Analysis Overview
Threat Level: Known bad
The file https://github.com/Shehay/aimware-crack/releases was found to be: Known bad.
Malicious Activity Summary
XenorRat
Downloads MZ/PE file
Checks computer location settings
Executes dropped EXE
Suspicious use of NtSetInformationThreadHideFromDebugger
Drops file in System32 directory
Browser Information Discovery
System Location Discovery: System Language Discovery
Enumerates physical storage devices
Suspicious behavior: EnumeratesProcesses
Suspicious use of SendNotifyMessage
Scheduled Task/Job: Scheduled Task
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of WriteProcessMemory
Suspicious use of SetWindowsHookEx
Modifies data under HKEY_USERS
Enumerates system info in registry
Modifies Internet Explorer settings
Modifies registry class
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-13 12:08
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-13 12:08
Reported
2024-08-13 12:15
Platform
win10v2004-20240802-en
Max time kernel
366s
Max time network
368s
Command Line
Signatures
XenorRat
Downloads MZ/PE file
Checks computer location settings
| Description | Indicator | Process | Target |
| Key value queried | \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\Control Panel\International\Geo\Nation | C:\Users\Admin\Downloads\aimware_external (1).exe | N/A |
Executes dropped EXE
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\aimware_external (1).exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\aimware_external (1).exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\aimware_external (1).exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\aimware_external (1).exe | N/A |
Drops file in System32 directory
| Description | Indicator | Process | Target |
| File created | C:\Windows\System32\DriverStore\FileRepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| File created | \??\c:\windows\system32\driverstore\filerepository\display.inf_amd64_71aa85b0e2292a7a\display.PNF | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of NtSetInformationThreadHideFromDebugger
Browser Information Discovery
Enumerates physical storage devices
System Location Discovery: System Language Discovery
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\aimware_external (1).exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\schtasks.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\aimware_external (1).exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\schtasks.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\aimware_external (1).exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\DllHost.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\schtasks.exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Users\Admin\Downloads\aimware_external (1).exe | N/A |
| Key opened | \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language | C:\Windows\SysWOW64\schtasks.exe | N/A |
Enumerates system info in registry
| Description | Indicator | Process | Target |
| Key opened | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key value queried | \REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies Internet Explorer settings
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\Software\Microsoft\Internet Explorer\Toolbar | C:\Windows\explorer.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\Locked = "1" | C:\Windows\explorer.exe | N/A |
Modifies data under HKEY_USERS
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Set value (int) | \REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133680245803478072" | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Modifies registry class
| Description | Indicator | Process | Target |
| Key created | \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\NodeSlots | C:\Windows\explorer.exe | N/A |
| Set value (data) | \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell\BagMRU\MRUListEx = ffffffff | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings | C:\Windows\explorer.exe | N/A |
| Key created | \REGISTRY\USER\S-1-5-21-656926755-4116854191-210765258-1000_Classes\Local Settings\Software\Microsoft\Windows\Shell | C:\Windows\explorer.exe | N/A |
Scheduled Task/Job: Scheduled Task
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
| N/A | N/A | C:\Windows\SysWOW64\schtasks.exe | N/A |
Suspicious behavior: EnumeratesProcesses
Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
| N/A | N/A | C:\Program Files\Google\Chrome\Application\chrome.exe | N/A |
Suspicious use of AdjustPrivilegeToken
Suspicious use of FindShellTrayWindow
Suspicious use of SendNotifyMessage
Suspicious use of SetWindowsHookEx
| Description | Indicator | Process | Target |
| N/A | N/A | C:\Users\Admin\Downloads\aimware_external (1).exe | N/A |
| N/A | N/A | C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\aimware_external (1).exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\aimware_external (1).exe | N/A |
| N/A | N/A | C:\Users\Admin\Downloads\aimware_external (1).exe | N/A |
Suspicious use of WriteProcessMemory
Processes
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://github.com/Shehay/aimware-crack/releases
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:4 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=123.0.6312.123 --initial-client-data=0xf8,0xfc,0x100,0xd4,0x104,0x7ff8fc5acc40,0x7ff8fc5acc4c,0x7ff8fc5acc58
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --no-appcompat-clear --gpu-preferences=WAAAAAAAAADgAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=1664,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=1792 /prefetch:2
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=2136,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2152 /prefetch:3
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=service --no-appcompat-clear --field-trial-handle=2240,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=2464 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --field-trial-handle=3132,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3164 /prefetch:1
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --no-appcompat-clear --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --field-trial-handle=3136,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=3196 /prefetch:1
C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\123.0.6312.123\elevation_service.exe"
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=4656,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=4668 /prefetch:8
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=4992,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5128 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5116,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5276 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault6e439147h13f7h4a4ah85f1hdfa1038fe7f2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x124,0x128,0x12c,0x100,0x130,0x7ff8e9a346f8,0x7ff8e9a34708,0x7ff8e9a34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2024,5467563330015166913,16409877824712678447,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2028 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2024,5467563330015166913,16409877824712678447,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2520 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2024,5467563330015166913,16409877824712678447,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2844 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --no-appcompat-clear --gpu-preferences=WAAAAAAAAADoAAAMAAAAAAAAAAAAAAAAAABgAAEAAAA4AAAAAAAAAAAAAACEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAGAAAAAAAAAAYAAAAAAAAAAgAAAAAAAAACAAAAAAAAAAIAAAAAAAAAA== --field-trial-handle=724,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5144 /prefetch:8
C:\Windows\SysWOW64\DllHost.exe
C:\Windows\SysWOW64\DllHost.exe /Processid:{06622D85-6856-4460-8DE1-A81921B41C4B}
C:\Windows\explorer.exe
C:\Windows\explorer.exe /factory,{5BD95610-9434-43C2-886C-57852CC8A120} -Embedding
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultac30ad9dh602dh432dh9b79h249c3cdd4e5a
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff8e9a346f8,0x7ff8e9a34708,0x7ff8e9a34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2104,5213857146468942779,15512411490773732640,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2136 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2104,5213857146468942779,15512411490773732640,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2188 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2104,5213857146468942779,15512411490773732640,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=3004 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultda548301h9fa1h40f6hbed5h0fdf19f118d5
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff8e9a346f8,0x7ff8e9a34708,0x7ff8e9a34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,5034081938322476287,6184860029829563602,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,5034081938322476287,6184860029829563602,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2236 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,5034081938322476287,6184860029829563602,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2944 /prefetch:8
C:\Windows\System32\CompPkgSrv.exe
C:\Windows\System32\CompPkgSrv.exe -Embedding
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s DisplayEnhancementService
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault3607f1e9h3d81h4500ha6e2h9282477d9d13
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xbc,0x128,0x7ff8e9a346f8,0x7ff8e9a34708,0x7ff8e9a34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2136,15435578311263214154,3381359501180926417,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2148 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2136,15435578311263214154,3381359501180926417,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2200 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2136,15435578311263214154,3381359501180926417,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2744 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefault807a8230hf85eh40a8h99d8h31fd7e6c8caf
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff8e9a346f8,0x7ff8e9a34708,0x7ff8e9a34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2216,9876138772229786197,9406976204659058797,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2228 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2216,9876138772229786197,9406976204659058797,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2280 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2216,9876138772229786197,9406976204659058797,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2876 /prefetch:8
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --default-search-provider=? --out-pipe-name=MSEdgeDefaultb04aad53h011eh4ce2hb008hf0c582817261
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data" --annotation=IsOfficialBuild=1 --annotation=channel= --annotation=chromium-version=92.0.4515.131 "--annotation=exe=C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --annotation=plat=Win64 "--annotation=prod=Microsoft Edge" --annotation=ver=92.0.902.67 --initial-client-data=0x11c,0x120,0x124,0xf8,0x128,0x7ff8e9a346f8,0x7ff8e9a34708,0x7ff8e9a34718
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=gpu-process --field-trial-handle=2180,13762230811355294598,10297319885611261193,131072 --gpu-preferences=UAAAAAAAAADgAAAQAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAHgAAAAAAAAAeAAAAAAAAAAoAAAABAAAACAAAAAAAAAAKAAAAAAAAAAwAAAAAAAAADgAAAAAAAAAEAAAAAAAAAAAAAAADQAAABAAAAAAAAAAAQAAAA0AAAAQAAAAAAAAAAQAAAANAAAAEAAAAAAAAAAHAAAADQAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=2188 /prefetch:2
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --field-trial-handle=2180,13762230811355294598,10297319885611261193,131072 --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2244 /prefetch:3
C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
"C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --field-trial-handle=2180,13762230811355294598,10297319885611261193,131072 --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2812 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5220,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5192 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilReadIcon --lang=en-US --service-sandbox-type=icon_reader --no-appcompat-clear --field-trial-handle=5084,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5168 /prefetch:8
C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --no-appcompat-clear --field-trial-handle=5356,i,11115976811134755492,14727686289741202548,262144 --variations-seed-version=20240802-050153.822000 --mojo-platform-channel-handle=5324 /prefetch:8
C:\Windows\System32\rundll32.exe
C:\Windows\System32\rundll32.exe C:\Windows\System32\shell32.dll,SHCreateLocalServerRunDll {9aa46009-3ce0-458a-a354-715610a075e6} -Embedding
C:\Users\Admin\Downloads\aimware_external (1).exe
"C:\Users\Admin\Downloads\aimware_external (1).exe"
C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe
"C:\Users\Admin\AppData\Roaming\XenoManager\aimware_external (1).exe"
C:\Windows\SysWOW64\schtasks.exe
"schtasks.exe" /Create /TN "svchost.exe" /XML "C:\Users\Admin\AppData\Local\Temp\tmp1804.tmp" /F
C:\Users\Admin\Downloads\aimware_external (1).exe
"C:\Users\Admin\Downloads\aimware_external (1).exe"
C:\Windows\SysWOW64\schtasks.exe
"schtasks.exe" /Create /TN "svchost.exe" /XML "C:\Users\Admin\AppData\Local\Temp\tmp5C41.tmp" /F
C:\Users\Admin\Downloads\aimware_external (1).exe
"C:\Users\Admin\Downloads\aimware_external (1).exe"
C:\Windows\SysWOW64\schtasks.exe
"schtasks.exe" /Create /TN "svchost.exe" /XML "C:\Users\Admin\AppData\Local\Temp\tmp9A44.tmp" /F
C:\Users\Admin\Downloads\aimware_external (1).exe
"C:\Users\Admin\Downloads\aimware_external (1).exe"
C:\Windows\SysWOW64\schtasks.exe
"schtasks.exe" /Create /TN "svchost.exe" /XML "C:\Users\Admin\AppData\Local\Temp\tmpEB61.tmp" /F
Network
| Country | Destination | Domain | Proto |
| US | 8.8.8.8:53 | 8.8.8.8.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | github.githubassets.com | udp |
| US | 8.8.8.8:53 | avatars.githubusercontent.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | user-images.githubusercontent.com | udp |
| US | 185.199.109.133:443 | user-images.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | github-cloud.s3.amazonaws.com | udp |
| US | 8.8.8.8:53 | 149.220.183.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 215.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 42.36.251.142.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 240.143.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 154.110.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 133.109.199.185.in-addr.arpa | udp |
| US | 8.8.8.8:53 | g.bing.com | udp |
| US | 13.107.21.237:443 | g.bing.com | tcp |
| US | 8.8.8.8:53 | 23.159.190.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | content-autofill.googleapis.com | udp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 185.199.110.154:443 | github.githubassets.com | tcp |
| US | 8.8.8.8:53 | api.github.com | udp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| US | 140.82.113.22:443 | collector.github.com | tcp |
| GB | 20.26.156.210:443 | api.github.com | tcp |
| US | 8.8.8.8:53 | 237.21.107.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 55.36.223.20.in-addr.arpa | udp |
| NL | 142.250.179.170:443 | content-autofill.googleapis.com | tcp |
| US | 8.8.8.8:53 | 22.113.82.140.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 210.156.26.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 170.179.250.142.in-addr.arpa | udp |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | objects.githubusercontent.com | udp |
| US | 185.199.109.133:443 | objects.githubusercontent.com | tcp |
| US | 8.8.8.8:53 | 58.55.71.13.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 183.59.114.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 198.187.3.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 147.142.123.92.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 58.99.105.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 172.210.232.199.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 29.243.111.52.in-addr.arpa | udp |
| US | 8.8.8.8:53 | tse1.mm.bing.net | udp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 150.171.28.10:443 | tse1.mm.bing.net | tcp |
| US | 8.8.8.8:53 | 84.65.42.20.in-addr.arpa | udp |
| US | 8.8.8.8:53 | cxcs.microsoft.net | udp |
| GB | 23.52.177.198:443 | cxcs.microsoft.net | tcp |
| GB | 2.16.153.222:443 | www.bing.com | tcp |
| US | 8.8.8.8:53 | 198.177.52.23.in-addr.arpa | udp |
| US | 8.8.8.8:53 | 222.153.16.2.in-addr.arpa | udp |
| US | 8.8.8.8:53 | github.com | udp |
| GB | 20.26.156.215:443 | github.com | tcp |
| US | 8.8.8.8:53 | collector.github.com | udp |
| US | 140.82.114.22:443 | collector.github.com | tcp |
| US | 8.8.8.8:53 | 22.114.82.140.in-addr.arpa | udp |
| US | 147.185.221.21:6663 | tcp | |
| US | 147.185.221.21:6663 | tcp | |
| US | 147.185.221.21:6663 | tcp | |
| US | 147.185.221.21:6663 | tcp | |
| US | 147.185.221.21:6663 | tcp | |
| US | 147.185.221.21:6663 | tcp |
Files
\??\pipe\crashpad_2180_UGTNFNYUIHMUBELM
| MD5 | d41d8cd98f00b204e9800998ecf8427e |
| SHA1 | da39a3ee5e6b4b0d3255bfef95601890afd80709 |
| SHA256 | e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 |
| SHA512 | cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\SCT Auditing Pending Reports
| MD5 | d751713988987e9331980363e24189ce |
| SHA1 | 97d170e1550eee4afc0af065b78cda302a97674c |
| SHA256 | 4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945 |
| SHA512 | b25b294cb4deb69ea00a4c3cf3113904801b6015e5956bd019a8570b1fe1d6040e944ef3cdee16d0a46503ca6e659a25f21cf9ceddc13f352a3c98138c15d6af |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\BrowsingTopicsState
| MD5 | 41e9b9e46868fbb4b61c3ba8b3911571 |
| SHA1 | 27c9c0f713d7f2cfe0380d67ffb03f819f0c0d61 |
| SHA256 | 3f0fbf2532c12a7234de079905163d40c6222afc484dfd722c022a1c5811e77c |
| SHA512 | 7bd3efe39191c44fe70cde19bde055342f64aeb4ea9e2611ab7b1e53f4116a665222c827cc672f654dc825ae43576a6f86cad9fec9d9e9bf344f9827ffcdf36a |
C:\Users\Admin\Downloads\Unconfirmed 262777.crdownload
| MD5 | f3726ec3f03283f95e814d084a2769be |
| SHA1 | 44afeb86f4d8bfdd8cf49843fc79dc5c5f3d5cb8 |
| SHA256 | 20f245865bcfc518bf44fa8b1bbfa3c91724ed003d65c5002f9823deddad6d6c |
| SHA512 | 93cb5e28494193f0bec93877bfbefda33b71a61fb3d113e20e3f3bf905bc7b530e057218d6ba52c03e13054471c9e8de00e24ecea4747550e209993562d9b29c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 8a9fb42ee99d5c2317c4f44c45b3c683 |
| SHA1 | 050fd8b9f0573d009f3e3bca914407de97be470e |
| SHA256 | 82c1e784ec40ba21a798d0d41e294da68bdfb409e1d23781ab9bee40ce643280 |
| SHA512 | c1579696686aca37f2bdf7799488c3f548b05dee0a203bd582b0fa00578894e19f457f86317ba3dcaea6a390e00c24be1f4cb35f76f682f7961361bb8e603f93 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | be49692c59d9c9861f808b2c4b03559b |
| SHA1 | 5163a01eac5ef44cff7b214e754712b62981934c |
| SHA256 | bab30f4475c9cc6e9ea0ba25c0c2a0e6e72fbfa8689bcd617a66b76c611793f0 |
| SHA512 | c5b9f303d75423e17f5fce3008c6586d661a100bf33945e321a200d98d6c34423a6f811c77bcf48c9869524b108a6bbf00ddac1366fc51f7218419132d8609ae |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | a7b5b6d56c99062abaab143f082394dd |
| SHA1 | 467ad33dcb1453f8caeaf96b695e31b5a7c122e8 |
| SHA256 | f812668879a3251be535147bef4bc2f9f1ff53e74157a935d003a3f4f47a380e |
| SHA512 | 8fddee049dad4829370caac261ed7579fe16a8102f0361a3e3db0b2b7d06c9b743d09063116f5eccbd6c96a9f3bc54062e3b911340e48e08b8fff87cdec23173 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | aa28d19907da794af490941c89b82d6f |
| SHA1 | 458ee6ee103c34afd86452c37f7ae3b857f4ec73 |
| SHA256 | a81ea0a6c61af0c1d306a32f7dbc93b41ecf6ff9897a7f480a64ce495d5ae533 |
| SHA512 | 7c6cdde4a8ea9257feb0583ae31b58d2288a26b99a5035bdc817d2715a50e76c0e806ac4191cc9e086f59f57b6165e11b7bdd6467944852669159eb7c74b6d41 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 44b61f018b1f9ef6742ebd8a560e8e71 |
| SHA1 | de4d7d9b3813be21a6f94a72b4755fbcf7c83e1e |
| SHA256 | fb846f2800a064fa1f51187559c0bca4d199483c35391074475a8cbc6d97202a |
| SHA512 | 063b75aefab6f7e2886217d285e0ecdba2a1a1bfa2b22043d0853d1207cbf1f66282ae6f5bde9f8e63cb5ec5dafad8e409c3a27fe9a559d99be0a4cb6f090db2 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | f8c0bd951c7305476c41c678e5b6b01f |
| SHA1 | b9bc1c9a7511a2e3bcd37027168921f20e74ee23 |
| SHA256 | b9688aed1ff4a9712fb08ecbb8967e16e05413cf74460d67922e13cb55c84d2d |
| SHA512 | 50efbd4538bc20a019d7eda029d50b5f8e98e0f8f1e3df333a93c302bf7148ee804a8c5260a1f2ff6725501c2bc5da5df1416c90ed9c9fccde2da36c6cee8d99 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index
| MD5 | 2dc513b0c11397ac78bbc29901716c69 |
| SHA1 | da93cfedf7feb66314d4c7c659f928614ad4897f |
| SHA256 | ddd1584f722bdb2211e7d47093debb31faa51c3a9b6d45b0d0abaafb2d01164e |
| SHA512 | d7d57074e9893c17e9480da89f9c8e1a5efc48ba8670a6017c34db2f57784597cda04af8f771f91ebb412e98bc9fbf98c23d31752f619a00576cac0e8ba3ce67 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | b0dcf584232289e8dc5eb2c9d8ad0880 |
| SHA1 | b37212685fa11ff962f0dfa78fa562665ceb2a29 |
| SHA256 | 9d2d73e2e0eae9ce2fed9f7afad77f1073a22be8ade6d73706d32a43112982d0 |
| SHA512 | c17ec7e5b6eb2bf0e2da247fe82e465fa377ceb8c048290bc0200c49377b06580e8d905c8ab022d3f4b44e088bd4b76819067c9f093a15c8b38eaf19041839bf |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State
| MD5 | 58416d57bf72519851b00d5b0f3ffc9a |
| SHA1 | 753d73d07875b32f0aff4f62a8eb39e8083e08a1 |
| SHA256 | 3d129c21b127e72a0ff1bb2e4b360fa104134ada8e1d8029ec9d26604814db18 |
| SHA512 | 0438b40c1f06d5159a408811f400af23e2b3e5fb3bdb0878ed0a7f606715e9fbc83832023bcf88ec6776df7053d8371ddd5efd3144426654de59728d7e307b1d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2859f306b4de09b5a0afaf3537c13523 |
| SHA1 | 86ccd5def87c5a71d5baaa102604cb6023fe864f |
| SHA256 | 063ee8f7ca338eca39518266ae6cb242fe609f31d0684b4a7cb28ca682a32c5a |
| SHA512 | 74ded300629ac36929daa98bf96af808d710a0fa853ef7a62f38f3e653cee4ae39bff999eb9c7df4e15590d49ad308eaeb81dc7da0d0ef344b24773951abae37 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 474ec7710bc0bccf5bab0773e11f6445 |
| SHA1 | f674f98803712096e0af7cfad7049b7137ebf3f6 |
| SHA256 | e3e66a447ad33af88d923194a8f967e3abc4237bad1e42866ba48e10e9849177 |
| SHA512 | d726b0d849fd5c608f955fd3c3cfa120330b768305965f01f0630bc2a2d7e59c225d2fe434f53b5459d8cf370b9ce2d975f3146591fdac51ea7e27d8af361e64 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | b2e7404dbda576d809bca06c0f37ca14 |
| SHA1 | 4aa947df21e195430cb4660d37d96beb78e8c790 |
| SHA256 | 97419949573b68d4d30161ffd4063d8bf653d391b40d0906c53bcf9aa608f17e |
| SHA512 | ba98422aaef31c1e64bd2e4d577260a6822bfe2ab3cddb1d5b138431b94bdba40a9d1c332183078f86173afece2b1a999b13d85f0322063a5263b832a6e21e38 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 27304926d60324abe74d7a4b571c35ea |
| SHA1 | 78b8f92fcaf4a09eaa786bbe33fd1b0222ef29c1 |
| SHA256 | 7039ad5c2b40f4d97c8c2269f4942be13436d739b2e1f8feb7a0c9f9fdb931de |
| SHA512 | f5b6181d3f432238c7365f64fc8a373299e23ba8178bcc419471916ef8b23e909787c7c0617ab22e4eb90909c02bd7b84f1386fbc61e2bdb5a0eb474175da4bd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 32e4ac4cc8415958cb8ab4bce1a62618 |
| SHA1 | 566777c7193b1201bdf089b541648fa62b5fce09 |
| SHA256 | dba42fab5ae8b1935763311b72174780781c157e535a97ea3c3222153ca14546 |
| SHA512 | fab0de7c94d741d6a2679113a2d33b961aa7e11d00388d92edca35bfc7014f9315d511e3a056ba2eb61a2a8e317ceefc42102577450e57edf4710ea1c2b4f3db |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 40aadf679878ad623b9b5706e234046f |
| SHA1 | 2d44021a391eb03d295f521ef1867e90a36207b0 |
| SHA256 | 18975465f95b8af8242145f367c37a19fd50268c340da11a64fbb41a2e603a9c |
| SHA512 | 701a8ec453ab6d5e6aaa64543aa3235ce24c22404ec63a1b4408992d32f5af74054d3b9d3004866e5b48b42ef4ecc5253ef68b8e7f3b2b9196a1946fb78ef2da |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 84c1ad41a0db890c6c9cc4c6236a5676 |
| SHA1 | 28dca901f0db989dd0954e788b50ff0a99061c89 |
| SHA256 | 099482f83fd0f83b0ab3da1c5c6a9828db13c032a6756b98bbabe559b2f08108 |
| SHA512 | b7d4f3d26756d082e1df3f4da7523f37a424ff63fd78de8e59d9da87fdc172ea4dfd565c284fe9db006bd3a9d4624d1789f5c28577156ef24b9716a848a5feff |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 20dbdf5994ae3c6b4b47ca65fe90c85b |
| SHA1 | c63ea13b64bb8e039b5b20e0388eff9556baedd6 |
| SHA256 | 033059d0d767adf2006b8b63e2025d5b7d8d52a4bef6decdfbc526f2f1a1b5d8 |
| SHA512 | b7f01b609a8dcca2b45b1f8474f208c65fe2ba1dee85853da999105a48336e8a8c4a594b5fc5932b50c718a23bfbaffedbcb7a53e1b3aefd3fef372b63c87271 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 18b0488da5e3f78aaa25e8912ab7bc31 |
| SHA1 | fea99dcb6ad31277af25d477ce8eb56c2715b05f |
| SHA256 | 45db948ef103cc214b1b826acd3bdfb28352c29e7321c1aa136ad065442d820b |
| SHA512 | 4da970ccecb4ce01bb4b5c50a21cf04a772c92310155e7ed6ea52a83d4bf03f43e31a180ab1536a8431cf92431b76273e89cdf42ad5a7c00c53d27a424b1f80c |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 239ac65762e34d743c3d9bb576c95093 |
| SHA1 | aba74ea31aecd8ec62169a765e01a94900ff9a94 |
| SHA256 | fd7600b21e37f6017c01ff3481b86a8487d792ee742281885a0b2023dccfa48b |
| SHA512 | 8b7708ab4ca0ad50eed6374aee6f4cd1773f8b8924794806a0480170cac0394c143a5313a19d7370773f0c1b9787d30a63da3ca4f7b02783e5973920b8bd9dc1 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | c311993e411bb9514da5494cad6d078f |
| SHA1 | 6662101e26688c1a17f2e1d7e8248235985b8a23 |
| SHA256 | 5897229c5adcc2fe725de6ac633e07cc34ec7986cfb14cada44f8ae6b36d93a2 |
| SHA512 | 65122de2b3727b3024cea67b012e29bae5258c4d9303c39993569e9cdc7b18c01abaf8bb8fe4ddb3ae8f770b666b78c0ccef9d6ffb75a36e2573b39959f4b920 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | a798658ca3bd2e2b739355d84179966e |
| SHA1 | a48d55ef6866eda013fb61f232f27b0083c1db1a |
| SHA256 | 0a208f198050f046cf7d85a90bc49fb1b171a852301fd68924d10914c0cf8d6c |
| SHA512 | bda6e2911e6849f8ab43442f8a6b97d774134e4c1ec04ce0e3b21bb1e2dc82e7f53b310f0f331b651fec156305a4b1b232dc1cc6667012dec7bf8eca1dab2713 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 9e3fc58a8fb86c93d19e1500b873ef6f |
| SHA1 | c6aae5f4e26f5570db5e14bba8d5061867a33b56 |
| SHA256 | 828f4eacac1c40b790fd70dbb6fa6ba03dcc681171d9b2a6579626d27837b1c4 |
| SHA512 | e5e245b56fa82075e060f468a3224cf2ef43f1b6d87f0351a2102d85c7c897e559be4caeaecfdc4059af29fdc674681b61229319dda95cb2ee649b2eb98d313e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Last Version
| MD5 | 838a7b32aefb618130392bc7d006aa2e |
| SHA1 | 5159e0f18c9e68f0e75e2239875aa994847b8290 |
| SHA256 | ac3dd2221d90b09b795f1f72e72e4860342a4508fe336c4b822476eb25a55eaa |
| SHA512 | 9e350f0565cc726f66146838f9cebaaa38dd01892ffab9a45fe4f72e5be5459c0442e99107293a7c6f2412c71f668242c5e5a502124bc57cbf3b6ad8940cb3e9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | 221646a871882cc102d77ceb9b82a267 |
| SHA1 | e8e66aa99e297a1889cfa3386000463c5379dfbc |
| SHA256 | 27dbb37cb249c8585c05d471a621da62d34f701883dd9e271bb92e7f604dc816 |
| SHA512 | b4405ee026726d43298ca7f9159151be576a27e88b44ed0f22197116f2b2df3ac58e619efd538b0586a1a430d6c890e58e1688bd36aa3489ffe79d77530bef89 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\fd977cff-4b51-4529-aafe-bc06600c3292.tmp
| MD5 | 5058f1af8388633f609cadb75a75dc9d |
| SHA1 | 3a52ce780950d4d969792a2559cd519d7ee8c727 |
| SHA256 | cdb4ee2aea69cc6a83331bbe96dc2caa9a299d21329efb0336fc02a82e1839a8 |
| SHA512 | 0b61241d7c17bcbb1baee7094d14b7c451efecc7ffcbd92598a0f13d313cc9ebc2a07e61f007baf58fbf94ff9a8695bdd5cae7ce03bbf1e94e93613a00f25f21 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 68e7c0dabbe981b4510b6822df050dec |
| SHA1 | c7cb17ea98b589ee83d70184d99a4895128b8d41 |
| SHA256 | d79909c9b9b7b2cdc5160ede88fbb812af1493d33ee7f66fc550285d75ec197a |
| SHA512 | cb58cd43caa06b12aa1fe89f2a72b12b92e6d95fd6d261f52d28e7eee0c29393787d4eff5ccb5af17488de8df68635752137612beb37fd71a04ccca2a9218ce9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\ShaderCache\GPUCache\data_1
| MD5 | f50f89a0a91564d0b8a211f8921aa7de |
| SHA1 | 112403a17dd69d5b9018b8cede023cb3b54eab7d |
| SHA256 | b1e963d702392fb7224786e7d56d43973e9b9efd1b89c17814d7c558ffc0cdec |
| SHA512 | bf8cda48cf1ec4e73f0dd1d4fa5562af1836120214edb74957430cd3e4a2783e801fa3f4ed2afb375257caeed4abe958265237d6e0aacf35a9ede7a2e8898d58 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | a2ec5b5f18c51c6b82fe6605064d0751 |
| SHA1 | e7f92685cc95d7ea8751d3155b460bcf629b64d1 |
| SHA256 | 6d16a64268f604bb3dde31a4c10a337d67e04b4dc88c925fcc667ecb245005b7 |
| SHA512 | 6c68ef1f5d3021a613629640cba8c68232612c7c78adfd58fac53d30eca099ffa0099c0749b2395629b315841bef4bb5d3d412ba5203a2ab81fffd0dc6a5b812 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Network Persistent State
| MD5 | 4df4574bfbb7e0b0bc56c2c9b12b6c47 |
| SHA1 | 81efcbd3e3da8221444a21f45305af6fa4b71907 |
| SHA256 | e1b77550222c2451772c958e44026abe518a2c8766862f331765788ddd196377 |
| SHA512 | 78b14f60f2d80400fe50360cf303a961685396b7697775d078825a29b717081442d357c2039ad0984d4b622976b0314ede8f478cde320daec118da546cb0682a |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 2ff6ebfe975ef6bd18c98eba56c11f0b |
| SHA1 | c485373a9ac1bb5448a60490a9b0e50d71f5c7b8 |
| SHA256 | 824ef3a09166b600b61da782aa6dfc1f1b5222f61bdd5bceb5072ee3bfc6a518 |
| SHA512 | bcfc116e2b359ef0a4ce2fded206f75612344adce73a6c63847c4e42400aedb566c74b2eca88ae3c17abb6fb1833e7fcd32d182339d9a892fee1ac2cd6a89a84 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 98d02e9a7f1b1ef177eff7b24a17ab05 |
| SHA1 | eab9de88a335fd32226a0014ba885f92f2894c33 |
| SHA256 | b96315d8282eaf6b8a43c721725ea94a3e745bc7b1c2639d6e0764fe5c93c3ab |
| SHA512 | 8a1f31ddc0ff40dea119ea7160561c72f22bdb0e6c822d82e4e59bb170b5d16b014932a9e81762322b0e74105d2aec9e8c30a5a93e64af17251e2ed2ec283598 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 4b3de580b35f8f4cb335fa0d13a8894a |
| SHA1 | 1f92b10a49be3d9a7672af179658a5b90dbd49b7 |
| SHA256 | 55a9467c74c046f18879a5d23448a67cfe497521f88daa76b07c2fc326a56d4d |
| SHA512 | baaac7d268576e933f5961b2a0d847ba52359f516d085f1453b4b5bbbce1700ccd625effba293b7e53859ecf58d15d6a6cef07bf9892ddc7e91f7e88cfb0d6ce |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | fb471beba75e7014be735d0a58f86752 |
| SHA1 | 6109797fdb66c978f27e1be147938054e2e56b5a |
| SHA256 | 1b9e9f134f473f6e4e2294a784b1960a6b8448ce4a1f3258316c9cd4aab2a7f1 |
| SHA512 | add70b510fbcbb26c1e1b0328c56446cd621876586697f78dfbb9855fc55296a601dadecd8572a02d49cd9ae57a022dc09ae40768af9925a162efa87336fc0c0 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 1444b6f0fd10910a0bc1a1ec99529bc6 |
| SHA1 | dd8ca2a60e1f1d14f9e25c85e668d0a4260f4f4a |
| SHA256 | f07164581067aa584d8061d86d4888494acbe8185575269ceb5e9039a2af2d71 |
| SHA512 | 7cc3c11d5cd958b59fe8f2c2ace9d885b5e161c8c0599bc0a0099cba1ec3cdadaa1de70edc3e8c0bee5287c6bf8eecf2540d7446c0e760db79fee7526b587db9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | 7a8a323133d69398c5d1dabbd65b15f9 |
| SHA1 | 8c4572a418d6789648470794d21e956cef37fd3d |
| SHA256 | 2381684ebca79471b5c46bde0ae1df85cda2762b7bb332c6bf8a7e4ba08abb9c |
| SHA512 | 33c5f67eb735a3560611650bfa253243d85b8ab4bb79be18ff279d39c2e29979ddb2ee44716e00db07183cf269c3f19ead3a64598651a9f6f1ba2b3bec0bdc87 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 5b716db90aa6f65955662d931a3bf4a7 |
| SHA1 | 06663f7ba828452ecbc21023445acda916edf7e1 |
| SHA256 | 6c9cabe78f9f4e1f89144a3ce2e57adbdf1d009f4da180ba9c25baf1b3d5d30c |
| SHA512 | 09e33e86bc520660f4c9ac442bf68500d882d61aaf2d01e428b6a7c07a78e9f122f1520892c05fe8d9aee36e2084eb45e6467130f0aac587ff07cc469f1acf8c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 65fa8fd867f443833621ba0eba323667 |
| SHA1 | 1fba57aa859e0fec4f1918ee84b2f82b1f680efb |
| SHA256 | b28f4773f8b8f3066f9ffb9af89bbc8e90653a421b4f3aa4853aaa2f424725fe |
| SHA512 | 9c79c1c924b60bcf104d4b1e6d98956ac93e890bc11a84e7056894ba7392b9956c6ccc96a91e95b5d11d35b802f91feb6d0373ecf417ed15d7840bc762681cbe |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Local Storage\leveldb\LOG
| MD5 | 93d5f80d8e7ffa6c2aee4fd552285ac0 |
| SHA1 | e2b4ecc26ccf5e18ddeeb643f64ba77a072e0f10 |
| SHA256 | 2f1e9e81852ad47a0218640eca0a66cccc1cf08d5f4e79733fec8a2aa84c18ed |
| SHA512 | 1f6ccf64edf998e13beb44eed4c165ac173a8a7171825dafbcc6fc5f027df1dfafcf65f009c8f231fdd0f84003b1609cdcf378da682e637f37998e9c43a4ac45 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | cf8be01beaa4f2828f864c2682ebac34 |
| SHA1 | d8944071b9881d61c3e5b82ac7d6760a64086411 |
| SHA256 | e80e8a2aa5c408a6e17aa5c553f29191bdf4b57b8630a2060ecde43bc8d95bde |
| SHA512 | 06e12ea115a2ee74c7daf54ff1439120e5abd04880922a6718769fb486d6ff2cb6a0fcab07c7deb6e2100c803f5941708a2199388f7c0715efc2a1ebfb520835 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 372834577d56042f300ac05902b22970 |
| SHA1 | eb7ce7f523445111a066675badfc600e77d04486 |
| SHA256 | 57aef6694134a25371c6eb54a9644a1659c2bd8337235ae739e79b5cdec0302a |
| SHA512 | ba0af5bec2d44519b25f26209c868a2b6add2f7c9eee1255b35951e786112a3d8861a88948bcf0c2d60c63d0c83df17922f20bcafa0577ebf47f2aafe3a84e7e |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 3583afd09e654cf2f8be923a542fdce5 |
| SHA1 | 1295ca3285a48ec0e34113893f5033052993d308 |
| SHA256 | 1c8552e21c5175c5109cce2eba5487b7da853270d3a3685fa80418aa46aa11db |
| SHA512 | 0c4bb84ceab3bb86e6967795a63fdc7b42b416dd2b9367fdb13c2cd6826a022fc668a44c1017e4d4076432e95eb657a5183be4dc58ba16cd267c3f036713f42c |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | e30d67a8827f8baed4c468a6533b3202 |
| SHA1 | f5e1449b51777d1ce533f7316b9ca82f3fb72c67 |
| SHA256 | 4356c49e8544cd000533560afd64b8ddfdaab8b3a5e01f626da6a0c4831ee423 |
| SHA512 | 4ba9800e3e14a66820e79a23ba36405cde0088baece6feeac5770bde125eadc62eede8194cd50ddea1ce121fbbb58f21eb92865051e7f920de5fd39b440425a9 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 83cb96321f9cb53507e3ef0fb966cf4c |
| SHA1 | 2972492065a71df172fb453b5abe065b976105d9 |
| SHA256 | 2a5fbc509857746ffe51817b55d126ae378f6432b2f3ba237bce2cf7bc73fb47 |
| SHA512 | a1515a6adee518fb4861c21fe09bec90d8b7f8de1b85002eab8292a16b0c3c2f55ee8ada7f22312d27715196fca1cf8de424a0aca03287494797f74d00117360 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 9a8a2a3c34d66c7098b0c8e635eec889 |
| SHA1 | dad8e4633f1b464a705a49dd627aec6c156893a8 |
| SHA256 | b8695786b26dc927c0efa70b15c5869c8c906015358ed7c78ea695442db7defa |
| SHA512 | 2ac617ddf50e69eb5110df3e782693bdb8ac02a92e1db884909876b7f18c4b9e24fd03d7cf3ffebb724788ca8b95bc94789a6c0183fe7e4955d6bf04a58c73da |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 58c6064aa5f08fffd28307f2eadcc0ec |
| SHA1 | c40ad4c4db55841f48ef0c9469636745df11f541 |
| SHA256 | 5c370bda439fcf7957b54b42d847fd247ce2b8cc8deb86525097ba76967d67c3 |
| SHA512 | befd6b87056b6dd1fcd867e7d1fb5c93748fdf2d103f7b808a3623004a180cac1ac19803c44ba4e8ccfdbcb069d54cb9f31ed30e01642635effbf0829d6bb73a |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | 3ed9cdc3376e0048c1e008c5042f33e0 |
| SHA1 | 3514c703f4fdd37026f6f5114dbaaf73b606b7ac |
| SHA256 | 52078f5d96d31bf53b175af3dfc291a38faec01f3c6d7ed7a845f236a883ec78 |
| SHA512 | 3ea7a10ca81ba47d49c3b22521cc7e79af61bc5e53c6519193e3d64a8b5973d52a62d136da4a77315dd61c2ccd20122c5092022cb823e2bd4c4a4a965365011f |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Preferences
| MD5 | 478f8e29ed157f040b63605c289c49ba |
| SHA1 | ab112cad3fb8aed90e3d6312fcc022f9e2b93be1 |
| SHA256 | b73368a82645bf944e6f9f5144e6c4e980c1f39137557f6dfa8d068c0dc0c2cf |
| SHA512 | 190a2088416089026c0d1a2883adf046565dfe9b72ca0e1283e4f3be3d527f95c0aea446d35e7ac905077a20ab3525287096ecd6985ead51898b50af7eede4dd |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Site Characteristics Database\LOG
| MD5 | 2cd0ed70165f3e57ab72a09a6ff59b52 |
| SHA1 | 5c56e1a2fc2eb7e77e81ec5da3ae778c7425b41a |
| SHA256 | ead4ad894cb3778660947781e35917dc241e9c1180883d6fd4885e7181c8a4f5 |
| SHA512 | f4616a6c0c2c886bcadff7706fdc1d22dab8004766819a1e33bfb70c5e37f407803dc89b631b78fdb50ea3707b5e0162f28bfdfbc74adaa2137fe483c0ce09bb |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Default\Sync Data\LevelDB\LOG
| MD5 | 49745c940cbf9d9d2cec13a1123629d5 |
| SHA1 | 9b0efddf9d00ebe10e88ff6fa470439093b119f8 |
| SHA256 | cd1225c352a4daff3ef31a5de3350aefe130cd058daaefecb32505fc2b124b5d |
| SHA512 | 732cc0ede21aa264cb790aa2f9ca3c1c105579263c4e16a2873e2cb51bec6b66b776be6bb89b43816d36e7a87be4a0951e8bca0d4bb4f53fcdcd904d98e6e82d |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 13a48afdfd08eb7af2c06c13994539bb |
| SHA1 | 532edf29ddbf42ead49b1c96050759648c56065c |
| SHA256 | f38f1bb6b86c5e64864478c71d29548e503ce4c5ac207b2208a7fc53e3a1c282 |
| SHA512 | 8f5a465af8132268078c3d1bb71e9cc5a839e69c7fd17774c5e2cd1802b8c3f8c8b0fb652164cd6e841cb5f5c027738c796b0d7226515f932bb2376e393a8256 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Crashpad\settings.dat
| MD5 | 099d6bf091ebcf37e2d5213df5f02555 |
| SHA1 | fddba95b87b8705dd3fbef36e3ed9db08294fc69 |
| SHA256 | bc279b99f44652a6586cee6558eb7303ac882093f7c2fb40fbee851d1df0ead9 |
| SHA512 | e1f47123cfc9bf4b27e876c3ed1f045df5f1e0fed51d97703a4781f2a8cf6e4c373ebcec020f8c1dbfee498dd75ea2e01444445902afb82d5d3dd7ab31ca0ba1 |
C:\Users\Admin\AppData\Local\Microsoft\Edge\User Data\Local State
| MD5 | a00d5ff09538221b519cdb6cf0e61544 |
| SHA1 | c370ebaf5156d318154479143ef35a5a1500df1d |
| SHA256 | 8cfe43d5e2f74646cee5b1c07720bbfb6242496898c8678ceb71aebbd65abc94 |
| SHA512 | 9315ad693eb11864014483ac6ea2fbde85a6a29a0e4e8e5b66173a9c184fa80a829aff4e302ebf2823bc371904ddbfa057a7f20aaaf58d88a52452615a61d61b |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d420e5c4efd48de14e568448227a3b79 |
| SHA1 | 438f7c2421d5c95b787ce8286d3504708c6e7c67 |
| SHA256 | bb4db540a372a1c56864b0884a8f0193f8b5114680201eb644f7f3db78b4bfa6 |
| SHA512 | d154ab133a6eee9880be7479c456bb44a3b5175da4eff4f831d644358965595cde27643d6dc8bc179ea21b4e7e138b410ba809154b8b0953934affe6e03a3c49 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 0c195596eec0d9f72dbd56a6aa4b20c2 |
| SHA1 | ebd4f5acdfe7159276952a98d9a988915f1c0f93 |
| SHA256 | 874cbcbcd470f2167bf3c0832f9835755322902dbfa10ec87923920e13e7a08b |
| SHA512 | a92f8da4c47d1d4f671f7b568f2b413a23c703ff5b7a9a6cd53c15eaa449b2634851f125590bbd79e465e930f76281596a1b999a2717607d773add7f96c3c426 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | ce4fe76ffd516624e793b781107e6b4e |
| SHA1 | 52abfabd45dedffc3fbe2a7302ee831d84a91288 |
| SHA256 | d9c705f0044af429f75ed517a02ab1aba83688e770ec4e042b3087def0123c79 |
| SHA512 | 7eb2b226f3d32a71740da9596c9090d5f203b45bad81c780c4a69c8c5e518dafce1a5099c5f1de73303d0df00b26d9ced1bf93015c66ccaa02a38b6d37fd5dcd |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | caf3cf6b865a2101c2e106ccb122333f |
| SHA1 | e1a5a8f200c454ad6ccb4e4d4971c6168d5754ae |
| SHA256 | 869e96cfc5563573da8c0a6f9eb9d367f1b6bf28b42b93ad482064406fdf6906 |
| SHA512 | 686ef5243156c211403296236e8a925ab22c3e0e0d81d5c1b9451dc8f74ac41aab03be93935f5ea322a6ddbb6c99323606a38aad5400d150797ff39d18d1d8b8 |
memory/2212-739-0x00000000009F0000-0x0000000000DA2000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State
| MD5 | 04616c19ed9158eb08f827f99a68d089 |
| SHA1 | 0e4a78e38cabbf8854d8b6103cfe4c08100f86bc |
| SHA256 | e716ebe00283b5b44b662f72dd1248e4d76610920d20cf45ef154a0807ea86d7 |
| SHA512 | e31327ce0b4c4b49ff840320d4ef727fcdbd3ad034a2fb0267e2e5351a0968c3591fb1f045ed66a962d4f72ce40471b5cde85bc20d36d05fe9c03ef392fdfb22 |
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity
| MD5 | eb18f67d30e3d80258886ccf34b1c685 |
| SHA1 | 8f68a24b69344eecb6caf39f906297cfc524a537 |
| SHA256 | 1a26aec627e99e87050187fb380a396959abb71806636e8cde0aa15308b34c1e |
| SHA512 | 5ca6dc6b132c1d28c91239be146feea920b38af7aef6b3493b6cd118cd2ebcfaaa7b14e6c6c67fad5b59b13b6e4b8c2a2282dbb685c69abf53d5e918177a86b4 |
memory/2212-758-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/2212-771-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/5380-772-0x0000000000790000-0x0000000000B42000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 7170e76786766af5e230e23f20564bf2 |
| SHA1 | 4848b25401f361785ca58016d336ed9308950a36 |
| SHA256 | 1146eb15cfbcdb95571a32e526ab0d2ecfbaca5513fd0617085d31ff834f61dd |
| SHA512 | 42ab46b40e0885390b8e8f3e79455be0b44d08b70253d247b52f9486a5a0cb17eab01f5542bc0c3f90d4026b1026ad4fa723497026398ca010d2547c70fd5f53 |
memory/5380-782-0x0000000000790000-0x0000000000B42000-memory.dmp
memory/5380-783-0x0000000000790000-0x0000000000B42000-memory.dmp
memory/5380-784-0x0000000000790000-0x0000000000B42000-memory.dmp
memory/5380-786-0x0000000000790000-0x0000000000B42000-memory.dmp
memory/3412-787-0x00000000009F0000-0x0000000000DA2000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 32c3627e43836810f7f994a9e39dbdfc |
| SHA1 | e42970ab104bddf97a5ec3eeec55fbddbdb80e4a |
| SHA256 | a7aec8b9f978499d20a21ed59ca92b5611b654931ac8040069cf86fd023e1f69 |
| SHA512 | 801193375d8b672260e94b6a1e1cc1295d787e83de4b975db0378ffea9ee21650c215d99cb04f275a4bc7b1f322a4f11788acc0150cc8528bbff402658a9a085 |
memory/3412-797-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/3412-798-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/5380-799-0x0000000000790000-0x0000000000B42000-memory.dmp
memory/3412-801-0x00000000009F0000-0x0000000000DA2000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 40bb0f866be451c860a8b91f1cc35f72 |
| SHA1 | c61166d5ddd15d54da562cdb55238dea99176266 |
| SHA256 | d9ea530ee26bf51f806de9522a9d931fbe3c5c7ffef6217108b4bec90ec7f401 |
| SHA512 | 6cf15f5e2a0a88f12778ef0d4dc62cc05d994efa3905a69acd5dbef5c06355a333cb73b388b68f22e83a97671f7985a7c8c6ffcf6f8494e907c4fd4ac10a9496 |
memory/3276-811-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/5380-812-0x0000000000790000-0x0000000000B42000-memory.dmp
memory/3412-813-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/3276-814-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/3276-815-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/3276-818-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/5380-817-0x0000000000790000-0x0000000000B42000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | 6d39a23a10cb8d152d7bc1ddc0958b82 |
| SHA1 | 21eee9bb6675e56a270d1d1604f377de98522723 |
| SHA256 | 8210c6345b7c867ad48c0f3e6721bd3ac73b10ffbea1ec4398607570431ca1ca |
| SHA512 | ad0414eae1d05c96fa7a54e8fd0617dafe8c20e783baa18216e09288d42d8aa048cc3a891a5ac06e1cb275c2c3d60753788bd5d7f4cff8f973e4d2f308187487 |
memory/3412-828-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/4412-830-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/3276-829-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/5380-831-0x0000000000790000-0x0000000000B42000-memory.dmp
memory/3412-832-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/4412-833-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/4412-834-0x00000000009F0000-0x0000000000DA2000-memory.dmp
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences
| MD5 | d22c0c56c8e0f80b0efd7d6716a882fb |
| SHA1 | 526cdee1be0078b0206d9ba3d223e3d21cfa526c |
| SHA256 | 6a8c20291c2565240d64656c6b3f8e577ee6a9395ee8ce873848973640d8b590 |
| SHA512 | 2f10d9f6852141d9797df91a0f5b6704553730e16f65d8c27fca83f541d1cb2df3f41844dfd1609741ea0f3a32a12aeeefcd2073f6129c3fcbdb81e51e60a4f0 |
memory/3276-845-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/5380-846-0x0000000000790000-0x0000000000B42000-memory.dmp
memory/4412-847-0x00000000009F0000-0x0000000000DA2000-memory.dmp
memory/3412-848-0x00000000009F0000-0x0000000000DA2000-memory.dmp