd70dbb6fa6ba03dcc681171d9b2a6579626d27837b1c4
SHA512 e5e245b56fa82075e060f468a3224cf2ef43f1b6d87f0351a2102d85c7c897e559be4caeaecfdc4059af29fdc674681b61229319dda95cb2ee649b2eb98d313e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version

MD5 838a7b32aefb618130392bc7d006aa2e
SHA1 5159e0f18c9e68f0e75e2239875aa994847b8290
SHA256 ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa
SHA512 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

MD5 221646a871882cc102d77ceb9b82a267
SHA1 e8e66aa99e297a1889cfa3386000463c5379dfbc
SHA256 27dbb37cb249c8585c05d471a621da62d34f701883dd9e271bb92e7f604dc816
SHA512 b4405ee026726d43298ca7f9159151be576a27e88b44ed0f22197116f2b2df3ac58e619efd538b0586a1a430d6c890e58e1688bd36aa3489ffe79d77530bef89

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\fd977cff-4b51-4529-aafe-bc06600c3292.tmp

MD5 5058f1af8388633f609cadb75a75dc9d
SHA1 3a52ce780950d4d969792a2559cd519d7ee8c727
SHA256 cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8
SHA512 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

MD5 68e7c0dabbe981b4510b6822df050dec
SHA1 c7cb17ea98b589ee83d70184d99a4895128b8d41
SHA256 d79909c9b9b7b2cdc5160ede88fbb812af1493d33ee7f66fc550285d75ec197a
SHA512 cb58cd43caa06b12aa1fe89f2a72b12b92e6d95fd6d261f52d28e7eee0c29393787d4eff5ccb5af17488de8df68635752137612beb37fd71a04ccca2a9218ce9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1

MD5 f50f89a0a91564d0b8a211f8921aa7de
SHA1 112403a17dd69d5b9018b8cede023cb3b54eab7d
SHA256 b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec
SHA512 bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

MD5 a2ec5b5f18c51c6b82fe6605064d0751
SHA1 e7f92685cc95d7ea8751d3155b460bcf629b64d1
SHA256 6d16a64268f604bb3dde31a4c10a337d67e04b4dc88c925fcc667ecb245005b7
SHA512 6c68ef1f5d3021a613629640cba8c68232612c7c78adfd58fac53d30eca099ffa0099c0749b2395629b315841bef4bb5d3d412ba5203a2ab81fffd0dc6a5b812

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State

MD5 4df4574bfbb7e0b0bc56c2c9b12b6c47
SHA1 81efcbd3e3da8221444a21f45305af6fa4b71907
SHA256 e1b77550222c2451772c958e44026abe518a2c8766862f331765788ddd196377
SHA512 78b14f60f2d80400fe50360cf303a961685396b7697775d078825a29b717081442d357c2039ad0984d4b622976b0314ede8f478cde320daec118da546cb0682a

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 2ff6ebfe975ef6bd18c98eba56c11f0b
SHA1 c485373a9ac1bb5448a60490a9b0e50d71f5c7b8
SHA256 824ef3a09166b600b61da782aa6dfc1f1b5222f61bdd5bceb5072ee3bfc6a518
SHA512 bcfc116e2b359ef0a4ce2fded206f75612344adce73a6c63847c4e42400aedb566c74b2eca88ae3c17abb6fb1833e7fcd32d182339d9a892fee1ac2cd6a89a84

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 98d02e9a7f1b1ef177eff7b24a17ab05
SHA1 eab9de88a335fd32226a0014ba885f92f2894c33
SHA256 b96315d8282eaf6b8a43c721725ea94a3e745bc7b1c2639d6e0764fe5c93c3ab
SHA512 8a1f31ddc0ff40dea119ea7160561c72f22bdb0e6c822d82e4e59bb170b5d16b014932a9e81762322b0e74105d2aec9e8c30a5a93e64af17251e2ed2ec283598

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 4b3de580b35f8f4cb335fa0d13a8894a
SHA1 1f92b10a49be3d9a7672af179658a5b90dbd49b7
SHA256 55a9467c74c046f18879a5d23448a67cfe497521f88daa76b07c2fc326a56d4d
SHA512 baaac7d268576e933f5961b2a0d847ba52359f516d085f1453b4b5bbbce1700ccd625effba293b7e53859ecf58d15d6a6cef07bf9892ddc7e91f7e88cfb0d6ce

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 fb471beba75e7014be735d0a58f86752
SHA1 6109797fdb66c978f27e1be147938054e2e56b5a
SHA256 1b9e9f134f473f6e4e2294a784b1960a6b8448ce4a1f3258316c9cd4aab2a7f1
SHA512 add70b510fbcbb26c1e1b0328c56446cd621876586697f78dfbb9855fc55296a601dadecd8572a02d49cd9ae57a022dc09ae40768af9925a162efa87336fc0c0

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 1444b6f0fd10910a0bc1a1ec99529bc6
SHA1 dd8ca2a60e1f1d14f9e25c85e668d0a4260f4f4a
SHA256 f07164581067aa584d8061d86d4888494acbe8185575269ceb5e9039a2af2d71
SHA512 7cc3c11d5cd958b59fe8f2c2ace9d885b5e161c8c0599bc0a0099cba1ec3cdadaa1de70edc3e8c0bee5287c6bf8eecf2540d7446c0e760db79fee7526b587db9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

MD5 7a8a323133d69398c5d1dabbd65b15f9
SHA1 8c4572a418d6789648470794d21e956cef37fd3d
SHA256 2381684ebca79471b5c46bde0ae1df85cda2762b7bb332c6bf8a7e4ba08abb9c
SHA512 33c5f67eb735a3560611650bfa253243d85b8ab4bb79be18ff279d39c2e29979ddb2ee44716e00db07183cf269c3f19ead3a64598651a9f6f1ba2b3bec0bdc87

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

MD5 5b716db90aa6f65955662d931a3bf4a7
SHA1 06663f7ba828452ecbc21023445acda916edf7e1
SHA256 6c9cabe78f9f4e1f89144a3ce2e57adbdf1d009f4da180ba9c25baf1b3d5d30c
SHA512 09e33e86bc520660f4c9ac442bf68500d882d61aaf2d01e428b6a7c07a78e9f122f1520892c05fe8d9aee36e2084eb45e6467130f0aac587ff07cc469f1acf8c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 65fa8fd867f443833621ba0eba323667
SHA1 1fba57aa859e0fec4f1918ee84b2f82b1f680efb
SHA256 b28f4773f8b8f3066f9ffb9af89bbc8e90653a421b4f3aa4853aaa2f424725fe
SHA512 9c79c1c924b60bcf104d4b1e6d98956ac93e890bc11a84e7056894ba7392b9956c6ccc96a91e95b5d11d35b802f91feb6d0373ecf417ed15d7840bc762681cbe

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG

MD5 93d5f80d8e7ffa6c2aee4fd552285ac0
SHA1 e2b4ecc26ccf5e18ddeeb643f64ba77a072e0f10
SHA256 2f1e9e81852ad47a0218640eca0a66cccc1cf08d5f4e79733fec8a2aa84c18ed
SHA512 1f6ccf64edf998e13beb44eed4c165ac173a8a7171825dafbcc6fc5f027df1dfafcf65f009c8f231fdd0f84003b1609cdcf378da682e637f37998e9c43a4ac45

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 cf8be01beaa4f2828f864c2682ebac34
SHA1 d8944071b9881d61c3e5b82ac7d6760a64086411
SHA256 e80e8a2aa5c408a6e17aa5c553f29191bdf4b57b8630a2060ecde43bc8d95bde
SHA512 06e12ea115a2ee74c7daf54ff1439120e5abd04880922a6718769fb486d6ff2cb6a0fcab07c7deb6e2100c803f5941708a2199388f7c0715efc2a1ebfb520835

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 372834577d56042f300ac05902b22970
SHA1 eb7ce7f523445111a066675badfc600e77d04486
SHA256 57aef6694134a25371c6eb54a9644a1659c2bd8337235ae739e79b5cdec0302a
SHA512 ba0af5bec2d44519b25f26209c868a2b6add2f7c9eee1255b35951e786112a3d8861a88948bcf0c2d60c63d0c83df17922f20bcafa0577ebf47f2aafe3a84e7e

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 3583afd09e654cf2f8be923a542fdce5
SHA1 1295ca3285a48ec0e34113893f5033052993d308
SHA256 1c8552e21c5175c5109cce2eba5487b7da853270d3a3685fa80418aa46aa11db
SHA512 0c4bb84ceab3bb86e6967795a63fdc7b42b416dd2b9367fdb13c2cd6826a022fc668a44c1017e4d4076432e95eb657a5183be4dc58ba16cd267c3f036713f42c

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

MD5 e30d67a8827f8baed4c468a6533b3202
SHA1 f5e1449b51777d1ce533f7316b9ca82f3fb72c67
SHA256 4356c49e8544cd000533560afd64b8ddfdaab8b3a5e01f626da6a0c4831ee423
SHA512 4ba9800e3e14a66820e79a23ba36405cde0088baece6feeac5770bde125eadc62eede8194cd50ddea1ce121fbbb58f21eb92865051e7f920de5fd39b440425a9

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

MD5 83cb96321f9cb53507e3ef0fb966cf4c
SHA1 2972492065a71df172fb453b5abe065b976105d9
SHA256 2a5fbc509857746ffe51817b55d126ae378f6432b2f3ba237bce2cf7bc73fb47
SHA512 a1515a6adee518fb4861c21fe09bec90d8b7f8de1b85002eab8292a16b0c3c2f55ee8ada7f22312d27715196fca1cf8de424a0aca03287494797f74d00117360

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 9a8a2a3c34d66c7098b0c8e635eec889
SHA1 dad8e4633f1b464a705a49dd627aec6c156893a8
SHA256 b8695786b26dc927c0efa70b15c5869c8c906015358ed7c78ea695442db7defa
SHA512 2ac617ddf50e69eb5110df3e782693bdb8ac02a92e1db884909876b7f18c4b9e24fd03d7cf3ffebb724788ca8b95bc94789a6c0183fe7e4955d6bf04a58c73da

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 58c6064aa5f08fffd28307f2eadcc0ec
SHA1 c40ad4c4db55841f48ef0c9469636745df11f541
SHA256 5c370bda439fcf7957b54b42d847fd247ce2b8cc8deb86525097ba76967d67c3
SHA512 befd6b87056b6dd1fcd867e7d1fb5c93748fdf2d103f7b808a3623004a180cac1ac19803c44ba4e8ccfdbcb069d54cb9f31ed30e01642635effbf0829d6bb73a

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 3ed9cdc3376e0048c1e008c5042f33e0
SHA1 3514c703f4fdd37026f6f5114dbaaf73b606b7ac
SHA256 52078f5d96d31bf53b175af3dfc291a38faec01f3c6d7ed7a845f236a883ec78
SHA512 3ea7a10ca81ba47d49c3b22521cc7e79af61bc5e53c6519193e3d64a8b5973d52a62d136da4a77315dd61c2ccd20122c5092022cb823e2bd4c4a4a965365011f

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences

MD5 478f8e29ed157f040b63605c289c49ba
SHA1 ab112cad3fb8aed90e3d6312fcc022f9e2b93be1
SHA256 b73368a82645bf944e6f9f5144e6c4e980c1f39137557f6dfa8d068c0dc0c2cf
SHA512 190a2088416089026c0d1a2883adf046565dfe9b72ca0e1283e4f3be3d527f95c0aea446d35e7ac905077a20ab3525287096ecd6985ead51898b50af7eede4dd

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG

MD5 2cd0ed70165f3e57ab72a09a6ff59b52
SHA1 5c56e1a2fc2eb7e77e81ec5da3ae778c7425b41a
SHA256 ead4ad894cb3778660947781e35917dc241e9c1180883d6fd4885e7181c8a4f5
SHA512 f4616a6c0c2c886bcadff7706fdc1d22dab8004766819a1e33bfb70c5e37f407803dc89b631b78fdb50ea3707b5e0162f28bfdfbc74adaa2137fe483c0ce09bb

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG

MD5 49745c940cbf9d9d2cec13a1123629d5
SHA1 9b0efddf9d00ebe10e88ff6fa470439093b119f8
SHA256 cd1225c352a4daff3ef31a5de3350aefe130cd058daaefecb32505fc2b124b5d
SHA512 732cc0ede21aa264cb790aa2f9ca3c1c105579263c4e16a2873e2cb51bec6b66b776be6bb89b43816d36e7a87be4a0951e8bca0d4bb4f53fcdcd904d98e6e82d

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 13a48afdfd08eb7af2c06c13994539bb
SHA1 532edf29ddbf42ead49b1c96050759648c56065c
SHA256 f38f1bb6b86c5e64864478c71d29548e503ce4c5ac207b2208a7fc53e3a1c282
SHA512 8f5a465af8132268078c3d1bb71e9cc5a839e69c7fd17774c5e2cd1802b8c3f8c8b0fb652164cd6e841cb5f5c027738c796b0d7226515f932bb2376e393a8256

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat

MD5 099d6bf091ebcf37e2d5213df5f02555
SHA1 fddba95b87b8705dd3fbef36e3ed9db08294fc69
SHA256 bc279b99f44652a6586cee6558eb7303ac882093f7c2fb40fbee851d1df0ead9
SHA512 e1f47123cfc9bf4b27e876c3ed1f045df5f1e0fed51d97703a4781f2a8cf6e4c373ebcec020f8c1dbfee498dd75ea2e01444445902afb82d5d3dd7ab31ca0ba1

C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State

MD5 a00d5ff09538221b519cdb6cf0e61544
SHA1 c370ebaf5156d318154479143ef35a5a1500df1d
SHA256 8cfe43d5e2f74646cee5b1c07720bbfb6242496898c8678ceb71aebbd65abc94
SHA512 9315ad693eb11864014483ac6ea2fbde85a6a29a0e4e8e5b66173a9c184fa80a829aff4e302ebf2823bc371904ddbfa057a7f20aaaf58d88a52452615a61d61b

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d420e5c4efd48de14e568448227a3b79
SHA1 438f7c2421d5c95b787ce8286d3504708c6e7c67
SHA256 bb4db540a372a1c56864b0884a8f0193f8b5114680201eb644f7f3db78b4bfa6
SHA512 d154ab133a6eee9880be7479c456bb44a3b5175da4eff4f831d644358965595cde27643d6dc8bc179ea21b4e7e138b410ba809154b8b0953934affe6e03a3c49

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 0c195596eec0d9f72dbd56a6aa4b20c2
SHA1 ebd4f5acdfe7159276952a98d9a988915f1c0f93
SHA256 874cbcbcd470f2167bf3c0832f9835755322902dbfa10ec87923920e13e7a08b
SHA512 a92f8da4c47d1d4f671f7b568f2b413a23c703ff5b7a9a6cd53c15eaa449b2634851f125590bbd79e465e930f76281596a1b999a2717607d773add7f96c3c426

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 ce4fe76ffd516624e793b781107e6b4e
SHA1 52abfabd45dedffc3fbe2a7302ee831d84a91288
SHA256 d9c705f0044af429f75ed517a02ab1aba83688e770ec4e042b3087def0123c79
SHA512 7eb2b226f3d32a71740da9596c9090d5f203b45bad81c780c4a69c8c5e518dafce1a5099c5f1de73303d0df00b26d9ced1bf93015c66ccaa02a38b6d37fd5dcd

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 caf3cf6b865a2101c2e106ccb122333f
SHA1 e1a5a8f200c454ad6ccb4e4d4971c6168d5754ae
SHA256 869e96cfc5563573da8c0a6f9eb9d367f1b6bf28b42b93ad482064406fdf6906
SHA512 686ef5243156c211403296236e8a925ab22c3e0e0d81d5c1b9451dc8f74ac41aab03be93935f5ea322a6ddbb6c99323606a38aad5400d150797ff39d18d1d8b8

memory/2212-739-0x00000000009F0000-0x0000000000DA2000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

MD5 04616c19ed9158eb08f827f99a68d089
SHA1 0e4a78e38cabbf8854d8b6103cfe4c08100f86bc
SHA256 e716ebe00283b5b44b662f72dd1248e4d76610920d20cf45ef154a0807ea86d7
SHA512 e31327ce0b4c4b49ff840320d4ef727fcdbd3ad034a2fb0267e2e5351a0968c3591fb1f045ed66a962d4f72ce40471b5cde85bc20d36d05fe9c03ef392fdfb22

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

MD5 eb18f67d30e3d80258886ccf34b1c685
SHA1 8f68a24b69344eecb6caf39f906297cfc524a537
SHA256 1a26aec627e99e87050187fb380a396959abb71806636e8cde0aa15308b34c1e
SHA512 5ca6dc6b132c1d28c91239be146feea920b38af7aef6b3493b6cd118cd2ebcfaaa7b14e6c6c67fad5b59b13b6e4b8c2a2282dbb685c69abf53d5e918177a86b4

memory/2212-758-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/2212-771-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/5380-772-0x0000000000790000-0x0000000000B42000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 7170e76786766af5e230e23f20564bf2
SHA1 4848b25401f361785ca58016d336ed9308950a36
SHA256 1146eb15cfbcdb95571a32e526ab0d2ecfbaca5513fd0617085d31ff834f61dd
SHA512 42ab46b40e0885390b8e8f3e79455be0b44d08b70253d247b52f9486a5a0cb17eab01f5542bc0c3f90d4026b1026ad4fa723497026398ca010d2547c70fd5f53

memory/5380-782-0x0000000000790000-0x0000000000B42000-memory.dmp

memory/5380-783-0x0000000000790000-0x0000000000B42000-memory.dmp

memory/5380-784-0x0000000000790000-0x0000000000B42000-memory.dmp

memory/5380-786-0x0000000000790000-0x0000000000B42000-memory.dmp

memory/3412-787-0x00000000009F0000-0x0000000000DA2000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 32c3627e43836810f7f994a9e39dbdfc
SHA1 e42970ab104bddf97a5ec3eeec55fbddbdb80e4a
SHA256 a7aec8b9f978499d20a21ed59ca92b5611b654931ac8040069cf86fd023e1f69
SHA512 801193375d8b672260e94b6a1e1cc1295d787e83de4b975db0378ffea9ee21650c215d99cb04f275a4bc7b1f322a4f11788acc0150cc8528bbff402658a9a085

memory/3412-797-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/3412-798-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/5380-799-0x0000000000790000-0x0000000000B42000-memory.dmp

memory/3412-801-0x00000000009F0000-0x0000000000DA2000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 40bb0f866be451c860a8b91f1cc35f72
SHA1 c61166d5ddd15d54da562cdb55238dea99176266
SHA256 d9ea530ee26bf51f806de9522a9d931fbe3c5c7ffef6217108b4bec90ec7f401
SHA512 6cf15f5e2a0a88f12778ef0d4dc62cc05d994efa3905a69acd5dbef5c06355a333cb73b388b68f22e83a97671f7985a7c8c6ffcf6f8494e907c4fd4ac10a9496

memory/3276-811-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/5380-812-0x0000000000790000-0x0000000000B42000-memory.dmp

memory/3412-813-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/3276-814-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/3276-815-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/3276-818-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/5380-817-0x0000000000790000-0x0000000000B42000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 6d39a23a10cb8d152d7bc1ddc0958b82
SHA1 21eee9bb6675e56a270d1d1604f377de98522723
SHA256 8210c6345b7c867ad48c0f3e6721bd3ac73b10ffbea1ec4398607570431ca1ca
SHA512 ad0414eae1d05c96fa7a54e8fd0617dafe8c20e783baa18216e09288d42d8aa048cc3a891a5ac06e1cb275c2c3d60753788bd5d7f4cff8f973e4d2f308187487

memory/3412-828-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/4412-830-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/3276-829-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/5380-831-0x0000000000790000-0x0000000000B42000-memory.dmp

memory/3412-832-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/4412-833-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/4412-834-0x00000000009F0000-0x0000000000DA2000-memory.dmp

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

MD5 d22c0c56c8e0f80b0efd7d6716a882fb
SHA1 526cdee1be0078b0206d9ba3d223e3d21cfa526c
SHA256 6a8c20291c2565240d64656c6b3f8e577ee6a9395ee8ce873848973640d8b590
SHA512 2f10d9f6852141d9797df91a0f5b6704553730e16f65d8c27fca83f541d1cb2df3f41844dfd1609741ea0f3a32a12aeeefcd2073f6129c3fcbdb81e51e60a4f0

memory/3276-845-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/5380-846-0x0000000000790000-0x0000000000B42000-memory.dmp

memory/4412-847-0x00000000009F0000-0x0000000000DA2000-memory.dmp

memory/3412-848-0x00000000009F0000-0x0000000000DA2000-memory.dmp